Computer Science – Cryptography and Security
Scientific paper
2002-10-29
Computers and Security 22, 435-449, 2003
Computer Science
Cryptography and Security
22 pages, 1 figure, latex format
Scientific paper
Web attacks, i.e. attacks exclusively using the HTTP protocol, are rapidly becoming one of the fundamental threats for information systems connected to the Internet. When the attacks suffered by web servers through the years are analyzed, it is observed that most of them are very similar, using a reduced number of attacking techniques. It is generally agreed that classification can help designers and programmers to better understand attacks and build more secure applications. As an effort in this direction, a new taxonomy of web attacks is proposed in this paper, with the objective of obtaining a practically useful reference framework for security applications. The use of the taxonomy is illustrated by means of multiplatform real world web attack examples. Along with this taxonomy, important features of each attack category are discussed. A suitable semantic-dependent web attack encoding scheme is defined that uses different-length vectors. Possible applications are described, which might benefit from this taxonomy and encoding scheme, such as intrusion detection systems and application firewalls.
Alvarez Gonzalo
Petrovic Slobodan
No associations
LandOfFree
Encoding a Taxonomy of Web Attacks with Different-Length Vectors does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.
If you have personal experience with Encoding a Taxonomy of Web Attacks with Different-Length Vectors, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Encoding a Taxonomy of Web Attacks with Different-Length Vectors will most certainly appreciate the feedback.
Profile ID: LFWR-SCP-O-533889