Abstract
The idea of service oriented architecture (SOA) and the wide adoption of the cloud computing cause the rapid advancement of web applications. Also the constantly increasing expectations of end-users concerning the usability of graphical interfaces have become a driving force for new information and communication technologies. However, as new technologies, frameworks and software solutions are created, it often happens that accidentally software flaws are introduced. In many cases, those flaws may have serious implications, such as privileges escalation, server and client sides infection with the malware or sensitive data leakage. Therefore, recent cyber incidents concerning web applications show that the new countermeasures are needed in order to protect the web layer. In this paper we propose the method that adapts the Extreme Learning Machine to solve the two class classification problem in the Web Layer Anomaly Detection domain. Our experiments give promising results proving that this technique can be used to effectively detect cyber attacks targeting web applications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Owasp top 10 2013 (2016). https://code.google.com/p/apache-scalp/
Giménez, C.T., Villegas, A.P., Marañón, G.Á.: The http dataset CSIC 2010 (2010). http://users.aber.ac.uk/pds7/csic_dataset/csic2010http.html
Choraś, M., Kozik, R.: Evaluation of various techniques for SQL injection attack detection. In: Burduk, R., Jackowski, K., Kurzynski, M., Wozniak, M., Zolnierek, A. (eds.) Proceedings of the 8th International Conference on Computer Recognition Systems CORES 2013, vol. 226, pp. 753–762. Springer, Switzerland (2013)
Apache Community: Apache log analyzer for security (2016). https://code.google.com/p/apache-scalp/
Damele, B., Stampar, M.: SQLMap: automatic SQL injection and database takeover tool (2015)
Gaikwad, S., Bogiri, N.: Levenshtein distance algorithm for efficient and effective XML duplicate detection. In: 2015 International Conference on Computer, Communication and Control (IC4), pp. 1–5. IEEE (2015)
Huang, G.B., Zhu, Q.Y., Siew, C.K.: Extreme learning machine: a new learning scheme of feedforward neural networks. In: Proceedings of 2004 IEEE International Joint Conference on Neural Networks, vol. 2, pp. 985–990. IEEE (2004)
Huang, G.B., Zhu, Q.Y., Siew, C.K.: Extreme learning machine: theory and applications. Neurocomputing 70(1), 489–501 (2006)
Ingham, K.L., Inoue, H.: Comparing anomaly detection techniques for HTTP. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 42–62. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74320-0_3
Kozik, R., Choraś, M.: Solution to data imbalance problem in application layer anomaly detection systems. In: Martínez-Álvarez, F., Troncoso, A., Quintián, H., Corchado, E. (eds.) HAIS 2016. LNCS (LNAI), vol. 9648, pp. 441–450. Springer, Heidelberg (2016). doi:10.1007/978-3-319-32034-2_37
OWASP: project homepage (2016). https://www.owasp.org/index.php
PCRE: perl compatible regular expressions (2016). http://www.pcre.org/
PHPIDS: project homepage (2016). https://github.com/PHPIDS/PHPIDS
SNORT: project homepage (2016). http://www.snort.org/
Owasp Team: Owasp zed attack proxy project (2016). https://www.owasp.org/index.php
TripWire: the talktalk breach (2016). http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/the-talktalk-breach-timeline-of-a-hack/
Wang, N., Han, J., Fang, J.: An anomaly detection algorithm based on lossless compression. In: 2012 IEEE 7th International Conference on Networking, Architecture and Storage (NAS), pp. 31–38. IEEE (2012)
PC World: Havex malware variants target industrial control system and scada users (2016). http://www.pcworld.com/article/2367240/new-havex-malware-variants-target-industrial-control-system-and-scada-users.html
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kozik, R., Choraś, M., Hołubowicz, W., Renk, R. (2017). Extreme Learning Machines for Web Layer Anomaly Detection. In: Choraś, R. (eds) Image Processing and Communications Challenges 8. IP&C 2016. Advances in Intelligent Systems and Computing, vol 525. Springer, Cham. https://doi.org/10.1007/978-3-319-47274-4_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-47274-4_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-47273-7
Online ISBN: 978-3-319-47274-4
eBook Packages: EngineeringEngineering (R0)