{"title":"HTTP的流量监控和策略执行框架","authors":"M. N, Anna Thomas, Indu S, B. Bindhumadhava","doi":"10.1109/ISEA-ISAP49340.2020.235004","DOIUrl":null,"url":null,"abstract":"Due to the accessibility and popularity of Internet, web based applications are commonly used for providing different services to the users. At the same time, the simplicity to conduct attacks and the availability of several attack tools have made web applications the most common target for attackers. Hence monitoring and analysis of web applications require special attention. In this paper, we describe a policy enforcement and web attack detection framework for HTTP protocol. The proposed framework can monitor and analyze HTTP traffic to detect injection, misconfiguration and directory traversal attacks. Moreover, this framework can be used to enforce web application access policies involving content type, URL and device level access.","PeriodicalId":235855,"journal":{"name":"2020 Third ISEA Conference on Security and Privacy (ISEA-ISAP)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Traffic Monitoring and Policy Enforcement Framework for HTTP\",\"authors\":\"M. N, Anna Thomas, Indu S, B. Bindhumadhava\",\"doi\":\"10.1109/ISEA-ISAP49340.2020.235004\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Due to the accessibility and popularity of Internet, web based applications are commonly used for providing different services to the users. At the same time, the simplicity to conduct attacks and the availability of several attack tools have made web applications the most common target for attackers. Hence monitoring and analysis of web applications require special attention. In this paper, we describe a policy enforcement and web attack detection framework for HTTP protocol. The proposed framework can monitor and analyze HTTP traffic to detect injection, misconfiguration and directory traversal attacks. Moreover, this framework can be used to enforce web application access policies involving content type, URL and device level access.\",\"PeriodicalId\":235855,\"journal\":{\"name\":\"2020 Third ISEA Conference on Security and Privacy (ISEA-ISAP)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 Third ISEA Conference on Security and Privacy (ISEA-ISAP)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISEA-ISAP49340.2020.235004\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 Third ISEA Conference on Security and Privacy (ISEA-ISAP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISEA-ISAP49340.2020.235004","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Traffic Monitoring and Policy Enforcement Framework for HTTP
Due to the accessibility and popularity of Internet, web based applications are commonly used for providing different services to the users. At the same time, the simplicity to conduct attacks and the availability of several attack tools have made web applications the most common target for attackers. Hence monitoring and analysis of web applications require special attention. In this paper, we describe a policy enforcement and web attack detection framework for HTTP protocol. The proposed framework can monitor and analyze HTTP traffic to detect injection, misconfiguration and directory traversal attacks. Moreover, this framework can be used to enforce web application access policies involving content type, URL and device level access.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
