Web server attack categorization based on root causes and their locations

Jeongseok Seo, Han Sung Kim, Sanghyun Cho, Sungdeok Cha

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)

Abstract

Frequency of attacks on web services and resulting damage continue to grow as web services become popular. Unfortunately, existing signature-based intrusion detection techniques are inadequate in providing reasonable degree of web security. Web attacks are diverse in nature, and typical web architecture consists of complex and hierarchically organized components. Because attack strategies often vary depending on the web contents, it is impossible to develop fixed patterns capturing unknown attacks. Protection mechanisms such as anomaly-based intrusion detection and application-level IDS, tailored to web services, are needed to detect web attacks. The first step in developing web application IDS is to analyze and categorize possible web attacks and vulnerabilities. In this paper, we classify web attacks by analyzing the root causes and the locations where they occur. This research is useful in developing web IDS modules, tracking emerging trends on web attacks, and testing web applications against potential vulnerabilities.

Original languageEnglish
Title of host publicationInternational Conference on Information Technology: Coding Computing, ITCC
EditorsP.K. Srimani, A. Abraham, M. Cannataro, J. Domingo-Ferrer, R. Hashemi
Pages90-96
Number of pages7
Volume1
Publication statusPublished - 2004 Jul 7
Externally publishedYes
EventInternational Conference on Information Technology: Coding Computing, ITCC 2004 - Las Vegas, NV, United States
Duration: 2004 Apr 52004 Apr 7

Other

OtherInternational Conference on Information Technology: Coding Computing, ITCC 2004
CountryUnited States
CityLas Vegas, NV
Period04/4/504/4/7

Fingerprint

Web services
Servers
Intrusion detection
World Wide Web
Testing

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Seo, J., Kim, H. S., Cho, S., & Cha, S. (2004). Web server attack categorization based on root causes and their locations. In P. K. Srimani, A. Abraham, M. Cannataro, J. Domingo-Ferrer, & R. Hashemi (Eds.), International Conference on Information Technology: Coding Computing, ITCC (Vol. 1, pp. 90-96)

Web server attack categorization based on root causes and their locations. / Seo, Jeongseok; Kim, Han Sung; Cho, Sanghyun; Cha, Sungdeok.

International Conference on Information Technology: Coding Computing, ITCC. ed. / P.K. Srimani; A. Abraham; M. Cannataro; J. Domingo-Ferrer; R. Hashemi. Vol. 1 2004. p. 90-96.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Seo, J, Kim, HS, Cho, S & Cha, S 2004, Web server attack categorization based on root causes and their locations. in PK Srimani, A Abraham, M Cannataro, J Domingo-Ferrer & R Hashemi (eds), International Conference on Information Technology: Coding Computing, ITCC. vol. 1, pp. 90-96, International Conference on Information Technology: Coding Computing, ITCC 2004, Las Vegas, NV, United States, 04/4/5.
Seo J, Kim HS, Cho S, Cha S. Web server attack categorization based on root causes and their locations. In Srimani PK, Abraham A, Cannataro M, Domingo-Ferrer J, Hashemi R, editors, International Conference on Information Technology: Coding Computing, ITCC. Vol. 1. 2004. p. 90-96
Seo, Jeongseok ; Kim, Han Sung ; Cho, Sanghyun ; Cha, Sungdeok. / Web server attack categorization based on root causes and their locations. International Conference on Information Technology: Coding Computing, ITCC. editor / P.K. Srimani ; A. Abraham ; M. Cannataro ; J. Domingo-Ferrer ; R. Hashemi. Vol. 1 2004. pp. 90-96
@inproceedings{0913ec620c1248538e57526a70fb3332,
title = "Web server attack categorization based on root causes and their locations",
abstract = "Frequency of attacks on web services and resulting damage continue to grow as web services become popular. Unfortunately, existing signature-based intrusion detection techniques are inadequate in providing reasonable degree of web security. Web attacks are diverse in nature, and typical web architecture consists of complex and hierarchically organized components. Because attack strategies often vary depending on the web contents, it is impossible to develop fixed patterns capturing unknown attacks. Protection mechanisms such as anomaly-based intrusion detection and application-level IDS, tailored to web services, are needed to detect web attacks. The first step in developing web application IDS is to analyze and categorize possible web attacks and vulnerabilities. In this paper, we classify web attacks by analyzing the root causes and the locations where they occur. This research is useful in developing web IDS modules, tracking emerging trends on web attacks, and testing web applications against potential vulnerabilities.",
author = "Jeongseok Seo and Kim, {Han Sung} and Sanghyun Cho and Sungdeok Cha",
year = "2004",
month = "7",
day = "7",
language = "English",
isbn = "0769521088",
volume = "1",
pages = "90--96",
editor = "P.K. Srimani and A. Abraham and M. Cannataro and J. Domingo-Ferrer and R. Hashemi",
booktitle = "International Conference on Information Technology: Coding Computing, ITCC",

}

TY - GEN

T1 - Web server attack categorization based on root causes and their locations

AU - Seo, Jeongseok

AU - Kim, Han Sung

AU - Cho, Sanghyun

AU - Cha, Sungdeok

PY - 2004/7/7

Y1 - 2004/7/7

N2 - Frequency of attacks on web services and resulting damage continue to grow as web services become popular. Unfortunately, existing signature-based intrusion detection techniques are inadequate in providing reasonable degree of web security. Web attacks are diverse in nature, and typical web architecture consists of complex and hierarchically organized components. Because attack strategies often vary depending on the web contents, it is impossible to develop fixed patterns capturing unknown attacks. Protection mechanisms such as anomaly-based intrusion detection and application-level IDS, tailored to web services, are needed to detect web attacks. The first step in developing web application IDS is to analyze and categorize possible web attacks and vulnerabilities. In this paper, we classify web attacks by analyzing the root causes and the locations where they occur. This research is useful in developing web IDS modules, tracking emerging trends on web attacks, and testing web applications against potential vulnerabilities.

AB - Frequency of attacks on web services and resulting damage continue to grow as web services become popular. Unfortunately, existing signature-based intrusion detection techniques are inadequate in providing reasonable degree of web security. Web attacks are diverse in nature, and typical web architecture consists of complex and hierarchically organized components. Because attack strategies often vary depending on the web contents, it is impossible to develop fixed patterns capturing unknown attacks. Protection mechanisms such as anomaly-based intrusion detection and application-level IDS, tailored to web services, are needed to detect web attacks. The first step in developing web application IDS is to analyze and categorize possible web attacks and vulnerabilities. In this paper, we classify web attacks by analyzing the root causes and the locations where they occur. This research is useful in developing web IDS modules, tracking emerging trends on web attacks, and testing web applications against potential vulnerabilities.

UR - http://www.scopus.com/inward/record.url?scp=3042546549&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=3042546549&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:3042546549

SN - 0769521088

VL - 1

SP - 90

EP - 96

BT - International Conference on Information Technology: Coding Computing, ITCC

A2 - Srimani, P.K.

A2 - Abraham, A.

A2 - Cannataro, M.

A2 - Domingo-Ferrer, J.

A2 - Hashemi, R.

ER -