Host-based Web Anomaly Intrusion Detection System, an Artificial Immune System Approach
Recently, the shortcomings of current security solutions in protecting web servers and web applications against web-based attacks have encouraged many researchers to work on web intrusion detection systems (WIDSs). In this paper, a host-based web anomaly detection system is presented which analyzes the POST and GET requests processed and logged in web servers access log files. A special kind of web access log file is introduced which eliminates the shortcomings of common log files for defining legitimate users sessions boundaries. Different features are extracted from this access log file in order to model the operations of the system. For the detection task, we propose the use of a novel approach inspired by the natural immune system. The capability of the proposed mechanism is evaluated by comparing the results to some well-known neural networks. The results indicate high ability of the immune inspired system in detecting suspicious activities.
Keywords: Host-based Web Anomaly IDS, Enhanced Custom Log File, Artificial Immune System, Negative Selection Algorithm, Neural Network
Download Full-Text
ABOUT THE AUTHORS
Iman Khalkhali
School of Engineering and Science, Sharif University of Technology-International Campus Kish Island, Iran
Reza Azmi
Department of Computer Engineering, Alzahra University Tehran, Iran
Mozhgan Azimpour-Kivi
School of Engineering and Science, Sharif University of Technology-International Campus Kish Island, Iran
Mohammad Khansari
Departmen of Network Science and Technology, Faculty of New Science and Technology, University of Tehran
Iman Khalkhali
School of Engineering and Science, Sharif University of Technology-International Campus Kish Island, Iran
Reza Azmi
Department of Computer Engineering, Alzahra University Tehran, Iran
Mozhgan Azimpour-Kivi
School of Engineering and Science, Sharif University of Technology-International Campus Kish Island, Iran
Mohammad Khansari
Departmen of Network Science and Technology, Faculty of New Science and Technology, University of Tehran