Sciweavers

AINA
2010
IEEE

Empirical Analysis of Attackers Activity on Multi-tier Web Systems

13 years 7 months ago
Empirical Analysis of Attackers Activity on Multi-tier Web Systems
—Web-based systems commonly face unique set of vulnerabilities and security threats due to their high exposure, access by browsers, and integration with databases. In this paper we present empirical analysis of attackers activities based on data collected by two high-interaction honeypots. The contributions of our work include: (1) Classification of the malicious traffic to port scans, vulnerability scans, and attacks; (2) Conducting experiments which, in addition to attackers activities aimed at individual components, allowed us to observe and study vulnerability scans and attacks that span multiple system components; and (3) Statistical characterization of the malicious traffic. Keywords-port and vulnerability scans; attacks; Web-based systems; empirical analysis of malicious traffic; distribution fitting
Katerina Goseva-Popstojanova, Brandon Miller, Rist
Added 18 Aug 2010
Updated 18 Aug 2010
Type Conference
Year 2010
Where AINA
Authors Katerina Goseva-Popstojanova, Brandon Miller, Risto Pantev, Ana Dimitrijevikj
Comments (0)