Detecting and Defending against Web-Server Fingerprinting

Dustin Lee; Jeff Rowe; Calvin Ko; Karl Levitt

doi:10.1109/CSAC.2002.1176304

Computer Security Applications Conference, Annual

Detecting and Defending against Web-Server Fingerprinting

Year: 2002, Pages: 321

DOI Bookmark: 10.1109/CSAC.2002.1176304

Authors

Dustin Lee, University of California, Davis
Jeff Rowe, University of California, Davis
Calvin Ko, Network Associates, Inc.
Karl Levitt, University of California, Davis

Abstract

Cyber attacks continue to increase in sophistication. Advanced attackers often gather information about a target system before launching a precise attack to exploit a discovered vulnerability. This paper discusses techniques for remote identification of web servers and suggests possible defenses to the probing activity. General concepts of fingerprinting and their application to the identification of Web servers, even where server information has been omitted are described and methodologies for detecting and limiting such activity are discussed.

Like what you’re reading?

Already a member?

Get this article FREE with a new membership!

Rapdos: A RFID Authentication Protocol for Defending against DoS
2012 Fourth International Conference on Computational and Information Sciences
Improving the Defence against Web Server Fingerprinting by Eliminating Compliance Variation
2010 Fifth International Conference on Frontier of Computer Science and Technology (FCST 2010)
Detecting and Defending against Worm Attacks Using Bot-honeynet
Electronic Commerce and Security, International Symposium
A Defending Mechanism against DDoS Based on Registration and Authentication
2008 9th International Conference for Young Computer Scientists
Detecting protected links to keep reachability to server against failures
2013 International Conference on Information Networking (ICOIN)
Defending against rogue base station attacks using wavelet based fingerprinting
2009 IEEE/ACS International Conference on Computer Systems and Applications
A New Perspective in Defending against DDoS
10th IEEE International Workshop on Future Trends of Distributed Computing Systems
Defending against Speaker Fingerprinting Based Device Tracking for Smartphones
2017 IEEE Symposium on Privacy-Aware Computing (PAC)
Defending Against Targeted Poisoning Attacks in Federated Learning
2022 IEEE 4th International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA)
Defending Web Servers Against Flash Crowd Attacks
2019 IEEE 27th International Conference on Network Protocols (ICNP)

Detecting and Defending against Web-Server Fingerprinting

Authors

Abstract

Related Articles