| Presentation | 2009-07-10 A Provider Provisioned Websites Protection Scheme against Malware Distribution Takeshi YAGI, Naoto TANIMOTO, Masaki HAMADA, Mitsutaka ITOH, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | This paper proposes a website protection scheme for service providers by analyzing accesses to web honeynets, which carry vulnerable web applications. Recently, vulnerabilities of web applications cause the security exposures of computer networks. In fact, a large number of websites are abused to attack other websites or user terminals. To perform these abuses, attackers make websites download malware by exploiting web application vulnerabilities. A web application firewall, which is used to protect websites, filters accesses from attackers by using signatures, which are generated by analyzing vulnerabilities and known attacks. However, it is difficult to improve accuracy of signature-based detection/filtering in the environment of a service provider where various configurations of websites coexist. In our proposal, websites are protected by using access information toward the web honeynets which is generated automatically and updated dynamically. In our proposal, any attacks including unknown attacks can be filtered without any analysis about vulnerabilities of web applications. By using a prototype system, we have confirmed that our method can detect attacks more accurately than the web application firewall. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | security / malware / web honeynets / websites / malware download sites |
| Paper # | IN2009-34 |
| Date of Issue |
| Conference Information | |
| Committee | IN |
|---|---|
| Conference Date | 2009/7/2(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information Networks (IN) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Provider Provisioned Websites Protection Scheme against Malware Distribution |
| Sub Title (in English) | |
| Keyword(1) | security |
| Keyword(2) | malware |
| Keyword(3) | web honeynets |
| Keyword(4) | websites |
| Keyword(5) | malware download sites |
| 1st Author's Name | Takeshi YAGI |
| 1st Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation() |
| 2nd Author's Name | Naoto TANIMOTO |
| 2nd Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation |
| 3rd Author's Name | Masaki HAMADA |
| 3rd Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation |
| 4th Author's Name | Mitsutaka ITOH |
| 4th Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation |
| Date | 2009-07-10 |
| Paper # | IN2009-34 |
| Volume (vol) | vol.109 |
| Number (no) | 119 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |