Open Access. Powered by Scholars. Published by Universities.®

Physical Sciences and Mathematics Commons

Open Access. Powered by Scholars. Published by Universities.®

Information Security

San Jose State University

Theses/Dissertations

2016

HTTP Attack n-grams obfuscation

Articles 1 - 1 of 1

Full-Text Articles in Physical Sciences and Mathematics

Defeating N-Gram Scores For Http Attack Detection, Samyuktha Sridharan Jun 2016

Defeating N-Gram Scores For Http Attack Detection, Samyuktha Sridharan

Master's Projects

Web applications that generate malicious HTTP requests provide a platform that attackers use to exploit vulnerable machines. Such malicious traffic should be identified by network intrusion detection systems, based on traffic analysis. Previous research has shown that n-gram techniques can be successfully applied to detect HTTP attacks. In this research, we analyze the robustness of these n-gram techniques. We show that n-gram scores are surprisingly robust, but can be defeated using certain obfuscation strategies. We also consider the need for a more costlier HMM-based intrusion detection system.

Go to article