Design considerations for a honeypot for SQL injection Attacks

机译：用于SQL注入攻击的蜜罐的设计注意事项

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

SQL injection attacks continue to be a major problem for web applications. We investigate design considerations for an application layer honeypot to attract and learn about SQL injection attacks. The honeypot responds with indications of vulnerability leading attackers ultimately to disinformation that could be useful to track them. The honeypot restricts attackers from escalating the attack to the operating system or launching attacks on other systems. The honeypot could emulate the appearance of common defenses against SQL injection in order to seem more genuine. Finally, we describe considerations to implement an experimental honeypot with honeyd.

机译：SQL注入攻击仍然是Web应用程序的主要问题。我们调查应用程序层蜜罐的设计注意事项，以吸引并了解SQL注入攻击。蜜罐会以迹象表明存在漏洞，最终导致攻击者攻击可能有助于跟踪攻击者的虚假信息。蜜罐限制了攻击者将攻击升级到操作系统或对其他系统发起攻击。蜜罐可以模仿针对SQL注入的常见防御措施的外观，以便看起来更真实。最后，我们描述了使用honeyd实现实验蜜罐的注意事项。

著录项

来源
《Local Computer Networks, 2009. LCN 2009》|2009年|915-921|共7页
会议地点 Zurich(CH);Zurich(CH)
作者
Chen Thomas M.; Buford John;
展开▼
作者单位

School of Engineering, Swansea University, SA2 8PP, Wales, UK;

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词

相似文献

外文文献
中文文献
专利

1. SQL-injection vulnerability scanning tool for automatic creation of SQL-injection attacks [J] . Abdul Bashah Mat Ali, Ala’ Yaseen Ibrahim Shakhatreh, Mohd Syazwan Abdullah, Procedia Computer Science . 2011,第1期

机译：SQL注入漏洞扫描工具，用于自动创建SQL注入攻击
2. SQL Injection Attack classification through the feature extraction of SQL query strings using a Gap-Weighted String Subsequence Kernel [J] . Paul R. McWhirter, Kashif Kifayat, Qi Shi, Information Security Technical Report . 2018,第JUNa期

机译：通过使用Gap-Weighted字符串子序列内核提取SQL查询字符串的特征来进行SQL Injection Attack分类
3. SQLiGoT: Detecting SQL injection attacks using graph of tokens and SVM [J] . Debabrata Kar, Suvasini Panigrahi, Srikanth Sundararajan Computers & Security . 2016,第jula期

机译：SQLiGoT：使用令牌图和SVM检测SQL注入攻击
4. Design Considerations for a Honeypot for SQL Injection Attacks [C] . Thomas M. Chen, John Buford IEEE Conference on Local Computer Networks . 2009

机译：用于SQL注入攻击的蜜罐的设计考虑因素
5. Empirical studies based on honeypots for characterizing attackers behavior [D] . Sobesto, Bertrand 2015

机译：基于蜜罐的攻击者行为特征的实证研究
6. Vulnerability Assessment of IPv6 Websites to SQL Injection and Other Application Level Attacks [O] . Ying-Chiang Cho, Jen-Yi Pan 2013

机译：IPv6网站对SQL注入和其他应用程序级别攻击的漏洞评估
7. Generation of Sql-injection Free Secure Algorithm to Detect and Prevent Sql-Injection Attacks [O] . Natarajan Kanchana, Subramani Sarala 2012

机译：用于检测和防止Sql注入攻击的免费Sql注入安全算法的生成
8. Attack methodology Analysis: SQL Injection Attacks and Their Applicability to Control Systems [R] . 2005

机译：攻击方法分析：sQL注入攻击及其对控制系统的适用性

Design considerations for a honeypot for SQL injection Attacks

摘要

著录项

相似文献

相关主题

期刊订阅