We apologize for a recent technical issue with our email system, which temporarily affected account activations. Accounts have now been activated. Authors may proceed with paper submissions. PhDFocusTM
CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

A Rule based Http Anomaly Classifier

by Sandeep Sahu, Amit Kumar Dewangan
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 106 - Number 16
Year of Publication: 2014
Authors: Sandeep Sahu, Amit Kumar Dewangan
10.5120/18606-9901

Sandeep Sahu, Amit Kumar Dewangan . A Rule based Http Anomaly Classifier. International Journal of Computer Applications. 106, 16 ( November 2014), 32-37. DOI=10.5120/18606-9901

@article{ 10.5120/18606-9901,
author = { Sandeep Sahu, Amit Kumar Dewangan },
title = { A Rule based Http Anomaly Classifier },
journal = { International Journal of Computer Applications },
issue_date = { November 2014 },
volume = { 106 },
number = { 16 },
month = { November },
year = { 2014 },
issn = { 0975-8887 },
pages = { 32-37 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume106/number16/18606-9901/ },
doi = { 10.5120/18606-9901 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:39:35.418676+05:30
%A Sandeep Sahu
%A Amit Kumar Dewangan
%T A Rule based Http Anomaly Classifier
%J International Journal of Computer Applications
%@ 0975-8887
%V 106
%N 16
%P 32-37
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Ever since the inception of internet network security has been the prime important area of research for computer scientists. Network security using Honeypot presents a system that pretends to have one or more network vulnerabilities that a blackhat is looking for. Actually it does not have those vulnerabilities; it does so just to deceive the intruder by stealthily monitoring the network. Honeypots are emerging technology and have got lot of attention of late. In this research work, our system uses the advantages of Honeypot for implementing an intrusion detection system. There are two major part of our research work. First is data accumulator and second is data analyzer. For data accumulation, we have used honeypot. We have also used open source tool Honeyd which is available free of cost. Honeyd is a powerful tool which can simulate even complex networks very easily. Second part is data analyzer which analyzes data captured by the Honeyd. This part of the system is basically a java based Intrusion detection system which can work along honeyd system. This is a basic pattern based IDS which uses snort rule base to detect intrusion. It is a feature rich data analyzer which can detect intrusion. Function of the system is quite simple it reads the data logged by the honeypot system and looks for intrusion pattern of rule base into the packets. This analyzer can work in both offline and online mode; in online mode it reads data directly from the network interface card while in offline mode it reads data from binary files (tcpdump) which also gives it an advantage that it can analyze data from other resources as well.

References
  1. Dustin Lee, Jeff Rowe, Calvin Ko, Karl Levitt, "Detecting and Defending against Web-Server Fingerprinting",IEEE Computer Society , PP. 321-330, 2002.
  2. R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, A. Tiwari, H. Yang and S. Zhou"Specification-based Anomaly Detection : A New Approach for Detecting Network Intrusions",ACM 1-58113-612-9/02/0011, PP. 18-22 , 2002.
  3. Talasila Vamsidhar, Reddyboina Ashok and RayalaVenkat, "Intrusion Detection System for Web Application With Attack Classification" , Journal of Global Research in Computer Science ,Volume 3, No. 12, PP. 44-50, 2012.
  4. V. Jyothsna,V. V. Rama Prasad ,K. Munivara Prasad , "A Review of Anomaly based Intrusion Detection Systems", International Journal of Computer Applications, Volume 28– No. 7, PP. 26-35, 2011.
  5. Juan M. Estevez-Tapiador, Pedro Garcia-Teodoro, Jesus E. D?az-Verdejo "Measuring normality in HTTP traffic for anomaly-based intrusion detection", Elsevier Computer Networks, Volume 45, PP. 175–193 , 2004.
  6. Niels Provos , "Honeyd: A Virtual Honeypot Daemon ", Center for InformationTechnology Integration University of Michigan.
Index Terms

Computer Science
Information Sciences

Keywords

Honeypot Data Capturing Engine Data Accumulator

Powered by PhDFocusTM