• DocumentCode
    2813406
  • Title

    Designing a Taxonomy of Web Attacks

  • Author

    Lai, Jung-Ying ; Jain-Shing Wu ; Chen, Shih-Jen ; Chia-Huan Wu ; Yang, Chung-Huang

  • Author_Institution
    Grad. Inst. of Inf. & Comput. Educ., Nat. Kaohsiung Normal Univ., Kaohsiung
  • fYear
    2008
  • fDate
    28-30 Aug. 2008
  • Firstpage
    278
  • Lastpage
    282
  • Abstract
    It has been discovered in recent years that the Internet attacks started by improper authorization on Web servers and Web applications. The top 10 Web vulnerabilities issued by OWASP and the top 20 security risks issued by SANS demonstrated that Web attacks is one of the most important network security problems. Therefore, with the help from Web attack taxonomy, we can classify the attack type with vulnerability characteristic and efficiently response with actions and find the characteristic. The new taxonomy proposed by this research is based on the HTTP method that include dangerous method such as PUT, DELETE, TRACE, and CONNECT. When threat events occur in network systems, we could more effectively categorize the possible malicious attacks with the proposed taxonomy.
  • Keywords
    Internet; security of data; Internet attacks; Web application; Web attacks taxonomy; Web server; Web vulnerabilities; improper authorization; network security problem; security risks; Application software; Authentication; Authorization; Computer networks; Computer science education; Databases; Information technology; Taxonomy; Web server; Web services; HTTP; Taxonomy; Web attack;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Convergence and Hybrid Information Technology, 2008. ICHIT '08. International Conference on
  • Conference_Location
    Daejeon
  • Print_ISBN
    978-0-7695-3328-5
  • Type

    conf

  • DOI
    10.1109/ICHIT.2008.280
  • Filename
    4622838
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2813406