Abstract:
In this paper, a method for identifying malicious requests is presented, based on an automatically constructed graph, representing users' transitions between the pages. S...Show MoreMetadata
Abstract:
In this paper, a method for identifying malicious requests is presented, based on an automatically constructed graph, representing users' transitions between the pages. Such a graph is built in real time, utilizing incoming requests, and - assuming that most of the users do not try to exploit the application - represents typical users' behaviors. The method was tested against six sets of log files collected from different servers, totaling over 4.5 million log entries and proved to identify a large number of vulnerability scans against the web sites. The results were compared against LORG.
Date of Conference: 21-23 June 2017
Date Added to IEEE Xplore: 20 July 2017
ISBN Information: