Title :
Preventing Attacks on Back-End Servers using Masquerading/Honeypots
Author :
Richardson, Theodor
Author_Institution :
Dept. of Comput. Sci. & Eng., South Carolina Univ., Columbia, SC
Abstract :
Perhaps the most significant threats remaining to Web-based applications are back-end server attacks. In general, back-end servers are separate entities that contain more sensitive information such as a database than front-end servers which connect directly to client machines; these front-end servers are typically insulated from such malicious endeavors as denial-of service (DoS) attacks by the ability to massively replicate interfaces. Back-end servers cannot be replicated in the same manner and typically contain sensitive information that is more desirable to attackers; for this reason, back-end servers must be protected from malicious attacks by more stringent means. In this paper, a protective model for back-end servers are be outlined that can provide: (1) network isolation from unauthorized traffic; (2) blacklisting of misbehaving client traffic; and (3) a limitation of the effectiveness of back-end DoS attacks. This is accomplished by the novel combination of honeypot deployment, honeypot masquerading, and strict authentication for back-end server access
Keywords :
Internet; authorisation; computer crime; Web-based applications; back-end server attack; denial-of service attack; honeypot deployment; honeypot masquerading; misbehaving client traffic blacklisting; network isolation; protective model; strict authentication; unauthorized traffic; Authentication; Computer crime; Computer science; Databases; Network servers; Permission; Protection; Telecommunication traffic; Traffic control; Web server;
Conference_Titel :
Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, 2006. SNPD 2006. Seventh ACIS International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
0-7695-2611-X
DOI :
10.1109/SNPD-SAWN.2006.57
