Hildebrand, 2021 - Google Patents
Automated Scanning for Web Cache Poisoning VulnerabilitiesHildebrand, 2021
View PDF- Document ID
- 17963791608763123176
- Author
- Hildebrand M
- Publication year
External Links
Snippet
Due to the ever-growing amount of discovered attack vectors and techniques to exploit them, it is important to test for vulnerabilities in an efficient way. Automated scanners help to cover the consistently growing attack surface. In this thesis, a self-developed scanner, which tests …
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11245662B2 (en) | Registering for internet-based proxy services | |
| Kals et al. | Secubat: a web vulnerability scanner | |
| Stasinopoulos et al. | Commix: automating evaluation and exploitation of command injection vulnerabilities in web applications | |
| US20090119769A1 (en) | Cross-site scripting filter | |
| CN107634967B (en) | A CSRFToken defense system and method for CSRF attack | |
| Ravindran et al. | A Review on Web Application Vulnerability Assessment and Penetration Testing. | |
| Gupta et al. | Robust injection point-based framework for modern applications against XSS vulnerabilities in online social networks | |
| Sharma et al. | SQL injection attacks-a systematic review | |
| Kollepalli et al. | An Experimental Study on Detecting and Mitigating Vulnerabilities in Web Applications. | |
| Lin et al. | The automatic defense mechanism for malicious injection attack | |
| Reti et al. | Scantrap: Protecting content management systems from vulnerability scanners with cyber deception and obfuscation | |
| Jovičić et al. | Common web application attack types and security using asp. net | |
| Jabiyev et al. | Gudifu: Guided differential fuzzing for HTTP request parsing discrepancies | |
| Hildebrand | Automated Scanning for Web Cache Poisoning Vulnerabilities | |
| Liang et al. | Internet's Invisible Enemy: Detecting and Measuring Web Cache Poisoning in the Wild | |
| Izagirre | Deception strategies for web application security: application-layer approaches and a testing platform | |
| Shelly | Using a web server test bed to analyze the limitations of web application vulnerability scanners | |
| Kilaru | Improving techniques for SQL injection defenses | |
| Akram et al. | Defense Mechanism Using Multilayered Approach and SQL Injection Methods for Web Based Attacks | |
| Shue et al. | Exploitable Redirects on the Web: Identification, Prevalence, and Defense. | |
| Jnena | Modern Approach for WEB Applications Vulnerability Analysis | |
| Loos | Automated Vulnerability Scanning for IDOR Detection | |
| Pechin | An Analysis of Successful SQLIA for Future Evolutionary Prediction | |
| Org et al. | D3. 1-CYBER RISK PATTERNS | |
| CHANG | A SECURITY ASSESSMENT OF EGOVERNMENT WEBSITE IN MALAYSIA |