creators_name: Wang, Wei
creators_name: Masseglia, Florent
creators_name: Guyet, Thomas
creators_name: Quiniou, Rene
creators_name: Cordier, Marie-Odile
type: conference_item
datestamp: 2009-04-06 19:13:17
lastmod: 2009-04-07 14:03:00
metadata_visibility: show
title: A General Framework for Adaptive and Online Detection of Web Attacks
ispublished: pub
full_text_status: public
pres_type: poster
abstract: Detection of web attacks is an important issue in current
defense-in-depth security framework. In this paper, we pro-
pose a novel general framework for adaptive and online de-
tection of web attacks. The general framework can be based
on any online clustering methods. A detection model based
on the framework is able to learn online and deal with “con-
cept drift” in web audit data streams. Str-DBSCAN that we
extended DBSCAN [1] to streaming data as well as StrAP
[3] are both used to validate the framework. The detec-
tion model based on the framework automatically labels
the web audit data and adapts to normal behavior changes
while identifies attacks through dynamical clustering of the
streaming data. A very large size of real HTTP Log data col-
lected in our institute is used to validate the framework and
the model. The preliminary testing results demonstrated its
effectiveness.

date: 2009-04
pagerange: 1141-1141
event_title: 18th International World Wide Web Conference
event_location: Madrid, Spain
event_dates: April 20th-24th, 2009
event_type: conference
refereed: TRUE
citation: Wang, Wei <http://www2009.eprints.org/view/author/Wang=3AWei=3A=3A.html> and Masseglia, Florent <http://www2009.eprints.org/view/author/Masseglia=3AFlorent=3A=3A.html> and Guyet, Thomas <http://www2009.eprints.org/view/author/Guyet=3AThomas=3A=3A.html> and Quiniou, Rene <http://www2009.eprints.org/view/author/Quiniou=3ARene=3A=3A.html> and Cordier, Marie-Odile <http://www2009.eprints.org/view/author/Cordier=3AMarie-Odile=3A=3A.html> (2009) A General Framework for Adaptive and Online Detection of Web Attacks. In: 18th International World Wide Web Conference, April 20th-24th, 2009, Madrid, Spain.
document_url: http://www2009.eprints.org/151/1/p1141.pdf