A Lightweight Tool for Detecting Web Server Attacks.
作者: Magnus Almgren , Marc Dacier , Hervé Debar
DOI:
关键词:
摘要: We present an intrusion-detection tool aimed at protecting web servers, and justify why such a is needed. describe several interesting features, as the ability to run in real time keep track of suspicious hosts. The design flexible signatures used detect malicious behavior are not limited simple pattern matching dangerous cgi scripts. includes mechanisms reduce number false alarms. conclude with discussion information gained from deploying
isoc.org
ndss-symposium.org
researchgate.net 参考文章(8)
Gene Spafford, Simson Garfinkel, Web security & commerce O'Reilly & Associates, Inc.. ,(1997)
Stephen E. Hansen, E. Todd Atkins, Automated System Monitoring and Notification With Swatch usenix large installation systems administration conference. pp. 145- 152 ,(1993)
Timothy N. Newsham, Thomas H. Ptacek, Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection ,(1998)
Marcus J. Ranum, Andrew Lambeth, Michael T. Stolarchuk, Kent Landfield, Mark Sienkiewicz, Eric Wall, Implementing a Generalized Tool for Network Monitoring usenix large installation systems administration conference. pp. 1- 8 ,(1997)
H. Frystyk, L. Masinter, J. Mogul, J. Gettys, R. Fielding, P. Leach, T. Berners-Lee, Hypertext Transfer Protocol -- HTTP/1.1 acm conference on hypertext. ,vol. 2068, pp. 1- 162 ,(1997)
Hervé Debar, Marc Dacier, Andreas Wespi, Towards a taxonomy of intrusion-detection systems Computer Networks. ,vol. 31, pp. 805- 822 ,(1999) , 10.1016/S1389-1286(98)00017-6
Daniel Geer, Marcus J. Ranum, Aviel D. Rubin, Web Security Sourcebook ,(1997)
Vern Paxson, Bro: a system for detecting network intruders in real-time usenix security symposium. pp. 3- 3 ,(1998)