Abstract
The number of web-based activities and websites is growing every day. Unfortunately, so is cyber-crime. Every day, new vulnerabilities are reported and the number of automated attacks is constantly rising. Typical signature-based methods rely on expert knowledge and the distribution of updated information to the clients (e.g. anti-virus software) and require more effort to keep the systems up to date. At the same time, they do not protect against the newest (e.g. zero-day) threats. In this article, a new method is proposed, whereas cooperating systems analyze incoming requests, identify potential threats and present them to other peers. Each host can then utilize the findings of the other peers to identify harmful requests, making the whole system of cooperating servers “remember” and share information about the threats.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Defense in Depth: A practical strategy for achieving Information Assurance in today’s highly networked environments, http://www.nsa.gov/ia/_files/support/defenseindepth.pdf , http://www.nsa.gov/ia/_files/support/defenseindepth.pdf
PhpMyAdmin, http://sourceforge.net/projects/phpmyadmin/
Agosti, M., Crivellari, F., Di Nunzio, G.: Web log analysis: a review of a decade of studies about information acquisition, inspection and interpretation of user interaction. Data Mining and Knowledge Discovery 24(3), 663–696 (2012), http://dx.doi.org/10.1007/s10618-011-0228-8 , http://www.bibsonomy.org/bibtex/29b85b7d3c5587c5f0920f0d602ba93b1/sdo
Auxilia, M., Tamilselvan, D.: Anomaly detection using negative security model in web application. In: 2010 International Conference on Computer Information Systems and Industrial Management Applications (CISIM), pp. 481–486 (2010)
Christey, S.: 2011 CWE/SANS Top 25 Most Dangerous Software Errors. Tech. rep. (2011), http://cwe.mitre.org/top25/archive/2011/2011_cwe_sans_top25.pdf
Cova, M., Balzarotti, D., Felmetsger, V., Vigna, G.: Swaddler: An Approach for the Anomaly-Based Detection of State Violations in Web Applications. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 63–86. Springer, Heidelberg (2007), http://dx.doi.org/10.1007/978-3-540-74320-0_4
Iváncsy, R., Vajk, I.: Frequent Pattern Mining in Web Log Data. Acta Polytechnica Hungarica 3(1) (2006), http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.101.4559 ; http://www.bibsonomy.org/bibtex/2f29f4627c9ae99370fc7ba005982e2e6/sdo
iVIZ: Web Application Vulnerability Statistics Report (2013), http://www.securitybistro.com/?p=4966
Johari, R., Sharma, P.: A Survey on Web Application Vulnerabilities (SQLIA, XSS) Exploitation and Security Engine for SQL Injection. In: 2012 International Conference on Communication Systems and Network Technologies (CSNT), pp. 453–458 (2012)
JSON: A lightweight data-interchange format, http://www.json.org
Kayne, R.: What Are Script Kiddies, http://www.wisegeek.com/what-are-script-kiddies.htm
Kruegel, C., Vigna, G.: Anomaly Detection of Web-Based Attacks. pp. 251–261. ACM Press (2003), http://www.bibsonomy.org/bibtex/2099e1b9a6e57960e4b3e02410e83cb64/liangzk
Kruegel, C., Vigna, G., Robertson, W.: A multi-model approach to the detection of web-based attacks. Computer Networks 48(5), 717–738 (2005), http://dx.doi.org/10.1016/j.comnet.2005.01.009
Netcraft: Web Server Survey (2013), http://news.netcraft.com/archives/2013/11/01/november-2013-web-server-survey.html
Pałka, D., Zachara, M.: Learning web application firewall - benefits and caveats. In: Tjoa, A.M., Quirchmayr, G., You, I., Xu, L. (eds.) ARES 2011. LNCS, vol. 6908, pp. 295–308. Springer, Heidelberg (2011), http://dl.acm.org/citation.cfm?id=2033973.2033999
Sun, Z., Sheng, H., Wei, M., Yang, J., Zhang, H., Wang, L.: Application of web log mining in local area network security. In: EMEIT. pp. 3897–3900. IEEE (2011), http://dblp.uni-trier.de/db/conf/emeit/emeit2011.html#SunSWYZW11 ; http://dx.doi.org/10.1109/EMEIT.2011.6023097 ; http://www.bibsonomy.org/bibtex/23badf5326d9486b9b17c48ab47576eaa/dblp
Symantec: Internet Security Threat Report (2013), http://www.symantec.com/security_response/publications/threatreport.jsp
WhiteHat: Website Security Statistics Report (2013), http://info.whitehatsec.com/2013-website-security-report.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Zachara, M. (2014). Collective Detection of Potentially Harmful Requests Directed at Web Sites. In: Hwang, D., Jung, J.J., Nguyen, NT. (eds) Computational Collective Intelligence. Technologies and Applications. ICCCI 2014. Lecture Notes in Computer Science(), vol 8733. Springer, Cham. https://doi.org/10.1007/978-3-319-11289-3_39
Download citation
DOI: https://doi.org/10.1007/978-3-319-11289-3_39
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11288-6
Online ISBN: 978-3-319-11289-3
eBook Packages: Computer ScienceComputer Science (R0)