Skip to main content
Conference Proceedings

Comparing anomaly detection techniques for HTTP

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2007) 4637 LNCS 42-62
DOI: 10.1007/978-3-540-74320-0_3
90Citations
Citations of this article
91Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Much data access occurs via HTTP, which is becoming a universal transport protocol. Because of this, it has become a common exploit target and several HTTP specific IDSs have been proposed as a response. However, each IDS is developed and tested independently, and direct comparisons are difficult. We describe a framework for testing IDS algorithms, and apply it to several proposed anomaly detection algorithms, testing using identical data and test environment. The results show serious limitations in all approaches, and we make predictions about requirements for successful anomaly detection approaches used to protect web servers. © Springer-Verlag Berlin Heidelberg 2007.

Author supplied keywords

Cite

CITATION STYLE

APA

Ingham, K. L., & Inoue, H. (2007). Comparing anomaly detection techniques for HTTP. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4637 LNCS, pp. 42–62). Springer Verlag. https://doi.org/10.1007/978-3-540-74320-0_3

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free