1 research outputs found
Design and implementation of a web-based intrusion prevention system: a new hybrid model
Firewalls, intrusion detection and prevention systems are used to
protect web applications against network attacks. HTTP is also used to
attack to web applications. HTTP request detections are performed in
order to prevent these attacks. In this study, a new hybrid model is
proposed which uses signature-based detection and anomaly based
detection to prevent web-based attacks. Some types of web-based known
attacks detection were implemented by signature-based detection. Anomaly
based detection were implemented by bayes classification, which is a
data mining technique, using features of Alfanumeric Character, Letter
Frequency and Request Length. Because signature based detection is
faster than anomaly based detection, signature based detection database
is updated with detected anomaly HTTP requests obtained by anomaly based
detection. Proposed model was tested by using CSIC 2010, ECML-PKDD 2007
and WUGD 2015 dataset which is generated during this study. According to
the test results; anomaly based detection was conducted with a high mean
achievement percentage (95,1\%). The test results were compared with
some similar studies. According to the comparison results, proposed
model provided high performance and low false positive rate compared to
the other studies