José Giménez
, Cristian Cappo
Universidad Nacional de Asunción. San Lorenzo Paraguay
email: jdgimenez@gmail.com, ccappo@pol.una.py
, Cristian Cappo
Universidad Nacional de Asunción. San Lorenzo Paraguay
Web applications have become the most popular systems to be developed today. This is because they have several advantages compared to “desktop†systems. Due to massive use of web applications they have become one of the main targets for cyberattacks. They are also used as the principal vectors for more sophisticated attacks. In this paper we present an online anomaly based detector for web applications which implements various detection models proposed in the literature. Our proposed detector includes new anomaly models for HTTP requests based on XML or JSON which are formats that usually used in web services and AJAX applications. We also present a framework to include and to evaluate new anomaly models in the detector.
@InProceedings{CLEI-2015:144706,
author = {José Giménez and Cristian Cappo},
title = {HTTP-WS-AD: An Anomaly Detector oriented to web applications and web services},
booktitle = {2015 XLI Latin American Computing Conference (CLEI)},
pages = {201--212},
year = {2015},
editor = {Hector Cancela and Alex Cuadros-Vargas and Ernesto Cuadros-Vargas},
address = {Arequipa-Peru},
month = {October},
organization = {CLEI},
publisher = {CLEI},
url = {http://clei.org/clei2015/144706},
isbn = {978-1-4673-9143-6},
}