@book{dfbb24b28a004a38aed47981a884fd50,
title = "Boosting Web Intrusion Detection Systems by Inferring Positive Signatures",
abstract = "We present a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two groups: the {"}regular{"} and the {"}irregular{"} ones, and applying a new method for anomaly detection on the {"}regular{"} ones based on the inference of a regular language. We support our proposal by realizing Sphinx, an anomaly-based intrusion detection system based on it. Thorough benchmarks show that Sphinx performs better than current state-of-the-art systems, both in terms of false positives/false negatives as well as needing a shorter training period.",
keywords = "IR-64826, METIS-251029, SCS-Cybersecurity, EWI-12923",
author = "D. Bolzoni and Sandro Etalle",
year = "2008",
month = jun,
day = "24",
language = "Undefined",
series = "CTIT Technical Report Series",
publisher = "Centre for Telematics and Information Technology (CTIT)",
number = "302/TR-CTIT-08-43",
address = "Netherlands",
}