Abstract | ||
---|---|---|
A web application is one of the most critical cyber-attack targets. One of the most common methods to detect or predict web application attacks is the classification based on HTTP requests. Glastopf is a web application honeypot that logs HTTP requests and only detects SQLi, RFI, and LFI attacks. This paper aims at increasing the number of web application attacks predicted from a Glastopf log. We design a classification model using Random Forest classifiers with the ECML/PKDD 2007 Discovery Challenge and HTTP CSIC 2012 Torpeda datasets to detect eight types of web application attacks, including XSS, SQLi, path traversal, LDAPi, XPath, OS Command, SSI, and CRLFi. Empirical results using two datasets show that our model has accuracy with 97,9% on average. Furthermore, using an actual Glastopf log from our VPS, the result shows that our model can enhance the prediction on Glastopf, not only limited to three types of attacks. |
Year | DOI | Venue |
---|---|---|
2021 | 10.1109/IWBIS53353.2021.9631851 | 2021 6th International Workshop on Big Data and Information Security (IWBIS) |
Keywords | DocType | ISBN |
classification model,web application attack,Glastopf,Random Forest | Conference | 978-1-6654-2452-3 |
Citations | PageRank | References |
0 | 0.34 | 0 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Hafidh Fadhil | 1 | 0 | 0.34 |
Arif Rahman Hakim | 2 | 1 | 0.69 |