| Presentation | 2020-03-03 A research of HTTP request and an identification method of fake User-Agent values Masato Inoue, Masaki Hashimoto, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Almost all websites that are open to the public are subject to scan and attack, and have received a lot of anomaly requests. Most of the requests use fake User-Agent values to make them appear to browse by ordinary users. We analyzed the situation from nine months of logs of five new websites for the research. Based on the analysis results, we propose a detection method that sees through forgeries of User-Agent values claiming to be web browsers by other activities and identify normal and malicious accesses. In our experiment by the modified five websites for the research, and in our verification using externally provided data, the method identified fake User-Agent values with accuracy of over 90%. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | HTTP Request / User-Agent / Website / Log Analysis |
| Paper # | ICSS2019-83 |
| Date of Issue | 2020-02-24 (ICSS) |
| Conference Information | |
| Committee | ICSS / IPSJ-SPT |
|---|---|
| Conference Date | 2020/3/2(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Okinawa-Ken-Seinen-Kaikan |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Security, Trust, etc. |
| Chair | Hiroki Takakura(NII) |
| Vice Chair | Katsunari Yoshioka(Yokohama National Univ.) / Kazunori Kamiya(NTT) |
| Secretary | Katsunari Yoshioka(NICT) / Kazunori Kamiya(KDDI labs.) |
| Assistant | Keisuke Kito(Mitsubishi Electric) / Toshihiro Yamauchi(Okayama Univ.) |
| Paper Information | |
| Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A research of HTTP request and an identification method of fake User-Agent values |
| Sub Title (in English) | |
| Keyword(1) | HTTP Request |
| Keyword(2) | User-Agent |
| Keyword(3) | Website |
| Keyword(4) | Log Analysis |
| 1st Author's Name | Masato Inoue |
| 1st Author's Affiliation | INSTITUTE of INFORMATION SECURITY(IISEC) |
| 2nd Author's Name | Masaki Hashimoto |
| 2nd Author's Affiliation | INSTITUTE of INFORMATION SECURITY(IISEC) |
| Date | 2020-03-03 |
| Paper # | ICSS2019-83 |
| Volume (vol) | vol.119 |
| Number (no) | ICSS-437 |
| Page | pp.pp.91-96(ICSS), |
| #Pages | 6 |
| Date of Issue | 2020-02-24 (ICSS) |