Web server attack categorization based on root causes and their locations

Jeongseok Seo, Han Sung Kim, Sanghyun Cho, Sungdeok Cha

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)

Abstract

Frequency of attacks on web services and resulting damage continue to grow as web services become popular. Unfortunately, existing signature-based intrusion detection techniques are inadequate in providing reasonable degree of web security. Web attacks are diverse in nature, and typical web architecture consists of complex and hierarchically organized components. Because attack strategies often vary depending on the web contents, it is impossible to develop fixed patterns capturing unknown attacks. Protection mechanisms such as anomaly-based intrusion detection and application-level IDS, tailored to web services, are needed to detect web attacks. The first step in developing web application IDS is to analyze and categorize possible web attacks and vulnerabilities. In this paper, we classify web attacks by analyzing the root causes and the locations where they occur. This research is useful in developing web IDS modules, tracking emerging trends on web attacks, and testing web applications against potential vulnerabilities.

Original languageEnglish
Title of host publicationInternational Conferen ON Information Technology
Subtitle of host publicationCoding Computing, ITCC 2004
EditorsP.K. Srimani, A. Abraham, M. Cannataro, J. Domingo-Ferrer, R. Hashemi
Pages90-96
Number of pages7
Publication statusPublished - 2004 Jul 7
EventInternational Conference on Information Technology: Coding Computing, ITCC 2004 - Las Vegas, NV, United States
Duration: 2004 Apr 52004 Apr 7

Publication series

NameInternational Conference on Information Technology: Coding Computing, ITCC
Volume1

Other

OtherInternational Conference on Information Technology: Coding Computing, ITCC 2004
CountryUnited States
CityLas Vegas, NV
Period04/4/504/4/7

ASJC Scopus subject areas

  • Software
  • Information Systems
  • Engineering(all)

Fingerprint Dive into the research topics of 'Web server attack categorization based on root causes and their locations'. Together they form a unique fingerprint.

  • Cite this

    Seo, J., Kim, H. S., Cho, S., & Cha, S. (2004). Web server attack categorization based on root causes and their locations. In P. K. Srimani, A. Abraham, M. Cannataro, J. Domingo-Ferrer, & R. Hashemi (Eds.), International Conferen ON Information Technology: Coding Computing, ITCC 2004 (pp. 90-96). (International Conference on Information Technology: Coding Computing, ITCC; Vol. 1).