eprintid: 2640 rev_number: 8 eprint_status: archive userid: 275 dir: disk0/00/00/26/40 datestamp: 2017-11-19 09:48:18 lastmod: 2017-11-19 09:48:18 status_changed: 2017-11-19 09:48:18 type: conference_item metadata_visibility: show creators_name: Pham, Minh Duc creators_name: Ly, Van Tuan creators_name: Le, Dinh Thanh creators_id: 14020123@vnu.edu.vn creators_id: tuanlv@vnu.edu.vn creators_id: thanhld@vnu.edu.vn title: Identification of Paths and Parameters in RESTful URLs for the Detection of Web Attacks ispublished: pub subjects: IT divisions: fac_fit abstract: Attribute-specific models are quite effective in the detection of web attacks. Nevertheless, none of existing attribute-specific models can be applied directly to modern web applica-tions, which are dominant today and which use RESTful URLs. The barrier is that paths and parameters are mixed in URLs so that detection systems cannot identify which programs and attributes are which. To remove this barrier, this paper is the first one dealing with the identification of paths and parameters in RESTful URLs. The problem is raised, then a simple yet effective method to solve the problem is proposed. We validate our method via experiments. date: 2017-11-24 date_type: published full_text_status: none pres_type: paper event_title: The 4th NAFOSTED Conference on Information and Computer Science (NICS) event_location: Hanoi, Vietnam event_dates: 24-25 November 2017 event_type: conference refereed: TRUE referencetext: [1] Cyber Attacks Statistics, http://www.hackmageddon.com/2016/01/11/2015-cyber-attacks-satistics, 2015. [2] David Douglas and Thomas Peucker, "Algorithms for the reduction of the number of points required to represent a digitized line or its caricature," The Canadian Cartographer, 10(2):112-122, 1973. [3] C. Kruegel, G. Vigna and W. Robertson, "A multi-model approach to the detection of web-based attacks," Computer Networks, 48(5):717-738, 2005. [4] Aditya Oza, Kevin Ross, Richard M. Low and Mark Stamp, "HTTP attack detection using n-gram analysis," Computers & Security, 45:242-254, 2014. [5] R. Perdisci, D. Ariu, P. Fogla, G. Giacinto and W. Lee, "McPAD: A multiple classifier system for accurate payload-based anomaly detec-tion," Computer Networks, Special Issue on Traffic Classification and Its Applications to Modern Networks, 5(6):864-881, 2009. [6] Urs Ramer, "An iterative procedure for the polygonal approximation of plane curves," Computer Graphics and Image Processing, 1(3):244-256, 1972. [7] Mayank Swarnkar and Neminath Hubballi, "OCPAD: One class Naive Bayes classifier for payload based anomaly detection," Expert Systems with Applications, 64:330-339, 2016. [8] C. Torrano-Gimenez, "Study of stochastic and machine learning tech-niques for anomaly-based web attack detection," PhD Dissertation,Universidad Carlos III de Madrid, 2015. [9] K. Wang and S. Stolfo, "Anomaly payload-based network intrusion detection," Recent Advances in Intrusion Detection, 203-222, 2004. [10] Web Application Security Statistics, http://projects.webappsec.org/w/page/13246989/Web-Application-Security-Statistics, 2008. [11] Thanh Le Dinh and Tien Phan Xuan, "On the usage of character distribution for the detection of web attacks," KSE-2017. [12] A. H. Yaacob, N. M. Ahmad, N. N. Ahmad and M. Roslee, "Moving towards positive security model for web application firewall," Interna-tional Scholarly and Scientific Research & Innovation, 6(12), 2012. [13] M. L. Rivas, "Profiling web applications for improved intrusion detec-tion," SANS Institute Reading Room, 2016. citation: Pham, Minh Duc and Ly, Van Tuan and Le, Dinh Thanh (2017) Identification of Paths and Parameters in RESTful URLs for the Detection of Web Attacks. In: The 4th NAFOSTED Conference on Information and Computer Science (NICS), 24-25 November 2017, Hanoi, Vietnam.