nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

Identification of Possible Attack Attempts Against Web Applications Utilizing Collective Assessment of Suspicious Requests

verfasst von : Marek Zachara

Erschienen in: Transactions on Computational Collective Intelligence XXII

Verlag: Springer Berlin Heidelberg

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The number of web-based activities and websites is growing every day. Unfortunately, so is cyber-crime. Every day, new vulnerabilities are reported and the number of automated attacks is constantly rising. In this article, a new method for detecting such attacks is proposed, whereas cooperating systems analyze incoming requests, identify potential threats and present them to other peers. Each host can then utilize the knowledge and findings of the other peers to identify harmful requests, making the whole system of cooperating servers “remember” and share information about the existing threats, effectively “immunizing” it against them.

The method was tested using data from seven different web servers, consisting of over three million of recorded requests. The paper also includes proposed means for maintaining the confidentiality of the exchanged data and analyzes impact of various parameters, including the number of peers participating in the exchange of data. Samples of identified attacks and most common attack vectors are also presented in the paper.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel On Achieving History-Based Move Ordering in Adversarial Board Games Using Adaptive Data Structures

Nächstes Kapitel A Grey Approach to Online Social Networks Analysis

Agosti, M., Crivellari, F., Di Nunzio, G.: Web log analysis: a review of a decade of studies about information acquisition, inspection and interpretation of user interaction. Data Min. Knowl. Disc. 24(3), 663–696 (2012)CrossRef

Anderson, R., Barton, C., Böhme, R., Clayton, R., Van Eeten, M.J., Levi, M., Moore, T., Savage, S.: Measuring the cost of cybercrime. In: Böhme, R. (ed.) The Economics of Information Security and Privacy, pp. 265–300. Springer, Heidelberg (2013)CrossRef

Auxilia, M., Tamilselvan, D.: Anomaly detection using negative security model in web application. In: 2010 International Conference on Computer Information Systems and Industrial Management Applications (CISIM), pp. 481–486 (2010)

Florêncio, D., Herley, C.: Sex, lies and cyber-crime surveys. In: Schneier, B. (ed.) Economics of Information Security and Privacy III, pp. 35–53. Springer, Heidelberg (2013)CrossRef

García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., Vázquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(1–2), 18–28 (2009)CrossRef

van Goethem, T., Chen, P., Nikiforakis, N., Desmet, L., Joosen, W.: Large-scale security analysis of the web: challenges and findings. In: Holz, T., Ioannidis, S. (eds.) Trust 2014. LNCS, vol. 8564, pp. 110–126. Springer, Heidelberg (2014)

Han, E.E.: Detection of web application attacks with request length module and regex pattern analysis. In: Genetic and Evolutionary Computing: Proceedings of the Ninth International Conference on Genetic and Evolutionary Computing, 26–28 August 2015, Yangon, Myanmar, vol. 2, pp. 157. Springer, Switzerland (2015)

Hyman, P.: Cybercrime: it’s serious, but exactly how serious? Commun. ACM 56(3), 18–20 (2013)CrossRef

Iváncsy, R., Vajk, I.: Frequent pattern mining in web log data. Acta Polytechnica Hungarica 3(1), 77–90 (2006)

10.

JSON: a lightweight data-interchange format. http://www.json.org

11.

Kruegel, C., Vigna, G., Robertson, W.: A multi-model approach to the detection of web-based attacks. Comput. Netw. 48(5), 717–738 (2005)CrossRef

12.

McAfee: Net Losses: Estimating the Global Cost of Cybercrime (2014). http://www.mcafee.com/us/resources/reports/rp-economic-impact-cybercrime2.pdf

13.

Muller, J.: Implementation of a Framework for Advanced HTTPD Logfile Security Analysis, Master’s thesis (2012)

14.

Netcraft: Web Server Survey (2015). http://news.netcraft.com/archives/2013/11/01/november-2013-web-server-survey.html

15.

OWASP: Web Application Firewall. https://www.owasp.org/index.php/Web_Application_Firewall

16.

Pałka, D., Zachara, M.: Learning web application firewall - benefits and caveats. In: Tjoa, A.M., Quirchmayr, G., You, I., Xu, L. (eds.) ARES 2011. LNCS, vol. 6908, pp. 295–308. Springer, Heidelberg (2011)CrossRef

17.

Rieck, K., Laskov, P.: Language models for detection of unknown attacks in network traffic. J. Comput. Virol. 2(4), 243 (2007)CrossRef

18.

Roesch, M.: Snort: lightweight intrusion detection for networks. In: LISA, USENIX, pp. 229–238 (1999)

19.

Salama, S.E., Marie, M.I., El-Fangary, L.M., Helmy, Y.K.: Web server logs preprocessing for web intrusion detection. Comput. Inf. Sci. 4(4), p123 (2011)

20.

Stevens, M.: Advances in hash function cryptanalysis. ERCIM News 2012(90), 26–27 (2012)

21.

Symantec: Internet Security Threat Report (2015). http://www.symantec.com/security_response/publications/threatreport.jsp

22.

WhiteHat: Website Security Statistics Report (2013). http://info.whitehatsec.com/2013-website-security-report.html

23.

Zachara, M.: Collective detection of potentially harmful requests directed at web sites. In: Hwang, D., Jung, J.J., Nguyen, N.-T. (eds.) ICCCI 2014. LNCS, vol. 8733, pp. 384–393. Springer, Heidelberg (2014)

Titel: Identification of Possible Attack Attempts Against Web Applications Utilizing Collective Assessment of Suspicious Requests
verfasst von: Marek Zachara
Verlag: Springer Berlin Heidelberg
Buch: Transactions on Computational Collective Intelligence XXII
Print ISBN: 978-3-662-49618-3

Electronic ISBN: 978-3-662-49619-0

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-662-49619-0_3

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"