본문 바로가기
  • Home

Anomaly Detection Scheme of Web-based attacks by applying HMM to HTTP Outbound Traffic

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2012, 17(5), pp.33-40
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science

최병하 1 Sungkyo Choi 2 Kyungsan CHO 1

1단국대학교
2강원대학교

Accredited

ABSTRACT

In this paper we propose an anomaly detection scheme to detect new attack paths or new attack methods without false positives by monitoring HTTP Outbound Traffic after efficient training. Our proposed scheme detects web-based attacks by comparing tags or javascripts of HTTP Outbound Traffic with normal behavioral models which apply HMM(Hidden Markov Model). Through the verification analysis under the real-attacked environment, we show that our scheme has superior detection capability of 0.0001% false positive and 96% detection rate.

Citation status

* References for papers published after 2022 are currently being built.