Title :
Designing a Taxonomy of Web Attacks
Author :
Lai, Jung-Ying ; Jain-Shing Wu ; Chen, Shih-Jen ; Chia-Huan Wu ; Yang, Chung-Huang
Author_Institution :
Grad. Inst. of Inf. & Comput. Educ., Nat. Kaohsiung Normal Univ., Kaohsiung
Abstract :
It has been discovered in recent years that the Internet attacks started by improper authorization on Web servers and Web applications. The top 10 Web vulnerabilities issued by OWASP and the top 20 security risks issued by SANS demonstrated that Web attacks is one of the most important network security problems. Therefore, with the help from Web attack taxonomy, we can classify the attack type with vulnerability characteristic and efficiently response with actions and find the characteristic. The new taxonomy proposed by this research is based on the HTTP method that include dangerous method such as PUT, DELETE, TRACE, and CONNECT. When threat events occur in network systems, we could more effectively categorize the possible malicious attacks with the proposed taxonomy.
Keywords :
Internet; security of data; Internet attacks; Web application; Web attacks taxonomy; Web server; Web vulnerabilities; improper authorization; network security problem; security risks; Application software; Authentication; Authorization; Computer networks; Computer science education; Databases; Information technology; Taxonomy; Web server; Web services; HTTP; Taxonomy; Web attack;
Conference_Titel :
Convergence and Hybrid Information Technology, 2008. ICHIT '08. International Conference on
Conference_Location :
Daejeon
Print_ISBN :
978-0-7695-3328-5
DOI :
10.1109/ICHIT.2008.280
