| Presentation | 2016-03-03 An Actual Survey on Web Scanning by URI Co-occurrence Detection Yang Zhong, Shingo Orihara, Masaki Tanikawa, Hajime Shimada, Tutomu Murase, Hiroki Takakura, Yoshihito Oshima, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Attackers often try to scan vulnerable servers before actual attacks. Detecting vulnerability scans previously is effective because it enables web server administrators to take countermeasures to the attacks in advance. In this report, we discuss about our experimental/survey results of web scans against present web servers. Our detection method is based on URI Co-occurrence which appears in HTTP requests. We found that most of the detected scans targeted CMS web applications but there were also several scans targeting IoT devices. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Web Security / Vulnerability Scanning / URI / Co-occurrence |
| Paper # | ICSS2015-51 |
| Date of Issue | 2016-02-25 (ICSS) |
| Conference Information | |
| Committee | ICSS / IPSJ-SPT |
|---|---|
| Conference Date | 2016/3/3(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Academic Center for Computing and Media Studies, Kyoto University |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Information and Communication System Security, etc. |
| Chair | Yutaka Miyake(KDDI R&D Labs.) |
| Vice Chair | Takashi Nishide(Univ. of Tsukuba) / Yoshiaki Shiraishi(Kobe Univ.) |
| Secretary | Takashi Nishide(Mitsubishi Electric) / Yoshiaki Shiraishi(NII) |
| Assistant | Katsunari Yoshioka(Yokohama National Univ.) / Kazunori Kamiya(NTT) |
| Paper Information | |
| Registration To | Technical Committee on Information and Communication System Security / Special Interest Group on Security Psychology and Trust |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | An Actual Survey on Web Scanning by URI Co-occurrence Detection |
| Sub Title (in English) | |
| Keyword(1) | Web Security |
| Keyword(2) | Vulnerability Scanning |
| Keyword(3) | URI |
| Keyword(4) | Co-occurrence |
| 1st Author's Name | Yang Zhong |
| 1st Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
| 2nd Author's Name | Shingo Orihara |
| 2nd Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
| 3rd Author's Name | Masaki Tanikawa |
| 3rd Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
| 4th Author's Name | Hajime Shimada |
| 4th Author's Affiliation | Nagoya University(Nagoya Univ) |
| 5th Author's Name | Tutomu Murase |
| 5th Author's Affiliation | Nagoya University(Nagoya Univ) |
| 6th Author's Name | Hiroki Takakura |
| 6th Author's Affiliation | National Institude of Informatics(NII) |
| 7th Author's Name | Yoshihito Oshima |
| 7th Author's Affiliation | Nippon Telegraph and Telephone Corporation(NTT) |
| Date | 2016-03-03 |
| Paper # | ICSS2015-51 |
| Volume (vol) | vol.115 |
| Number (no) | ICSS-488 |
| Page | pp.pp.25-30(ICSS), |
| #Pages | 6 |
| Date of Issue | 2016-02-25 (ICSS) |