POSTER: Towards Automating Detection of Anomalous HTTP Requests with Joint Probability Estimation of Characters

0Citations
Citations of this article
8Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Web applications are often exploited using different techniques like injection, buffer overflow, etc. An HTTP request carrying such malicious content will be different from a normal request. In this paper we propose to detect such anomalous HTTP requests using regular expression based signatures. These signatures are generated using character combinations specifically identified from known malicious requests. We identify certain characters which are useful for differentiating normal and anomalous requests using their frequency value comparison and subsequently select those combinations which have high chances of appearing together by estimating their joint probability values. We experiment with few sample attack types and show that proposed method can identify anomalous HTTP requests.

Cite

CITATION STYLE

APA

Khandait, P., Hubballi, N., & Franke, K. (2020). POSTER: Towards Automating Detection of Anomalous HTTP Requests with Joint Probability Estimation of Characters. In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2020 (pp. 889–891). Association for Computing Machinery, Inc. https://doi.org/10.1145/3320269.3405434

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free