Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2006.13C.1.019

Profile based Web Application Attack Detection and Filtering Method  

Yun Young-Tae (국가보안기술연구소)
Ryou Jae-Cheol (충남대학교 정보통신공학부)
Park Sang-Seo (국가보안기술연구소)
Park Jong-Wook (국가보안기술연구소)
Publication Information
The KIPS Transactions:PartC / v.13C, no.1, 2006 , pp. 19-26 More about this Journal
Abstract
Recently, web server hacking is trending toward web application hacking which uses comparatively vulnerable web applications based on open sources. And, it is possible to hack databases using web interfaces because web servers are usually connected databases. Web application attacks use vulnerabilities not in web server itself, but in web application structure, logical error and code error. It is difficult to defend web applications from various attacks by only using pattern matching detection method and code modification. In this paper, we propose a method to secure the web applications based on profiling which can detect and filter out abnormal web application requests.
Keywords
Web Application Security; Profiling; Web Hacking;
Citations & Related Records
연도 인용수 순위
  • Reference
1 zeroboard, http://www.zeroboard.com
2 TeleportPro, http://www.tenmax.com/telport/pro/home.htm
3 Awstats, 'http://www.awstats.org'
4 phpBB, http://www.phpbb.com
5 CrazyWebBoard, http://www.crazywebboard.com
6 Sverre H. Huseby, 'Common Security Problems in the Code of Dynamic Web Applications', Web Application Security Consortium(www.webappsec.org), June, 2005
7 Gentoo Linux Security Advisory, http://www.gentoo.org.
8 BugTraq, http//www.securityfocus.com/archive/1
9 Mark Curphey, David Endler, 'A Guide to Building Secure Web Applications', OWASP, Sep., 2002
10 Robert Auger, Ryan Barnett, 'Web Application Security Consortium: Threat Classification Version 1.0', Web Application Security Consortium(www.webappsec.org), 2004
11 Ory Segal, 'Web Application Forensics: The unchatterd Territory', SANCTUM, 2002
12 Shreeraj Shah, 'Defending Web Services using Mod Security(Apache)', NetSquare, 2004
13 http://www.theregister.co.uk/2004/12/21/santy_worm/
14 Mark Curphey, Joel Scambray, Erik Olson, 'Improving Web Application Security: Threats and Countermeasures', Microsoft Corporation, 2003
15 Michael Benedikt, Juliana Freire, Patri Godeproid, 'VeriWeb : Automatically Testing Dynamic Web Sites', Proc. of the World Wide Web Conference, 2002
16 Ivan Ristic, 'Web Intrusion Detection with Mod_Security', OWASP AppSec Europe, 2005
17 Y. W. Huang et al, 'Securing Web Application Code by static Analysis and Runtime Protection', Proc. of the World Wide Web Conference, May, 2004   DOI
18 Scott, D., Sharp. R, 'Abstracting Application-Level Web Security', Proc. of the World Wide Web Conference, 2002   DOI
19 Christoher Kruegel, Giobanni Vigna, William Robertson, 'A multi-model approach to the detection of web-based attacks', Computer Networks: Vol.48, No.5, pp.717-738, August, 2005   DOI   ScienceOn
20 Jeffry R. Williams et al., 'The Ten Most Critical Web Application Security Vulnerabilities', OWASP, 2004
21 http://isc.sans.org/diary.php?date=2005-11-05