Sciweavers

RAID
2007
Springer

Comparing Anomaly Detection Techniques for HTTP

14 years 6 months ago
Comparing Anomaly Detection Techniques for HTTP
Much data access occurs via HTTP, which is becoming a universal transport protocol. Because of this, it has become a common exploit target and several HTTP specific IDSs have been proposed as a response. However, each IDS is developed and tested independently, and direct comparisons are difficult. We describe a framework for testing IDS algorithms, and apply it to several proposed anomaly detection algorithms, testing using identical data and test environment. The results show serious limitations in all approaches, and we make predictions about requirements for successful anomaly detection approaches used to protect web servers.
Kenneth L. Ingham, Hajime Inoue
Added 09 Jun 2010
Updated 09 Jun 2010
Type Conference
Year 2007
Where RAID
Authors Kenneth L. Ingham, Hajime Inoue
Comments (0)