DocumentCode :
2151108
Title :
Improving the Defence against Web Server Fingerprinting by Eliminating Compliance Variation
Author :
Yang, Ke-Xin ; Hu, Liang ; Zhang, Ning ; Huo, Yan-Mei ; Zhao, Kuo
Author_Institution :
´´Coll. of Comput. Sci. & Technol., Jilin Univ., Changchun, China
fYear :
2010
fDate :
18-22 Aug. 2010
Firstpage :
227
Lastpage :
232
Abstract :
Most successful cyber attacks begin with successful information gathering. Now more and more Web servers try to hide their identities by removing product tokens in the “Server” header in their responses discreetly, but that fails because of some Web fingerprinting tools. Some tools try to defeat these fingerprinting tools by changing Web servers´ headers order or adding/removing some headers, but, as analyzed in this paper, those measures cannot change Web servers´ inner behavioural characteristics and so fail in anti-fingerprinting. In this paper we argue that eliminating compliance variation among Web servers is a better way against Web server fingerprinting.
Keywords :
Internet; computer network security; computer viruses; conformance testing; data acquisition; file servers; fingerprint identification; Web servers; compliance variation elimination; cyber attacks; fingerprinting tools; information gathering; Fingerprint recognition; Protocols; Security; Software; Web server; Web sites; Web attack; Web emulation; compliant variation; fingerprinting; information gathering;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Frontier of Computer Science and Technology (FCST), 2010 Fifth International Conference on
Conference_Location :
Changchun, Jilin Province
Print_ISBN :
978-1-4244-7779-1
Type :
conf
DOI :
10.1109/FCST.2010.91
Filename :
5576297
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2151108
بازگشت