Actions
  • shareshare
  • link
  • cite
  • add
add
auto_awesome_motion View all 3 versions
Publication . Bachelor thesis . 2013

Analyzator utokov na webový server

Mižišin, Michal;
Restricted   Slovak  
Published: 01 Jan 2013
Country: Czech Republic
Abstract
Web server attack analyzer - Abstract The goal of this work was to create prototype of analyzer of injection flaws attacks on web server. Proposed solution combines capabilities of web application firewall and web server log analyzer. Analysis is based on configurable signatures defined by regular expressions. This paper begins with summary of web attacks, followed by detection techniques analysis on web servers, description and justification of selected implementation. In the end are characterized possibilities of further development in area of better results of false positives. Implemented detection of all proposed attacks did slow down server response time by 10% and was able to detect more than 99% SQL injection, Path traversal and SSI injection attacks contained in web application security scanners.
Subjects

web attack; xss; webový útok; sql injection; csrf; injection flaw

Related Organizations