Identification of vulnerable parts of web applications based on anomaly detection in HTTP

Authors:
Rastislav Szabó;Ladislav Hudec
Affiliations:
Institute of Applied Informatics;Institute of Applied Informatics
Venue:
Proceedings of the 14th International Conference on Computer Systems and Technologies
Year:
2013

Citing 2
Cited 0

Anomaly detection of web-based attacks

Proceedings of the 10th ACM conference on Computer and communications security
On the Use of Security Metrics Based on Intrusion Prevention System Event Data: An Empirical Analysis

HASE '08 Proceedings of the 2008 11th IEEE High Assurance Systems Engineering Symposium

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper describes a concept of an algorithm, which can be used for automated identification of vulnerable parts of web applications based on increased occurrence of anomalies detected by the anomaly-based IDS (Intrusion Detection System). The output of our anomaly evaluation algorithm can direct security engineers and application developers to those modules of a web application, which are "attractive" for the attackers, or even point to some security vulnerabilities in particular modules of the application. The methods of anomaly detection in HTTP traffic and process of building the model of the application's structure by analysis of requested URLs are also discussed in this paper.