Please use this identifier to cite or link to this item:
https://rda.sliit.lk/handle/123456789/1726
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Perera, A. C | - |
dc.contributor.author | Kesavan, K | - |
dc.contributor.author | Bannakkotuwa, S. V | - |
dc.contributor.author | Liyanapathirana, C | - |
dc.contributor.author | Rupasinghe, L | - |
dc.date.accessioned | 2022-03-18T08:30:13Z | - |
dc.date.available | 2022-03-18T08:30:13Z | - |
dc.date.issued | 2016-12-08 | - |
dc.identifier.citation | A. C. Perera, K. Kesavan, S. V. Bannakkotuwa, C. Liyanapathirana and L. Rupasinghe, "E-commerce (WEB) Application Security: Defense against Reconnaissance," 2016 IEEE International Conference on Computer and Information Technology (CIT), 2016, pp. 732-742, doi: 10.1109/CIT.2016.105. | en_US |
dc.identifier.isbn | 978-1-5090-4314-9 | - |
dc.identifier.uri | http://rda.sliit.lk/handle/123456789/1726 | - |
dc.description.abstract | Intrusion Detection/prevention Systems and web application firewalls provide important layer(s) of security for web applications. Even though they are well configured and maintained continually with latest attack signatures and profiles, they often fail when it comes to reconnaissance because the requests of reconnaissance to the web server often take a form of legitimate requests and they are unpredictable. Addition of signatures of reconnaissance or learning legitimate request patterns used to identify reconnaissance are practically infeasible because of the time, resource and performance issues. On the other hand IDS, IPS and WAFs prioritize "attacks" over the "reconnaissance" - thus, it always tends to consider most of the reconnaissance as "events" not "incidents" which enables the adversaries to have a good understanding/profile of the web applications. The goal of this research is to analyze the reconnaissance patterns which can bypass security layers such as IDS/IPS or WAF and providing a solution which can handle the reconnaissance without hindering the performance of the application. The proposed solution is demonstrated as a plugin for a known PHP framework. | en_US |
dc.language.iso | en | en_US |
dc.publisher | IEEE | en_US |
dc.relation.ispartofseries | 2016 IEEE International Conference on Computer and Information Technology (CIT);Pages 732-742 | - |
dc.subject | E-commerce | en_US |
dc.subject | (WEB) Application Security | en_US |
dc.subject | Defense against | en_US |
dc.subject | Reconnaissance | en_US |
dc.title | E-commerce (WEB) Application security: Defense against Reconnaissance | en_US |
dc.type | Article | en_US |
dc.identifier.doi | 10.1109/CIT.2016.105 | en_US |
Appears in Collections: | Research Papers - Dept of Computer Systems Engineering Research Papers - IEEE Research Papers - SLIIT Staff Publications |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
E-commerce_WEB_Application_Security_Defense_against_Reconnaissance.pdf Until 2050-12-31 | 1.01 MB | Adobe PDF | View/Open Request a copy |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.