Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2003
IEEE
2003
IEEE
A Stateful Intrusion Detection System for World-Wide Web Servers
Web servers are ubiquitous, remotely accessible, and often misconfigured. In addition, custom web-based applications may introduce vulnerabilities that are overlooked even by the most security-conscious server administrators. Consequently, web servers are a popular target for hackers. To mitigate the security exposure associated with web servers, intrusion detection systems are deployed to analyze and screen incoming requests. The goal is to perform early detection of malicious activity and possibly prevent more serious damage to the protected site. Even though intrusion detection is critical for the security of web servers, the intrusion detection systems available today only perform very simple analyses and are often vulnerable to simple evasion techniques. In addition, most systems do not provide sophisticated attack languages that allow a system administrator to specify custom, complex attack scenarios to be detected. This paper presents WebSTAT, an intrusion detection system that...
Real-time TrafficACSAC 2003 | Intrusion Detection System | Security Privacy | Security-conscious Server Administrators | Web Server |
Related Content
| Added | 23 Aug 2010 |
| Updated | 23 Aug 2010 |
| Type | Conference |
| Year | 2003 |
| Where | ACSAC |
| Authors | Giovanni Vigna, William K. Robertson, Vishal Kher, Richard A. Kemmerer |
Comments (0)
Researcher Info
|
