Sciweavers

ACSAC
2003
IEEE

A Stateful Intrusion Detection System for World-Wide Web Servers

14 years 4 months ago
A Stateful Intrusion Detection System for World-Wide Web Servers
Web servers are ubiquitous, remotely accessible, and often misconfigured. In addition, custom web-based applications may introduce vulnerabilities that are overlooked even by the most security-conscious server administrators. Consequently, web servers are a popular target for hackers. To mitigate the security exposure associated with web servers, intrusion detection systems are deployed to analyze and screen incoming requests. The goal is to perform early detection of malicious activity and possibly prevent more serious damage to the protected site. Even though intrusion detection is critical for the security of web servers, the intrusion detection systems available today only perform very simple analyses and are often vulnerable to simple evasion techniques. In addition, most systems do not provide sophisticated attack languages that allow a system administrator to specify custom, complex attack scenarios to be detected. This paper presents WebSTAT, an intrusion detection system that...
Giovanni Vigna, William K. Robertson, Vishal Kher,
Added 23 Aug 2010
Updated 23 Aug 2010
Type Conference
Year 2003
Where ACSAC
Authors Giovanni Vigna, William K. Robertson, Vishal Kher, Richard A. Kemmerer
Comments (0)