{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T14:44:18Z","timestamp":1773153858674,"version":"3.50.1"},"reference-count":22,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2020,2,3]],"date-time":"2020-02-03T00:00:00Z","timestamp":1580688000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2020,2,3]],"date-time":"2020-02-03T00:00:00Z","timestamp":1580688000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61672179"],"award-info":[{"award-number":["61672179"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61370083"],"award-info":[{"award-number":["61370083"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61402126"],"award-info":[{"award-number":["61402126"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61901134"],"award-info":[{"award-number":["61901134"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100005046","name":"Natural Science Foundation of Heilongjiang Province","doi-asserted-by":"crossref","award":["F2015030"],"award-info":[{"award-number":["F2015030"]}],"id":[{"id":"10.13039\/501100005046","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100005046","name":"Natural Science Foundation of Heilongjiang Province","doi-asserted-by":"crossref","award":["F201336"],"award-info":[{"award-number":["F201336"]}],"id":[{"id":"10.13039\/501100005046","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Fundamental Research Funds in Heilongjiang Provincial Department of Education","award":["No. 135109247, No.135109243, No.12541872, No. 135209239"],"award-info":[{"award-number":["No. 135109247, No.135109243, No.12541872, No. 135209239"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Wireless Com Network"],"published-print":{"date-parts":[[2020,12]]},"abstract":"Abstract<\/jats:title>The current network traffic is large, and the network attacks have multiple types. Therefore, anomaly detection model combined with machine learning is developing rapidly. Frequent occurrences of Web Application Firewall (WAF) bypass attacks and the redundancy of the data characteristics in Hypertext Transfer Protocol (HTTP) protocol make it difficult to extract data characteristics. In this paper, an integrated web intrusion detection system combined with feature analysis and support vector machine (SVM) optimization is proposed. By using expert\u2019s knowledge, the characteristics of the common Web attacks are analyzed. The related data characteristics are selected by the analysis of the HTTP protocol. In the classification learning, the mature and robust support vector machine algorithm is utilized and the grid search method is used for the parameter optimization. Consequently, a better detection capability on Web attacks can be obtained. By using the HTTP DATASET CSIC 2010 data set, experiments have been carried out to compare the detection capability of different kernel functions. The results show that the proposed system performs good in the detection capability and can detect the WAF bypass attacks effectively.<\/jats:p>","DOI":"10.1186\/s13638-019-1591-1","type":"journal-article","created":{"date-parts":[[2020,2,3]],"date-time":"2020-02-03T15:03:39Z","timestamp":1580742219000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":43,"title":["Web intrusion detection system combined with feature analysis and SVM optimization"],"prefix":"10.1186","volume":"2020","author":[{"given":"Chao","family":"Liu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jing","family":"Yang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jinqiu","family":"Wu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,2,3]]},"reference":[{"key":"1591_CR1","volume-title":"Global Threat Intelligence Center (GTIC) Quarterly Threat Intelligence report Q2","author":"NNT Security","year":"2017","unstructured":"NNT Security. 2017 Global Threat Intelligence Center (GTIC) Quarterly Threat Intelligence report Q2. http:\/\/www.nttcomsecurity.com\/uploads\/documentdatabase\/NTT%20Security%20Q2%202017_FINAL.pdf"},{"issue":"3","key":"1591_CR2","doi-asserted-by":"publisher","first-page":"743","DOI":"10.21917\/ijsc.2014.0106","volume":"4","author":"S Devaraju","year":"2014","unstructured":"S. Devaraju, Performance comparison for intrusion detection system using neural network with KDD Dataset [J]. Ictact J. Soft Comput. 4(3), 743\u2013752 (2014)","journal-title":"Ictact J. Soft Comput."},{"key":"1591_CR3","first-page":"155","volume":"1","author":"Y Zhao","year":"2016","unstructured":"Y. Zhao, Network intrusion detection system model based on data mining [C]\/\/ Ieee\/acis International Conference on Software Engineering, Artificial Intelligence, NETWORKING and Parallel\/distributed Computing. IEEE 1, 155\u2013160 (2016)","journal-title":"IEEE"},{"key":"1591_CR4","unstructured":"Mukkamala S, Janoski G, Sung A. Intrusion detection using neural networks and support vector machines[C]\/\/ International Joint Conference on Neural Networks. IEEE,(2002), pp.1702\u20131707"},{"key":"1591_CR5","volume-title":"Intrusion detection system by fuzzy interpolation [C]\/\/ IEEE International Conference on Fuzzy Systems","author":"L Yang","year":"2017","unstructured":"Yang L , Li J , Fehringer G, et al. Intrusion detection system by fuzzy interpolation [C]\/\/ IEEE International Conference on Fuzzy Systems. IEEE, 2017."},{"key":"1591_CR6","volume-title":"Intelligent network intrusion detection system using data mining techniques [C]\/\/ ICATCCT16","author":"J Akhil","year":"2016","unstructured":"Akhil J , Sultana A. Intelligent network intrusion detection system using data mining techniques [C]\/\/ ICATCCT16. IEEE, 2016."},{"issue":"1","key":"1591_CR7","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1109\/TSMCB.2005.854499","volume":"36","author":"DP Muni","year":"2006","unstructured":"D.P. Muni, N.R. Pal, J. Das, Genetic programming for simultaneous feature selection and classifier design [J]. IEEE Trans. Syst. Man. Cybern. B. Cybern. 36(1), 106\u2013117 (2006)","journal-title":"IEEE Trans. Syst. Man. Cybern. B. Cybern."},{"key":"1591_CR8","first-page":"1942","volume-title":"Particle swarm optimization [C]\/\/ Proceedings of IEEE International Conference On Neural Networks","author":"J Kennedy","year":"1995","unstructured":"J. Kennedy, R.C. Eberhart, Particle swarm optimization [C]\/\/ Proceedings of IEEE International Conference On Neural Networks (IEEE, Perth, 1995), pp. 1942\u20131948"},{"issue":"9","key":"1591_CR9","first-page":"1","volume":"03","author":"C-H Chen","year":"2019","unstructured":"C.-H. Chen, H.-Y. Kung, Feng-Jang Hwang. Deep learning techniques for agronomy applications [J]. Agronomy 03(9), 1 (2019)","journal-title":"Agronomy"},{"issue":"2","key":"1591_CR10","first-page":"409","volume":"28","author":"SX Tang","year":"2008","unstructured":"S.X. Tang, W.J. Cai, Intrusion detection based on unsupervised clustering and hybrid genetic algorithm [J]. J. Comput Appl. 28(2), 409\u2013411 (2008)","journal-title":"J. Comput Appl."},{"key":"1591_CR11","first-page":"301","volume":"3","author":"X Li","year":"2014","unstructured":"X. Li, Network intrusion detection using genetic algorithms for synchronized selection of features and support vector machine parameters [J]. Comput. Appl. Softw. 3, 301\u2013303 (2014)","journal-title":"Comput. Appl. Softw."},{"issue":"2","key":"1591_CR12","first-page":"113","volume":"51","author":"T Zhang","year":"2015","unstructured":"T. Zhang, J. Wang, Network intrusion detection model based on CQPSO-LSSVM [J]. Comput. Eng. Appl. 51(2), 113\u2013116 (2015)","journal-title":"Comput. Eng. Appl."},{"key":"1591_CR13","unstructured":"L.I. Zhengang, Q. Gan, University T C, Network intrusion detection model based on MACO-SVM[J].J.Journal of Chongqing University of Posts and Telecommunications. 26(6), 785\u2013789 (2014)"},{"key":"1591_CR14","doi-asserted-by":"publisher","first-page":"503","DOI":"10.1016\/j.procs.2016.05.203","volume":"85","author":"PRK Varma","year":"2016","unstructured":"P.R.K. Varma, V.V. Kumari, S.S. Kumar, Feature selection using relative fuzzy entropy and ant colony optimization applied to real-time intrusion detection system [J]. Procedia Comput. Sci. 85, 503\u2013510 (2016)","journal-title":"Procedia Comput. Sci."},{"key":"1591_CR15","first-page":"126","volume-title":"HMM-based passage models for document classification and ranking [J]","author":"L Denoyer","year":"2016","unstructured":"L. Denoyer, H. Zaragoza, P. Gallinari, HMM-based passage models for document classification and ranking [J]. Ecir (2016), pp. 126\u2013135"},{"key":"1591_CR16","first-page":"1278","volume-title":"Sample-specific SVM learning for person re-identification [C]\/\/ IEEE Conference on Computer Vision and Pattern Recognition","author":"Y Zhang","year":"2016","unstructured":"Y. Zhang, B. Li, H. Lu, et al., Sample-specific SVM learning for person re-identification [C]\/\/ IEEE Conference on Computer Vision and Pattern Recognition. IEEE (2016), pp. 1278\u20131287"},{"issue":"3","key":"1591_CR17","first-page":"125","volume":"34","author":"JI Changming","year":"2014","unstructured":"J.I. Changming, T. Zhou, T. Xiang, et al., Application of support vector machine based on grid search and cross validation in implicit stochastic dispatch of cascaded hydropower stations [J]. Electric Power Automation Equip. 34(3), 125\u2013131 (2014)","journal-title":"Electric Power Automation Equip."},{"issue":"2","key":"1591_CR18","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1145\/846183.846200","volume":"1","author":"B Pfahringer","year":"2000","unstructured":"B. Pfahringer, Winning the KDD99 classification cup: bagged boosting. ACM SIGKDD Explorations Newsletter 1(2), 65\u201366 (2000)","journal-title":"ACM SIGKDD Explorations Newsletter"},{"issue":"2","key":"1591_CR19","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1145\/846183.846201","volume":"1","author":"I Levin","year":"2000","unstructured":"I. Levin, KDD-99 classifier learning contest: LLSoft\u2019s results overview. ACM SIGKDD Explorations Newsletter 1(2), 67\u201375 (2000)","journal-title":"ACM SIGKDD Explorations Newsletter"},{"key":"1591_CR20","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1109\/MLSP.2005.1532885","volume-title":"IEEE Workshop on Machine Learning for Signal Processing","author":"C Xiang","year":"2005","unstructured":"C. Xiang, S.M. Lim, in IEEE Workshop on Machine Learning for Signal Processing. IEEE. Design of multiple-level hybrid classifier for intrusion detection system (2005), pp. 117\u2013122"},{"key":"1591_CR21","first-page":"921","volume-title":"An anomaly intrusion detection method using the CSI-KNN algorithm. In; Proceedings of the 2008 ACM symposium on Applied computing","author":"L Kuang","year":"2008","unstructured":"L. Kuang, M. Zulkemine, An anomaly intrusion detection method using the CSI-KNN algorithm. In; Proceedings of the 2008 ACM symposium on Applied computing. ACM (2008), pp. 921\u2013926"},{"key":"1591_CR22","volume-title":"Application of hybrid soft computing technology in intrusion detection [Doctoral Dissertation]","author":"Z Ma","year":"2010","unstructured":"Z. Ma, Application of hybrid soft computing technology in intrusion detection [Doctoral Dissertation] (Chongqing University, Chongqing, 2010)"}],"container-title":["EURASIP Journal on Wireless Communications and Networking"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13638-019-1591-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1186\/s13638-019-1591-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s13638-019-1591-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,2,2]],"date-time":"2021-02-02T01:37:15Z","timestamp":1612229835000},"score":1,"resource":{"primary":{"URL":"https:\/\/jwcn-eurasipjournals.springeropen.com\/articles\/10.1186\/s13638-019-1591-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,2,3]]},"references-count":22,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2020,12]]}},"alternative-id":["1591"],"URL":"https:\/\/doi.org\/10.1186\/s13638-019-1591-1","relation":{},"ISSN":["1687-1499"],"issn-type":[{"value":"1687-1499","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,2,3]]},"assertion":[{"value":"15 July 2019","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"30 October 2019","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"3 February 2020","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"The authors declare that they have no competing interest.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"33"}}