IDS mailing list archives
Re: HTTP LOG files Labeling
From: Christian Bockermann <chris () jwall org>
Date: Thu, 22 May 2008 01:38:36 +0200
Am 21.05.2008 um 21:13 schrieb Stefano Zanero:
wangweifrequent () gmail com wrote:Are there some methods or tools or IDS that can be used to automatically detect HTTP attacks?If there were any, why would you be doing your research ? :)
Good point. :-)@wang: You might have want to have a look at the paper "Anomaly Detection of Web-based Attacks" by Giovanni Vigna and Christopher Kruegel (as well as "A multi-model approach to the detection of web- based attacks" by them). They did log file analysis on access log data using statistical models. This might work for you as a labeling approach.
BTW: If you are interested in more detailed data than provided by access log files you might want to have a look at ModSecurity or my WebTap application (http://www.jwall.org/web/tap/) for recording complete user-input sent to web-applications.
Regards, Chris ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.
------------------------------------------------------------------------
Current thread:
- HTTP LOG files Labeling wangweifrequent (May 20)
- RE: HTTP LOG files Labeling dai.morgan (May 21)
- <Possible follow-ups>
- Re: HTTP LOG files Labeling abhicc285 (May 21)
- Re: HTTP LOG files Labeling wangweifrequent (May 21)
- Re: HTTP LOG files Labeling Stefano Zanero (May 21)
- Re: HTTP LOG files Labeling Christian Bockermann (May 22)
- Re: HTTP LOG files Labeling Stefano Zanero (May 22)
- Re: HTTP LOG files Labeling Stefano Zanero (May 21)
- Re: Re: HTTP LOG files Labeling wangweifrequent (May 22)
- Re: HTTP LOG files Labeling Stefano Zanero (May 22)
- Re: HTTP LOG files Labeling "Zow" Terry Brugger (May 23)
- Re: HTTP LOG files Labeling Stefano Zanero (May 22)