A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Detecting and Exploiting Second Order Denial-of-Service Vulnerabilities in Web Applications
2015
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS '15
Preserved Fulltext
The main contribution of this paper is a static analysis for detecting second-order DoS vulnerabilities in web applications. ...
We have implemented our analysis in a tool called Torpedo, and we show that Torpedo can successfully detect second-order DoS vulnerabilities in widely used web applications written in PHP. ...
This work was funded in part by AFRL Award FA8750-15-2-0096 and NSF grants CNS-1138506 and DRL-1441009. ...
doi:10.1145/2810103.2813680
dblp:conf/ccs/OlivoDL15
fatcat:6ualke5awberlnokteo4bgqvmm
CloudZombie: Launching and Detecting Slow-Read Distributed Denial of Service Attacks from the Cloud
2015
2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
It is a new type of application-layer denial of service attacks that exploits vulnerabilities in the HTTP protocol in order to make services inaccessible for legitimate users on a target machine. ...
As the Cloud is becoming more ubiquitous and less expensive to utilize, a new class of denial of service attacks is emerging. ...
Finally, we would like to thank the anonymous reviewers for their insightful and constructive comments. ...
doi:10.1109/cit/iucc/dasc/picom.2015.261
dblp:conf/IEEEcit/ShafieianZH15
fatcat:65n4pxdf7nbn3chquanuhtichm
[Preprint] ObjectMap: Detecting Insecure Object Deserialization
2019
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We aim to fill this gap by proposing ObjectMap, an extendable tool for the detection of deserialization and object injection vulnerabilities in Java and PHP based web applications. ...
In recent years there is a surge of serialization-based vulnerabilities in web applications which have led to serious incidents, exposing private data of millions of individuals. ...
and application denial of service, depending on the context ...
doi:10.5281/zenodo.3553676
fatcat:xftaoool4rgcdjckkbzlg7ymo4
Detection of Firewall Fingerprinting and Vulnerability Prevention by Denial of Attacks on Web Application
2019
IJARCCE
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Hackers / intruders exploit the firewall (host based) using malicious scripts and access the server / applications. In this project, we analyse firewall finger printing and denial of firewalling. ...
Firewalls are most important and critical devices which provides securities against all vulnerabilities. Firewall handles all the traffic in and out of the network. ...
An intruder however can use banner grabbing in order to find network hosts that are running versions of applications and operating systems with known exploits.
D. ...
doi:10.17148/ijarcce.2019.8254
fatcat:azz4f3wjizf4jlspbrh4lmnmfu
SensorWebIDS: a web mining intrusion detection system
2008
International Journal of Web Information Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2009; you can also visit the original URL.
The file type is application/pdf.
Jingyu Dong received his M.Sc. in Computer Science from the University of Windsor, in Fall 2006 in the area of data mining for web intrusion detection, under the supervision of Dr. Christie I. ...
He has been employed in the industry working in network, database and web related embedded system programming for a number of years now and is currently with Amazon.com. ...
Such an attack can be detected by monitoring the failed login attempts in a period of time. 3. Denial of Service Attack: DoS attacks can be performed on most modern software and operating systems. ...
doi:10.1108/17440080810865648
fatcat:gxvkfmm535gbfaxpjaid2idmje
API Vulnerabilities In Cloud Computing Platform: Attack And Detection
English
2020
International Journal of Engineering Trends and Technoloy
English
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
This paper presents the topic of API Vulnerabilities in Cloud Computing Platform: Attack and Detection. We will discuss the vulnerabilities of the API in cloud management software. ...
Once exploited, it can cause security issue and disrupt the availability of services running on the cloud infrastructure. ...
To address the threat due to the vulnerabilities of the API, we need to detect on-going attack which exploits the vulnerabilities. ...
doi:10.14445/22315381/cati1p202
fatcat:mvtgzmrdrvgklnipjp73rvbx2m
Intrusion Tolerance of Stealth DoS Attacks to Web Services
[chapter]
2012
IFIP Advances in Information and Communication Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
This paper focuses on one of the most harmful categories of Denial of Service attacks, commonly known in the literature as "stealth" attacks. ...
They are performed avoiding to send significant volumes of data, by injecting into the network a low-rate flow of packets in order to evade rate-controlling detection mechanisms. ...
Acknowledgment This research is partially supported by FP7-ICT-2009-5-256910 (mOSAIC) project and the MIUR-PRIN 2008 project "Cloud@Home". ...
doi:10.1007/978-3-642-30436-1_52
fatcat:7egoaerz7jf7haudnrfuti36qi
A Case Study of the Impact of Denial of Service Attacks in Cloud Applications
2019
Journal of Communications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
the impact of DoS attacks in cloud applications. ...
Among the numerous cloud attacks that can target the cloud computing systems, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks can cause a major problem in cloud security. ...
He is interested also in the subject of quality assurance in research and education. Currently he is a Lecturer at the IT dept., FCI, Assiut Univ. E-mail: itajeddin@aun.edu.eg; islam_t@hotmail.com. ...
doi:10.12720/jcm.14.2.153-158
fatcat:rnk2hl6td5gdrhqejytzbnqsue
The solution of denial of service attack on ordered broadcast Intent
2014
16th International Conference on Advanced Communication Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Denial of service (DoS) attack on ordered broadcasts is a typical attack that exploits vulnerabilities of message passing. ...
In this paper, we propose a security framework for detecting DoS attacks on ordered broadcasts. ...
There is a typical attack that exploits vulnerabilities of ordered broadcast Intents, called denial of service (DoS) attack on ordered broadcasts. ...
doi:10.1109/icact.2014.6778989
fatcat:atuqsezpbbgzbenjau5jsyfmii
XSD DDoS Trace Handler in Web Service Environment
2015
Journal of Software
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Web services became a crucial tool for most of the Internet and Intranet applications and distributed systems due to its interoperability. ...
Currently he is pursing research in SOA and web service security. K. ...
proposing an effective methodology of utilizing the physical address to detect the unsolicited user and examining the XML with schema and by encoding strategies. ...
doi:10.17706//jsw.10.9.1086-1095
fatcat:e6dhzxgzcvdevosakcb6kc67v4
XSD DDoS Trace Handler in Web Service Environment
2015
Journal of Software
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Web services became a crucial tool for most of the Internet and Intranet applications and distributed systems due to its interoperability. ...
Currently he is pursing research in SOA and web service security. K. ...
proposing an effective methodology of utilizing the physical address to detect the unsolicited user and examining the XML with schema and by encoding strategies. ...
doi:10.17706/jsw.10.9.1086-1095
fatcat:zwzurtohj5ajzjf7bry3bjvudu
Method of analyzing computer traffic based on recurrent neural networks
2019
Journal of Physics, Conference Series
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
There overview of perspective approaches for analyzing network traffic in order to detect attacks is provided. The authors investigated the largest and currently the most relevant CICIDS2018 dataset. ...
The methods of dealing with the class imbalance in a dataset by adapting the Focal Loss function to the problem of traffic analysis are considered. ...
, botnet attack, denial of service attack, distributed denial of service attack, attack on web applications, as well as inside network attack via backdoor in one of the client hosts. ...
doi:10.1088/1742-6596/1353/1/012133
fatcat:rzuydtyo7bf4nbmqo3kkle6b3m
Attacks on Web Services Need to Secure XML on Web
2013
Computer Science & Engineering An International Journal
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Several attacks use XML and most of them lies in the category of XML injection.XML based attacks discussed in this study covered a variety of attacks for example Denial of Services and Data Theft, escalation ...
Web Services are the newest mechanism of communication among applications. Web Services are independent of both hardware and software infrastructure, they are very flexible and scalable. ...
A lot of attacks which are discussed in this study exploits vulnerabilities related to xml processing and since web service highly depends on xml those attacks can easily be mounted on web services. ...
doi:10.5121/cseij.2013.3501
fatcat:yxiiwzvfabeubia273f6ttlm4e
A new taxonomy of Web attacks suitable for efficient encoding
2003
Computers & security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Applications of the taxonomy and the encoding scheme are described, such as intrusion detection systems and application firewalls. ...
As an effort in this direction, a new taxonomy of web attacks is proposed in this paper, with the objective of obtaining a useful reference framework for security applications. ...
In the second case, the attack will exploit vulnerabilities in the web server or the web application to stop normal service. ...
doi:10.1016/s0167-4048(03)00512-1
fatcat:oxlgtlanfbgthmuqsp3eqgh27e
Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities
2009
2009 22nd IEEE Computer Security Foundations Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
As networked systems grow in complexity, they are increasingly vulnerable to denial-of-service (DoS) attacks involving resource exhaustion. ...
These DoS attacks exploit the semantics of the target application, are rarely associated with network traffic anomalies, and are thus extremely difficult to detect using conventional methods. ...
Detecting software defects that can be exploited to cause denial of service is a challenging task. ...
doi:10.1109/csf.2009.13
dblp:conf/csfw/ChangJISS09
fatcat:xyjzghrecna5jjryuhdgphrq4y
« Previous
Showing results 1 — 15 out of 10,746 results