Name
Abstract | ||
|---|---|---|
The application layer attacks on internet are increasing day by day and this alarming situation has forced organizations to formulate new policies to overall increase the immunity of their systems against growing nature of these attacks. Published surveys reported that 60-80% of web based attacks target the application layer and more than 90% of web applications are vulnerable to these attacks. One of such botnet is Gumblar that has affected many servers across the world. Gumblar scripts are embedded in .html, .js and .php files and infects other .php, .html and .js website files and ultimately leads to stealing FTP credentials and rapidly infecting other sites visited and halts the victim's machine as well. This paper presents proxy server based Gateway Access Permission system architecture and discuss in detail the light-weight based Gateway Access Permission (GAP) Technology. GAP counters Gumblar attacks, remote access Trojans, FTP Trojans and zero byte files through multidimensional strategies to provide full detection and removal functionality. It uses a multi-layered double detection policy to detect Gumblar malwares where it decodes and applies predefined functions on various patterns to check for the corrupted traces as well as update and manage a black list of corrupted URLs to enhance the organization's internal security. Evaluation results show accurate detection of Gumblar and its both in on-line and off-line mode. |
Year | DOI | Venue |
|---|---|---|
2012 | 10.1109/ICDCSW.2012.64 | ICDCS Workshops |
Keywords | Field | DocType |
gap counter,application layer,gumblar malwares,high assurance,gumblar attack,gateway access permission technology,gumblar script,gateway access permission system,multi-layered double detection policy,accurate detection,gateway access permission,full detection,servers,botnet,logic gates,internet,html,trojan,web applications,computer network security,embedded systems,gap | Permission,Botnet,Computer science,Computer security,Network security,Server,Computer network,Default gateway,Web application,The Internet,Proxy server | Conference |
Citations | PageRank | References |
0 | 0.34 | 4 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Khalid Mahmood | 1 | 270 | 39.43 |
| Hironao Takahashi | 2 | 89 | 15.09 |
| Yasukai Arakawa | 3 | 0 | 0.34 |