Mahalanobis Distance Map Approach for Anomaly Detection of Web-Based Attacks
Web servers and web-based applications are commonly used as attack targets. The main issues are how to prevent unauthorised access and to protect web servers from the attack. Intrusion Detection Systems (IDSs) are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. In this paper, the authors focus on the detection of various web-based attacks using Geometrical Structure Anomaly Detection (GSAD) model and they also propose a novel algorithm for the selection of most discriminating features to improve the computational complexity of payload-based GSAD model. Linear Discriminant Analysis method (LDA) is used for the feature reduction and classification of the incoming network traffic.