Open Access
Subscription Access
Compression-Based Anomaly Detection: Resistance to Dynamic Environment for Web Security in A Robust Manner
Abstract
Most anomaly detectors, designed under assumption of stationery data stream, are showing their limitations to handle the challenges issued by the highly dynamic characteristic of Web traffic and the adversaries at the same time. As a consequence, the tasks of feature extraction, and detectors training should be adapted to dynamic environment, and be sensitive to the malicious data. In this paper, we present a detection model, a new accurate Web anomaly detector that makes a multidisciplinary cooperation between compression and variational segment model. The intrinsic features of the request can be obtained using the compression-based probability estimation, and the fine-grained structure analysis of the web request is also guaranteed. We show that our anomaly detector is accurate in detecting Web attacks that bear some polymorphic fragments in requests, and the false positive rates is very low in the Web dynamic environment.
Keywords
Anomaly detection; Compression; Web attack
Citation Format:
Jun Ma, Jianguo Yao, "Compression-Based Anomaly Detection: Resistance to Dynamic Environment for Web Security in A Robust Manner," Journal of Internet Technology, vol. 18, no. 3 , pp. 509-520, May. 2017.
Jun Ma, Jianguo Yao, "Compression-Based Anomaly Detection: Resistance to Dynamic Environment for Web Security in A Robust Manner," Journal of Internet Technology, vol. 18, no. 3 , pp. 509-520, May. 2017.
Refbacks
- There are currently no refbacks.
Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Office of Library and Information Services, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 974301, Taiwan, R.O.C.
Tel: +886-3-931-7314 E-mail: jit.editorial@gmail.com