Boosting web intrusion detection systems by inferring positive signatures

D. Bolzoni, S. Etalle

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

4 Citaten (Scopus)
2 Downloads (Pure)


We present a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two groups: the "regular" and the "irregular" ones, and applying a new method for anomaly detection on the "regular" ones based on the inference of a regular language. We support our proposal by realizing Sphinx, an anomaly-based intrusion detection system based on it. Thorough benchmarks show that Sphinx performs better than current state-of-the-art systems, both in terms of false positives/false negatives as well as needing a shorter training period.
Originele taal-2Engels
TitelOn the Move to Meaningful Internet Systems 2008: OTM 2008 Confederated International Conferences (Monterrey, Mexico, November 9-14, 2008), Part II
RedacteurenR. Meersman, Z. Tari
Plaats van productieBerlin
ISBN van geprinte versie978-3-540-88872-7
StatusGepubliceerd - 2008

Publicatie series

NaamLecture Notes in Computer Science
ISSN van geprinte versie0302-9743


Duik in de onderzoeksthema's van 'Boosting web intrusion detection systems by inferring positive signatures'. Samen vormen ze een unieke vingerafdruk.

Citeer dit