Web server attack categorization based on root causes and their locations

Jeongseok Seo; Han Sung Kim; Sanghyun Cho; Sungdeok Cha

Web server attack categorization based on root causes and their locations

Jeongseok Seo, Han Sung Kim, Sanghyun Cho, Sungdeok Cha

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Frequency of attacks on web services and resulting damage continue to grow as web services become popular. Unfortunately, existing signature-based intrusion detection techniques are inadequate in providing reasonable degree of web security. Web attacks are diverse in nature, and typical web architecture consists of complex and hierarchically organized components. Because attack strategies often vary depending on the web contents, it is impossible to develop fixed patterns capturing unknown attacks. Protection mechanisms such as anomaly-based intrusion detection and application-level IDS, tailored to web services, are needed to detect web attacks. The first step in developing web application IDS is to analyze and categorize possible web attacks and vulnerabilities. In this paper, we classify web attacks by analyzing the root causes and the locations where they occur. This research is useful in developing web IDS modules, tracking emerging trends on web attacks, and testing web applications against potential vulnerabilities.

Original language	English
Title of host publication	International Conferen ON Information Technology
Subtitle of host publication	Coding Computing, ITCC 2004
Editors	P.K. Srimani, A. Abraham, M. Cannataro, J. Domingo-Ferrer, R. Hashemi
Pages	90-96
Number of pages	7
Publication status	Published - 2004
Externally published	Yes
Event	International Conference on Information Technology: Coding Computing, ITCC 2004 - Las Vegas, NV, United States Duration: 2004 Apr 5 → 2004 Apr 7

Publication series

Name	International Conference on Information Technology: Coding Computing, ITCC
Volume	1

Other

Other	International Conference on Information Technology: Coding Computing, ITCC 2004
Country/Territory	United States
City	Las Vegas, NV
Period	04/4/5 → 04/4/7

ASJC Scopus subject areas

Engineering(all)

Cite this

Seo, J., Kim, H. S., Cho, S., & Cha, S. (2004). Web server attack categorization based on root causes and their locations. In P. K. Srimani, A. Abraham, M. Cannataro, J. Domingo-Ferrer, & R. Hashemi (Eds.), International Conferen ON Information Technology: Coding Computing, ITCC 2004 (pp. 90-96). (International Conference on Information Technology: Coding Computing, ITCC; Vol. 1).

Web server attack categorization based on root causes and their locations. / Seo, Jeongseok; Kim, Han Sung; Cho, Sanghyun et al.

International Conferen ON Information Technology: Coding Computing, ITCC 2004. ed. / P.K. Srimani; A. Abraham; M. Cannataro; J. Domingo-Ferrer; R. Hashemi. 2004. p. 90-96 (International Conference on Information Technology: Coding Computing, ITCC; Vol. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Seo, J, Kim, HS, Cho, S & Cha, S 2004, Web server attack categorization based on root causes and their locations. in PK Srimani, A Abraham, M Cannataro, J Domingo-Ferrer & R Hashemi (eds), International Conferen ON Information Technology: Coding Computing, ITCC 2004. International Conference on Information Technology: Coding Computing, ITCC, vol. 1, pp. 90-96, International Conference on Information Technology: Coding Computing, ITCC 2004, Las Vegas, NV, United States, 04/4/5.

Seo, Jeongseok ; Kim, Han Sung ; Cho, Sanghyun et al. / Web server attack categorization based on root causes and their locations. International Conferen ON Information Technology: Coding Computing, ITCC 2004. editor / P.K. Srimani ; A. Abraham ; M. Cannataro ; J. Domingo-Ferrer ; R. Hashemi. 2004. pp. 90-96 (International Conference on Information Technology: Coding Computing, ITCC).

@inproceedings{0913ec620c1248538e57526a70fb3332,

title = "Web server attack categorization based on root causes and their locations",

abstract = "Frequency of attacks on web services and resulting damage continue to grow as web services become popular. Unfortunately, existing signature-based intrusion detection techniques are inadequate in providing reasonable degree of web security. Web attacks are diverse in nature, and typical web architecture consists of complex and hierarchically organized components. Because attack strategies often vary depending on the web contents, it is impossible to develop fixed patterns capturing unknown attacks. Protection mechanisms such as anomaly-based intrusion detection and application-level IDS, tailored to web services, are needed to detect web attacks. The first step in developing web application IDS is to analyze and categorize possible web attacks and vulnerabilities. In this paper, we classify web attacks by analyzing the root causes and the locations where they occur. This research is useful in developing web IDS modules, tracking emerging trends on web attacks, and testing web applications against potential vulnerabilities.",

author = "Jeongseok Seo and Kim, {Han Sung} and Sanghyun Cho and Sungdeok Cha",

year = "2004",

language = "English",

isbn = "0769521088",

series = "International Conference on Information Technology: Coding Computing, ITCC",

pages = "90--96",

editor = "P.K. Srimani and A. Abraham and M. Cannataro and J. Domingo-Ferrer and R. Hashemi",

booktitle = "International Conferen ON Information Technology",

note = "International Conference on Information Technology: Coding Computing, ITCC 2004 ; Conference date: 05-04-2004 Through 07-04-2004",

}

TY - GEN

T1 - Web server attack categorization based on root causes and their locations

AU - Seo, Jeongseok

AU - Kim, Han Sung

AU - Cho, Sanghyun

AU - Cha, Sungdeok

PY - 2004

Y1 - 2004

N2 - Frequency of attacks on web services and resulting damage continue to grow as web services become popular. Unfortunately, existing signature-based intrusion detection techniques are inadequate in providing reasonable degree of web security. Web attacks are diverse in nature, and typical web architecture consists of complex and hierarchically organized components. Because attack strategies often vary depending on the web contents, it is impossible to develop fixed patterns capturing unknown attacks. Protection mechanisms such as anomaly-based intrusion detection and application-level IDS, tailored to web services, are needed to detect web attacks. The first step in developing web application IDS is to analyze and categorize possible web attacks and vulnerabilities. In this paper, we classify web attacks by analyzing the root causes and the locations where they occur. This research is useful in developing web IDS modules, tracking emerging trends on web attacks, and testing web applications against potential vulnerabilities.

AB - Frequency of attacks on web services and resulting damage continue to grow as web services become popular. Unfortunately, existing signature-based intrusion detection techniques are inadequate in providing reasonable degree of web security. Web attacks are diverse in nature, and typical web architecture consists of complex and hierarchically organized components. Because attack strategies often vary depending on the web contents, it is impossible to develop fixed patterns capturing unknown attacks. Protection mechanisms such as anomaly-based intrusion detection and application-level IDS, tailored to web services, are needed to detect web attacks. The first step in developing web application IDS is to analyze and categorize possible web attacks and vulnerabilities. In this paper, we classify web attacks by analyzing the root causes and the locations where they occur. This research is useful in developing web IDS modules, tracking emerging trends on web attacks, and testing web applications against potential vulnerabilities.

UR - http://www.scopus.com/inward/record.url?scp=3042546549&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:3042546549

SN - 0769521088

T3 - International Conference on Information Technology: Coding Computing, ITCC

SP - 90

EP - 96

BT - International Conferen ON Information Technology

A2 - Srimani, P.K.

A2 - Abraham, A.

A2 - Cannataro, M.

A2 - Domingo-Ferrer, J.

A2 - Hashemi, R.

T2 - International Conference on Information Technology: Coding Computing, ITCC 2004

Y2 - 5 April 2004 through 7 April 2004

ER -

Web server attack categorization based on root causes and their locations

Abstract

Publication series

Other

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this