Abstract
In the era of blossoming computer sciences and internet technology, people cannot abolish network in our lives. However, the large number of users, website services will make itself became the most favorite targets for hackers. Although these malicious behaviors can be detected by network intrusion detection system, it is difficult to generate accuracy result owing to the shortage of data. This paper proposed a solution using host intrusion detection system that focus on the host log detection of webserver. Besides using port monitoring to monitor network environment, this paper also collected signatures of web attack and malicious activities by using signature-based approach. Furthermore, this research will find out the source of the malicious files with file monitoring function, and take appropriate action to protect web services. By using the proposed mechanism of host-based intrusion detection methods, it can provide a high accuracy to bring safety for managers and users.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Stevens, M., et al.: The first collision for full SHA-1. In: Annual International Cryptology Conference. Springer, Cham (2017)
Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the ioT: Mirai and other botnets. Computer 50, 80–84 (2017)
OWASP Top 10. The ten most critical web application security risks (2017). https://www.owasp.org/images/0/0a/OWASP_Top_10_2017_GM_%28en%29.pdf
Sabahi, F., Movaghar, A.: Intrusion detection: a survey. In: 3rd International Conference on Systems and Networks Communications, ICSNC 2008. IEEE (2008)
Liao, H.-J., Lin, C.-H.R., Lin, Y.-C., Tung, K.-Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013)
Tirumala, S.S., Sathu, H., Sarrafzadeh, A.: Free and open source intrusion detection systems: a study. In: 2015 International Conference on Machine Learning and Cybernetics (ICMLC), vol. 1. IEEE (2015)
Schreiber, J.: Open source intrusion detection tools: a quick overview (2014). https://www.alienvault.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview
Nayyar, A.: The best open source network intrusion detection tools (2017). http://opensourceforu.com/2017/04/best-open-source-network-intrusion-detection-tools/
Abdou, A., Barrera, D., Van Oorschot, P.C.: What lies beneath? Analyzing automated SSH bruteforce attacks. In: International Conference on Passwords. Springer, Cham (2015)
Owens, J., Matthews, J.: A study of passwords and methods used in brute-force SSH attacks. In: USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) (2008)
Makanju, A.A.O., Zincir-Heywood, A.N., Milios, E.E.: Clustering event logs using iterative partitioning. In: Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM (2009)
Manpathak, S., Augustine, A.: HIDS: HTTP centric intrusion detection system for web servers. https://pdfs.semanticscholar.org/186c/3d84ca6a4d1d9cf0c0c1fe5297ba0da22d28.pdf
Yen, T.-F., et al.: Beehive: large-scale log analysis for detecting suspicious activity in enterprise networks. In: Proceedings of the 29th Annual Computer Security Applications Conference. ACM (2013)
Acknowledgment
The authors would like to thank the Ministry of Science and Technology of Taiwan, for financially supporting this research under Contract Nos. MOST 107-2218-E-006-036- and MOST 106-2221-E-006 -025.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Kuo, CC., Yao, SH., Hou, CL., Yang, CS. (2019). Design and Implementation of a Host-Based Intrusion Detection System for Linux-Based Web Server. In: Pan, JS., Ito, A., Tsai, PW., Jain, L. (eds) Recent Advances in Intelligent Information Hiding and Multimedia Signal Processing. IIH-MSP 2018. Smart Innovation, Systems and Technologies, vol 110. Springer, Cham. https://doi.org/10.1007/978-3-030-03748-2_44
Download citation
DOI: https://doi.org/10.1007/978-3-030-03748-2_44
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03747-5
Online ISBN: 978-3-030-03748-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)