Volume 8 Number 2 (Feb. 2013)
Home > Archive > 2013 > Volume 8 Number 2 (Feb. 2013) >
JCP 2013 Vol.8(2): 341-348 ISSN: 1796-203X
doi: 10.4304/jcp.8.2.341-348

Modeling Web Session for Detecting Pseudo HTTP Traffic

Yi Xie1, Shengsheng Tang2, Xiangnong Huang3, and Chenghua Tang4
1 School of Information Science and Technology, Sun Yat-Sen University, Guangzhou 510275, P.R. China.
2 Department of Engineering Technology, Missouri Western State University St. Joseph, MO 64507, US
3 Network and Information Technology Center, Sun Yat-Sen University, Guangzhou 510275, P.R. China.
4 School of Computer Science and Eng., Guilin University of Electronic Tech.,Guilin 541004, China


Abstract—More and more Internet services and applications are transferred by the HTTP protocol due to its openness. This brings new challenges to the security management of network boundary. In this paper, a new approach is proposed to detect the pseudo Web behavior which abuses the general HTTP protocol to pass through the network boundary. A new parameter is defined to extract the features of Web-session based on the inter-arrival time of HTTP requests. A nonlinear mapping function is introduced to protect the weak signals from the interference of the infrequent large values. An hidden Markov model with state duration is applied to describe the normal access behavior of Web sessions. The proposed model is dynamic, and does not rely on presupposed threshold and client- or server-side data which are widely used in traditional session detection approaches. An objective function is derived for predicting the near future behavior of a user’s Web-session. The deviation between the prediction result and the real observation is used for detecting the pseudo Web behavior. Experiments based on real HTTP traces from large-scale Web proxies are implemented to valid the proposal.

Index Terms—Web session, modeling, detection

[PDF]

Cite: Yi Xie, Shengsheng Tang, Xiangnong Huang, and Chenghua Tang, " Modeling Web Session for Detecting Pseudo HTTP Traffic," Journal of Computers vol. 8, no. 2, pp. 341-348, 2013.

General Information

ISSN: 1796-203X
Abbreviated Title: J.Comput.
Frequency: Monthly
Editor-in-Chief: Prof. Liansheng Tan
Executive Editor: Ms. Nina Lee
Abstracting/ Indexing: DBLP, EBSCO,  ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat, CNKI,etc
E-mail: jcp@iap.org
  • Aug 16, 2019 News!

    Vol 14, No 8 has been published with online version   [Click]

  • Jul 19, 2019 News!

    Vol 14, No 7 has been published with online version   [Click]

  • Jun 21, 2019 News!

    Vol 14, No 6 has been published with online version   [Click]

  • Apr 28, 2019 News!

    Vol 14, No 5 has been published with online version 7 papers are published in this issue after peer review   [Click]

  • Mar 20, 2019 News!

    Vol 14, No 3 has been published with online version   [Click]

  • Read more>>