Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2013

Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web

Résumé

Web attacks are nowadays one of the major threats on the Internet, and several studies have analyzed them, providing details on how they are performed and how they spread. However, no study seems to have sufficiently analyzed the typical behavior of an attacker after a website has been compromised. This paper presents the design, implementation, and deployment of a network of 500 fully functional honeypot websites, hosting a range of different services, whose aim is to attract attackers and collect information on what they do during and after their attacks. In 100 days of experiments, our system automatically collected, normalized, and clustered over 85,000 files that were created during approximately 6,000 attacks. Labeling the clusters allowed us to draw a general picture of the attack landscape, identifying the behavior behind each action performed both during and after the exploitation of a web application.

Domaines

Informatique
Fichier principal
Vignette du fichier
canali_ndss13.pdf (509.8 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-00799082 , version 1 (11-03-2013)

Identifiants

  • HAL Id : hal-00799082 , version 1

Citer

Davide Canali, Davide Balzarotti. Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web. 20th Annual Network & Distributed System Security Symposium (NDSS 2013), Feb 2013, San Diego, United States. pp.n/a. ⟨hal-00799082⟩

Collections

EURECOM
1167 Consultations
2938 Téléchargements

Partager

Gmail Facebook X LinkedIn More