東華大學圖書館 |

語系: 繁體中文

說明(常見問題)

回圖書館首頁

手機版館藏查詢

登入

回首頁

切換: 標籤 | MARC模式 | ISBD

Analysis of attacks on Web based app...

Miller, Brandon Scott.

FindBook

Google Book

Amazon

博客來

Analysis of attacks on Web based applications.

紀錄類型:	書目-語言資料,印刷品 : Monograph/item
正題名/作者:	Analysis of attacks on Web based applications./
作者:	Miller, Brandon Scott.
面頁冊數:	66 p.
附註:	Source: Masters Abstracts International, Volume: 48-02, page: 1090.
Contained By:	Masters Abstracts International48-02.
標題:	Web Studies. -
電子資源:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=1471802
ISBN:	9781109437324

Analysis of attacks on Web based applications.
Miller, Brandon Scott.

Analysis of attacks on Web based applications. - 66 p.

Source: Masters Abstracts International, Volume: 48-02, page: 1090.

Thesis (M.S.)--West Virginia University, 2009.

As the technology used to power Web-based applications continues to evolve, new security threats are emerging. Web 2.0 technology provides attackers with a whole new array of vulnerabilities to exploit. In this thesis, we present an analysis of the attacker activity aimed at a typical Web server based on the data collected on two high interaction honeypots over a one month period of time. The configuration of the honeypots resembles the typical three tier architecture of many real world Web servers. Our honeypots ran on the Windows XP operating system and featured attractive attack targets such as the Microsoft IIS Web server, MySQL database, and two Web 2.0-based applications (Wordpress and MediaWiki). This configuration allows for attacks on a component directly or through the other components. Our analysis includes detailed inspection of the network traffic and IIS logs as well as investigation of the System logs, where appropriate. We also develop a pattern recognition approach to classify TCP connections as port scans or vulnerability scans/attacks. Some of the conclusions of our analysis include: (1) the vast majority of malicious traffic was over the TCP protocol, (2) the majority of malicious traffic was targeted at Windows file sharing, HTTP, and SSH ports, (3) most attackers found our Web server through search-based strategies rather than IP-based strategies, (4) most of the malicious traffic was generated by a few unique attackers.

ISBN: 9781109437324Subjects--Topical Terms:

1026830
Web Studies.

Analysis of attacks on Web based applications.
LDR:02327nam 2200277 4500 001 1390915
005 20101215102239.5
008 130515s2009 ||||||||||||||||| ||eng d
020 $a 9781109437324
035 $a (UMI)AAI1471802
035 $a AAI1471802
040 $a UMI $c UMI
100 1 $a Miller, Brandon Scott. $3 1669269
245 1 0 $a Analysis of attacks on Web based applications.
300 $a 66 p.
500 $a Source: Masters Abstracts International, Volume: 48-02, page: 1090.
500 $a Adviser: Katerina Goseva-Popstojanova.
502 $a Thesis (M.S.)--West Virginia University, 2009.
520 $a As the technology used to power Web-based applications continues to evolve, new security threats are emerging. Web 2.0 technology provides attackers with a whole new array of vulnerabilities to exploit. In this thesis, we present an analysis of the attacker activity aimed at a typical Web server based on the data collected on two high interaction honeypots over a one month period of time. The configuration of the honeypots resembles the typical three tier architecture of many real world Web servers. Our honeypots ran on the Windows XP operating system and featured attractive attack targets such as the Microsoft IIS Web server, MySQL database, and two Web 2.0-based applications (Wordpress and MediaWiki). This configuration allows for attacks on a component directly or through the other components. Our analysis includes detailed inspection of the network traffic and IIS logs as well as investigation of the System logs, where appropriate. We also develop a pattern recognition approach to classify TCP connections as port scans or vulnerability scans/attacks. Some of the conclusions of our analysis include: (1) the vast majority of malicious traffic was over the TCP protocol, (2) the majority of malicious traffic was targeted at Windows file sharing, HTTP, and SSH ports, (3) most attackers found our Web server through search-based strategies rather than IP-based strategies, (4) most of the malicious traffic was generated by a few unique attackers.
590 $a School code: 0256.
650 4 $a Web Studies. $3 1026830
650 4 $a Computer Science. $3 626642
690 $a 0646
690 $a 0984
710 2 $a West Virginia University. $3 1017532
773 0 $t Masters Abstracts International $g 48-02.
790 1 0 $a Goseva-Popstojanova, Katerina, $e advisor
790 $a 0256
791 $a M.S.
792 $a 2009
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=1471802