Loading...
Search for:
web-attack
0.004 seconds
Attack Detection in Web Applications Firewall by Learning from Application’s Source Code
, M.Sc. Thesis Sharif University of Technology ; Amini, Morteza (Supervisor)
Abstract
Due to increasing web-based attacks against web applications and inefficiency of intrusion detection and prevention systems for detecting and preventing web attacks in the application layer, web application firewalls (WAF) developed to deal with this problem. There are most common attacks affecting today’s web applications like SQL Injection (SQLi), Cross-Site Scripting (XSS) and Logical attacks. The Logical attack focuses on the abuse or exploitation of a web application’s logic flow, and unlike SQLi and XSS, it depends on the web application functionality. Nowadays, there are a lot of methods for designing a WAF which are divided into two categories: Signature-based and Anomaly-based...
Web Driven Alert Correlation
, M.Sc. Thesis Sharif University of Technology ; Jalili, Rasoul (Supervisor)
Abstract
With the growing deployment of host and network intrusion detection systems, analyzing generated alerts from these systems becomes critically important and challenging due to its complexity and high amount of data. A perfect intrusion detection system would be able to identify all the attacks without raising any false and non-relevant alarms. Unfortunately, false alarms are commonplace in intrusion detection systems. Non-relevant alerts, which are associated with attacks that were not successful, are also common. The process of identifying false and non-relevant alerts is called alert verification. Also nowadays, web applications are widely used in critical and important roles (e.g.,...
Web Application Attack Pattern Extraction using Deep Learning
, M.Sc. Thesis Sharif University of Technology ; Jalili, Rasool (Supervisor)
Abstract
One of the most important requirements in deploying a security system is to ensure the effectiveness and absence of bypass patterns. This is especially important for attack-based detection systems. One of the systems that has recently attracted the attention of network administrators is Web Application Firewall (WAF). The purpose of this thesis is to propose a deep learning approach to identify the pattern of SQL Injection (SQLi) attacks which could potentially bypass a WAF. We delve into the problem of detecting SQLi attacks among a very large dataset of existing SQL queries. To this end, we use one of the latest implementation of Recurrent Neural Network (RNN) called Long Short-Term Memory...
Web driven alert verification
, Article 2014 11th International ISC Conference on Information Security and Cryptology, ISCISC 2014 ; Sep , 2014 , p. 180-185 ; Sepahi, A ; Jalili, R ; Sharif University of Technology
Abstract
A web attack is an attack against a web server through the HTTP Protocol. By analyzing known web attacks, we find out that each one has its own behavior. Vestiges of their behavior could be detected in non-body parts of the HTTP Protocol. Such information can be used to verify web alerts generated by Web Application Firewalls (WAFs) and Web Intrusion Detection Systems (Web IDSs). In this paper, we propose a method to verify web alerts generated by mentioned sensors. The goal of the alert verification component is to eliminate or tag alerts that do not represent successful attacks. Our approach is based on analyzing HTTP Transaction metadata, including Request method, Request Headers, Status...