[1]YANG Xiaofeng,LI Wei,SUN Mingming,et al.Web attack detection method on the basis of text clustering[J].CAAI Transactions on Intelligent Systems,2014,9(1):40-46.[doi:10.3969/j.issn.1673-4785.201108007]
Copy

Web attack detection method on the basis of text clustering

References:
[1] CHRISTEY S, MARTIN R A. Vulnerability type distributions in CVE [EB/OL]. [2011-08-20]. http://cwe.mitre.org/documents/vuln-trends.html.
[2] FIELDING R, GETTYS J, MOGUL J, et al. RFC-2616: hypertext transfer protocol-HTTP/1.1[S]. Montreal: Internet Engineering Task Force (IETF), 1999.
[3] INGHAM K L, SOMAYAJIB A, BURGEA J, et al. Learning DFA representations of HTTP for protecting web applications[J]. Computer Networks, 2007, 51(5): 1239-1255.
[4] CORONA I, ARIU D, GIACINTO G. HMM-Web: a framework for the detection of attacks against web applications[C]//IEEE International Conference on Communications. Dresden, Germany, 2009: 1-6.
[5] DURY A, HALLAL H H, PETRENKO A. Inferring behavioural models from traces of business applications[C]//IEEE International Conference on Web Services. Los Angeles, USA, 2009: 791-798.
[6] BACE R. Intrusion detection[M]. [S.l.]: Macmillan Publishing Co. Inc., 2000: 1-4.
[7] ROESCH M. Snort-lightweight intrusion detection for networks[C]//Proceedings of the 13th USENIX Conference on System Administration. Seattle, USA, 1999: 229-238.
[8] CHANDOLA V, BANERJEE A, KUMAR V. Anomaly detection: a survey[J]. ACM Computing Surveys, 2009, 41(3): artical no. 15.
[9] KRUEGEL C, VIGNA G. Anomaly detection of web-based attacks[C]//Proceedings of the 10th ACM Conference on Computer and Communications Security. Washington, DC, USA: ACM, 2003: 251-261.
[10] KRUEGEL C, VIGNA G, ROBERTSON W. A multi-model approach to the detection of web-based attacks[J]. Computer Networks, 2005, 48(5): 717-738.
[11] PORTNOY L, ESKIN E, STOLFO S. Intrusion detection with unlabeled data using clustering[C]//Proceedings of ACM CSS Workshop on Data Mining Applied to Security. Philadelphia, USA, 2001: 5-8.
[12] MAHONEY M V, CHAN P K. Learning nonstationary models of normal network traffic for detecting novel attacks[C]//Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. New York, USA: ACM, 2002: 376-385.
[13] WARRENDER C, FORREST S, PEARLMUTTER B. Detecting intrusions using system calls: alternative data models[C]//Proceedings of IEEE Symposium on Security and Privacy. Oakland, USA, 1999: 133-145.
[14] SENGAR H, WIJESEKERA D, WANG H, et al. VoIP intrusion detection through interacting protocol state machines[C]//Proceedings of International Conference on Dependable Systems and Networks. Philadelphia, USA: IEEE/IFIP, 2006: 393-402.
[15] 周东清,张海锋,张绍武,等.基于HMM的分布式拒绝服务攻击检测方法[J].计算机研究与发展, 2005, 42(9): 1594-1599.ZHOU Qingdong, ZHANG Haifeng, ZHANG Shaowu, et al. A DDos attack detection method based on hidden Markov model[J]. Journal of Computer Research and Development, 2005, 42(9): 1594-1599.
[16] INGHAM K L, INOUE H. Comparing anomaly detection techniques for HTTP[C]//Proceedings of the 10th International Conference on Recent Advances in Intrusion Detection. Gold Goast, Australia, 2007: 42-62.
[17] JULISCH K. Clustering intrusion detection alarms to support root cause analysis[J]. ACM Transactions on Information and System Security, 2003, 6(4): 443-471.
[18] HAINES J W, LIPPMANN R P, FRIED D J, et al. 1999 DARPA intrusion detection system evaluation: design and procedures, TR-1062[R]. Lexington, USA: Lincoln Laboratory, Massachusetts Institute of Technology, 2001.
[19] LIPPMANN R P, HAINES J W, FRIED D J, et al. The 1999 DARPA off-line intrusion detection evaluation[J]. Computer Networks, 2000, 34(4): 579-595.
[20] The UCI KDD Archive. KDD Cup 1999 data[EB/OL]. (1999-10-28)[2011-08-20]. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
Similar References:

Memo

-

Last Update: 1900-01-01

Copyright © CAAI Transactions on Intelligent Systems