A Proposal of Algorithm for Web Applications Cyber Attack Detection

Abstract : Injection attacks (e.g. XSS or SQL) are ranked at the first place in world-wide lists (e.g. MITRE and OWASP). These types of attacks can be easily obfuscated. Therefore it is difficult or even impossible to provide a reliable signature for firewalls that will detect such attacks. In this paper, we have proposed an innovative method for modelling the normal behaviour of web applications. The model is based on information obtained from HTTP requests generated by a client to a web server. We have evaluated our method on CSIC 2010 HTTP Dataset achieving satisfactory results.
Type de document :
Communication dans un congrès
Khalid Saeed; Václav Snášel. 13th IFIP International Conference on Computer Information Systems and Industrial Management (CISIM), Nov 2014, Ho Chi Minh City, Vietnam. Springer, Lecture Notes in Computer Science, LNCS-8838, pp.680-687, 2014, Computer Information Systems and Industrial Management. 〈10.1007/978-3-662-45237-0_61〉
Liste complète des métadonnées

Littérature citée [7 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01405662
Contributeur : Hal Ifip <>
Soumis le : mercredi 30 novembre 2016 - 11:28:06
Dernière modification le : vendredi 29 décembre 2017 - 18:06:01
Document(s) archivé(s) le : lundi 27 mars 2017 - 09:26:13

Fichier

978-3-662-45237-0_61_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Rafał Kozik, Michał Choraś, Rafał Renk, Witold Hołubowicz. A Proposal of Algorithm for Web Applications Cyber Attack Detection. Khalid Saeed; Václav Snášel. 13th IFIP International Conference on Computer Information Systems and Industrial Management (CISIM), Nov 2014, Ho Chi Minh City, Vietnam. Springer, Lecture Notes in Computer Science, LNCS-8838, pp.680-687, 2014, Computer Information Systems and Industrial Management. 〈10.1007/978-3-662-45237-0_61〉. 〈hal-01405662〉

Partager

Métriques

Consultations de la notice

165

Téléchargements de fichiers

411