Paper Abstract and Keywords |
Presentation |
2016-03-03 15:30
Detection of Vulnerability Scanning Using Features of Collective Accesses Collected from Several Honeypots Naomi Kuze, Shu Ishikura (Osaka Univ.), Takeshi Yagi, Daiki Chiba (NTT), Masayuki Murata (Osaka Univ.) ICSS2015-55 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
Attacks against websites are increasing rapidly with the expansion of web services. Diversifying web services make it difficult to prevent such attacks due to many unknown vulnerabilities in websites. To overcome this problem, we need to collect the most recent attacks using decoy web honeypots and to implement countermeasures against malicious threats. Web honeypots collect not only malicious accesses but also benign accesses such as those by web crawlers. Therefore, it is essential to identify automatically malicious accesses from mixed collected data. Specifically, detecting vulnerability scanning, which is a preliminary process of web attacks, is important for preventing attacks. In this study, we focused on classification of web crawler and vulnerability scanning since these are too similar to be identified. We propose feature vectors including features of collective accesses obtained with multiple honeypots deployed in different networks. Through our evaluation, we show that features of collective accesses are advantageous for web crawler and vulnerability scanning classification. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Intrusion detection / Web attacks / Classification / Features of collective accesses / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 115, no. 488, ICSS2015-55, pp. 47-52, March 2016. |
Paper # |
ICSS2015-55 |
Date of Issue |
2016-02-25 (ICSS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ICSS2015-55 |
Conference Information |
Committee |
ICSS IPSJ-SPT |
Conference Date |
2016-03-03 - 2016-03-04 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Academic Center for Computing and Media Studies, Kyoto University |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
Information and Communication System Security, etc. |
Paper Information |
Registration To |
ICSS |
Conference Code |
2016-03-ICSS-SPT |
Language |
Japanese |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
Detection of Vulnerability Scanning Using Features of Collective Accesses Collected from Several Honeypots |
Sub Title (in English) |
|
Keyword(1) |
Intrusion detection |
Keyword(2) |
Web attacks |
Keyword(3) |
Classification |
Keyword(4) |
Features of collective accesses |
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Naomi Kuze |
1st Author's Affiliation |
Osaka University (Osaka Univ.) |
2nd Author's Name |
Shu Ishikura |
2nd Author's Affiliation |
Osaka University (Osaka Univ.) |
3rd Author's Name |
Takeshi Yagi |
3rd Author's Affiliation |
Nippon Telegraph and Telephone Corporation (NTT) |
4th Author's Name |
Daiki Chiba |
4th Author's Affiliation |
Nippon Telegraph and Telephone Corporation (NTT) |
5th Author's Name |
Masayuki Murata |
5th Author's Affiliation |
Osaka University (Osaka Univ.) |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2016-03-03 15:30:00 |
Presentation Time |
30 minutes |
Registration for |
ICSS |
Paper # |
ICSS2015-55 |
Volume (vol) |
vol.115 |
Number (no) |
no.488 |
Page |
pp.47-52 |
#Pages |
6 |
Date of Issue |
2016-02-25 (ICSS) |
|