Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SAC
2010
ACM
2010
ACM
TokDoc: a self-healing web application firewall
The growing amount of web-based attacks poses a severe threat to the security of web applications. Signature-based detection techniques increasingly fail to cope with the variety and complexity of novel attack instances. As a remedy, we introduce a protocol-aware reverse HTTP proxy TokDoc (the token doctor), which intercepts requests and decides on a per-token basis whether a token requires automatic “healing”. In particular, we propose an intelligent mangling technique, which, based on the decision of previously trained anomaly detectors, replaces suspicious parts in requests by benign data the system has seen in the past. Evaluation of our system in terms of accuracy is performed on two realworld data sets and a large variety of recent attacks. In comparison to state-of-the-art anomaly detectors, TokDoc is not only capable of detecting most attacks, but also significantly outperforms the other methods in terms of false positives. Runtime measurements show that our implementatio...
Real-time TrafficApplied Computing | Intrusion Prevention | SAC 2010 | State-of-the-art Anomaly Detectors | Web Application |
| Added | 17 May 2010 |
| Updated | 17 May 2010 |
| Type | Conference |
| Year | 2010 |
| Where | SAC |
| Authors | Tammo Krueger, Christian Gehl, Konrad Rieck, Pavel Laskov |
Comments (0)
Researcher Info
|
