User:Alosefer

From OWASP
Jump to: navigation, search

PhD Internet Security, Geek, Ethical Hacking, Developer, Linux, Founder, Entrepreneur. Brief Synopsis of Research: Malicious web pages attack users through their web browsers and the attack can occur even if the user only visits the web page; this type of attack is called a drive by download attack. This dissertation explores how web-based attacks work and how users can be protected from this type of attack based on the behaviour of a remote web server. We propose a system that is based on the use of client Honeypot technology. The client Honeypot is able to scan malicious web pages based on their behaviour and can therefore work as an anomaly detection system. The proposed system has three main models: state machine, clustering and prediction models. All these three models work together in order to protect users from known and unknown web-based attacks.