نویسندگان
1 دانشگاه صنعتی مالک اشتر
2 دانشگاه علامه طباطبایی
چکیده
کلیدواژهها
عنوان مقاله [English]
نویسندگان [English]
Abstract
The passive defense strategies are used to protect the national security in the asymmetric defense conditions. The web application is one of the most widely used tools in the world wide web. Because of its dynamic nature, it is vulnerable to serious security risks. The discovery of cyber attacks can be seen as a method of enhancing national resistance. Anomaly based intrusion detection is an approach that focuses on the new and unknown attacks.
A method for anomaly detection in web applications using a combination of one-class classifiers, is proposed. First, in the preprocessing phase, normal HTTP traffic is logged and Features vector is extracted from each HTTP request. The proposed method consists of two steps In the training phase, the extracted features vectors associated with each request, enter the system and the model of normal requests, using combination of one-class classifiers, is learned. In the detection phase, anomaly detection operation is performed on the features vector of each HTTP request using the learned model of the training phase. S-OWA operator and other combination methods are used to combine the one-class classifiers. The data used for training and test are from CSIC2012 dataset. The detection rate and false alarm rate obtained from experiments, shows better results than other methods.
کلیدواژهها [English]