Biblioteca Digital do IPG: The Web Attacker Perspective – A Field Study

	Sobre o Repositório

Percorrer:
	Comunidades & Colecções
	Títulos
	Autores
	Assuntos
	Por Data

Entrar:
	Serviço de Alertas
	Meu Repositório utilizadores autorizados
	Editar Conta


	Guias

Biblioteca Digital do IPG >
Escola Superior de Tecnologia e Gestão (ESTG) >
Artigos em Acta de Conferência Internacional (ESTG) >

Utilize este identificador para referenciar este registo: http://hdl.handle.net/10314/2689

Título:	The Web Attacker Perspective – A Field Study
Autores:	Fonseca, José Martins
Palavras Chave:	Security Exploit Vulnerability Web application Field study
Data:	2010
Resumo:	Web applications are a fundamental pillar of today’s globalized world. Society depends and relies on them for business and daily life. However, web applications are under constant attack by hackers that exploit their vulnerabilities to access valuable assets and disrupt business. Many studies and reports on web application security problems analyze the victim’s perspective by detailing the vulnerabilities publicly disclosed. In this paper we present a field study on the attacker’s perspective by looking at over 300 real exploits used by hackers to attack web applications. Results show that SQL injection and Remote File Inclusion are the two most frequently used exploits and that hackers prefer easier rather than complicated attack techniques. Exploit and vulnerability data are also correlated to show that, although there are many types of vulnerabilities out there, only few are interesting enough for attackers to obtain what they want the most: root shell access and admin passwords.
URI:	http://hdl.handle.net/10314/2689
Aparece nas Colecções:	Artigos em Acta de Conferência Internacional (ESTG)

Ficheiros deste Registo:

Ficheiro	Descrição	Tamanho	Formato
JoséMartinsFonseca.pdf		623Kb	Adobe PDF	Ver/Abrir

Sugerir este item a um colega