APLICANDO A TRANSFORMADA WAVELET BIDIMENSIONAL NA DETECÇÃO DE ATAQUES WEB

Master’s Dissertation Computer Science Graduate Program Federal University of Santa Maria APPLYING TWO-DIMENSIONAL WAVELET TRANSFORM FOR THE DETECTION OF WEB ATTACKS AUTHOR: BRUNO AUGUSTI MOZZAQUATRO ADVISOR: RAUL CERETTA NUNES (UFSM) COADVISOR: ALICE DE JESUS KOZAKEVICIUS (UFSM) Presentation Place and Date: Santa Maria, February 27, 2012. With the increase web traffic of comes various threats to the security of web applications. The threats arise inherent vulnerabilities of web systems, where malicious code or content injection are the most exploited vulnerabilities in web attacks. The injection vulnerability allows the attacker to insert information or a program in improper places, causing damage to customers and organizations. Its property is to change the character frequency distribution of some requests within a set of web requests. Anomaly-based intrusion detection systems have been used to break these types of attacks, due to the diversity and complexity found in web attacks. In this context, this paper proposes a new anomaly based detection algorithm that apply the two-dimensional wavelet transform for the detection of web attacks. The algorithm eliminates the need for a training phase (which asks for reliable data) and searches for character frequency anomalies in a set of web requests, through the analysis in multiple directions and resolutions. The experiment results demonstrate the feasibility of our technique for detecting web attacks. After some adjustments on different parameters, the algorithm has obtained detection rates up to 100%, eliminating the occurrence of false positives.