Abstract
In today’s scenario, Web traffic is increasing everyday in the world and has overtaken P2P traffic. The Websites are getting hacked on daily basis. These rises in hacking activity pose a greater threat than the network attacks as they threaten to steal crucial and important information from Website. This information can be related to the users, employee, and other important data stored in applications and database linked to the Website. Increase in Web network traffic has opened new and more efficient attack vectors for the hackers and attackers to work with. Attackers take advantage of the vulnerability in traditional firewalls deployed on Website. These firewalls are not designed to protect Web applications; lots of Websites are getting attacked by malicious scripts and users. In this paper, many Web attacks are carried out on Web applications hosted on local server to analyze the log file created after the attacks. A Web application log file allows a detailed analysis of a user action. We have simulated some Web attacks using MATLAB. Results extracted from this process helps in the recognition of majority of the attacks and helps in prevention from further exploitation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
CERT. Advisory CA-2000-02: Malicious HTML tags embedded in client Web requests. Accessed from http://www.cert.org/advisories/CA-2000-02.html (2000)
Endler, D.: The evolution of cross site scripting attacks. Technical report, iDEFENSE Labs, (2002)
Berinato, S.: Software vulnerability disclosure: The chilling effect. Accessed from http://www.csoonline.com/article/221113/software-vulnerability-disclosure-the-chilling-effect (2007)
Aucsmith, D.: Creating and maintaining software that resists malicious attack. http://www.gtisc.gatech.edu/bioaucsmith.html. Accessed on Sept 2004. Distinguished Lecture Series (2004)
T. O. Foundation: Top ten most critical Web application vulnerabilities 2005. Accessed from http://www.owasp.org/documentation/topten.html (2005)
Singh, N, Singh, K, Raw, R.S.: Analysis of detection and prevention of various SQL injection attacks on Web applications. IJAIS 2(7), (2012)
Cross-Site Request Forgery: http://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF). Accessed on Nov 2011
OWASP Top 10 Application Security Risks: http://www.owasp.org/index.php/Top_10_2010-Main. Accessed on Nov 2011
Open Source Vulnerability Database (OSVDB): http://osvdb.org. Accessed on Nov 2011
Common Vulnerabilities and Exposures (CVE): http://cve.mitre.org. Accessed on Nov 2011
Joshila Grace, L.K., Maheswari, V., Nagamalai, D.: Analysis of Weblogs and Web user in Web mining. Int. J. Netw. Secur. Appl. (IJNSA) 3(1), (2011)
Pamnani, R., Chawan, P.: Web Usage Mining: A Research Area in Web Mining. Department of Computer Technology, VJTI University, Mumbai (2010)
Kuperman, B.A., Brodley, C.E., Ozdoganoglu, H., Vijaykumar, T.N., Jalote, A.: Detecting and prevention of stack buffer overflow attacks. Commun. ACM 48(11), 50–56 (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer India
About this paper
Cite this paper
Singh, N., Jain, A., Raw, R.S., Raman, R. (2014). Detection of Web-Based Attacks by Analyzing Web Server Log Files. In: Mohapatra, D.P., Patnaik, S. (eds) Intelligent Computing, Networking, and Informatics. Advances in Intelligent Systems and Computing, vol 243. Springer, New Delhi. https://doi.org/10.1007/978-81-322-1665-0_10
Download citation
DOI: https://doi.org/10.1007/978-81-322-1665-0_10
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-1664-3
Online ISBN: 978-81-322-1665-0
eBook Packages: EngineeringEngineering (R0)