Behavior Analysis of Web Service Attacks

Abstract : With the rapid development of Internet and its services, cyber attacks are increasingly emerging and evolving nowadays. To be aware of new attacks and elaborate the appropriate protection mechanisms, an interesting idea is to attract attackers, then to automatically monitor their activities and analyze their behaviors. In this paper, we are particularly interested in detecting and learning attacks against web services. We propose an approach that describes the attacker’s behavior based on data collected from the deployment of a web service honeypot. The strengths of our approach are that (1) it offers a high interaction environment, able to collect valuable information about malicious activities; (2) our solution preprocesses the set of data attributes in order to keep only significant ones (3) it ensures two levels of clustering in order to produce more concise attack scenarios. In order to achieve these contributions, we employ three analysis techniques: Principal Component Analysis, Spectral Clustering and Sequence Clustering. Our experimental tests allow us discovering some attacks scenarios, such as SQL Injection and Denial of Services (DoS), that are modeled in Markov chains.
Type de document :
Communication dans un congrès
Nora Cuppens-Boulahia; Frédéric Cuppens; Sushil Jajodia; Anas Abou El Kalam; Thierry Sans. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. Springer, IFIP Advances in Information and Communication Technology, AICT-428, pp.366-379, 2014, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-642-55415-5_31〉
Liste complète des métadonnées

Littérature citée [12 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01370385
Contributeur : Hal Ifip <>
Soumis le : jeudi 22 septembre 2016 - 14:29:48
Dernière modification le : jeudi 22 septembre 2016 - 15:08:23

Fichier

978-3-642-55415-5_31_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Abdallah Ghourabi, Tarek Abbes, Adel Bouhoula. Behavior Analysis of Web Service Attacks. Nora Cuppens-Boulahia; Frédéric Cuppens; Sushil Jajodia; Anas Abou El Kalam; Thierry Sans. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. Springer, IFIP Advances in Information and Communication Technology, AICT-428, pp.366-379, 2014, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-642-55415-5_31〉. 〈hal-01370385〉

Partager

Métriques

Consultations de la notice

65

Téléchargements de fichiers

95