HTTP attack detection using n-gram analysis

Abstract

HTTP Attack Detection using N-gram Analysis by Adityaram Oza Previous research has shown that byte level analysis of HTTP traffic offers a practical solution to the problem of network intrusion detection and traffic analysis. Such an approach does not require any knowledge of applications running on web servers or any pre-processing of incoming data. In this project, we apply three ngram based techniques to the problem of HTTP attack detection. The goal of such techniques is to provide a first line of defense by filtering out the vast majority of benign HTTP traffic. We analyze our techniques in terms of accuracy of attack detection and performance. We show that our techniques provide more accurate detecting and are more efficient in comparison to a previously analyzed HMM-based technique.

DOI: 10.1016/j.cose.2014.06.002

65 Figures and Tables

Cite this paper

@article{Oza2014HTTPAD, title={HTTP attack detection using n-gram analysis}, author={Aditya Oza and Kevin Ross and Richard M. Low and Mark Stamp}, journal={Computers & Security}, year={2014}, volume={45}, pages={242-254} }