Top of page
Content Area

Cyber attack detection/triage technologies for Web servers

To handle cyber attacks against Web servers, NTT SPL is conducting research and development of technologies to detect unknown attacks (zero-day attacks) that cannot be detected by existing security appliances and technologies to evaluate alert severity by analyzing its impact.
(1) Zero-day attack detection technology that determines anomaly HTTP request as malicious.
(2) Alert triage technology that determines whether an attack was successful or not by correlating a security appliance alert with system events or HTTP request/response data.

OvervOverview of our analysis technologiesiewOverview of our analysis technologies

Related Articles

  • Yang Zhong, Hiroshi Asakura, Hiroki Takakura, Yoshihito Oshima, "An Anomaly Detection Method for Parameter Manipulation Attacks to Web Application", Computer Security Symposium 2014 (CSS2014)
  • Yang Zhong, Hiroshi Asakura, Hiroki Takakura, Yoshihito Oshima, "Detecting Malicious Inputs of Web Application Parameters Using Character Class Sequences", Computer Software and Applications Conference (COMPSAC), 2015 IEEE 39th Annual
  • Yang Zhong, Hiroshi Asakura, Masaki Tanikawa, Yoshihito Oshima, "A Log Correlation Method to Identify the Target and the Effect of Web Attacks", Computer Security Symposium 2015 (CSS2015)
  • Yang Zhong, Masaki Tanikawa, Yoshihito Oshima, "An Accurate Event Correlation Method for Identifying Influence of Web Attacks", 2016 Symposium on Cryptography and Information Security (SCIS2016)
  • Yang Zhong, Tohru, Sato, Masaki Tanikawa, "A Host based Intrusion Detection Method for Identifying Effective Web Attacks", Computer Security Symposium 2016
    (CSS2016)
  • Yang Zhong, Tohru, Sato, Masaki Tanikawa, "Towards Reducing False Positives of Host based Intrusion Detection by Static Code Analysis of Web Applications", IEICE Technical Report 116(522)
  • Yang Zhong, Kazufumi Aoki, Jun Miyoshi, Hajime Shimada, Hiroki Takakura, "AVT Lite: Detection Successful Web Attacks based-on Attack Code Emulation", Computer Security Symposium 2017
    (CSS2017)
  • Yo Kanemoto, Kazufumi Aoki, Makoto Iwamura, Jun Miyoshi, Daisuke Kotani, Hiroki Takakura, Yasuo Okabe, "Detecting Successful Attacks Based on Emulation of Remote Shellcodes", Computer Security Symposium 2018
    (CSS2018)
  • Yo Kanemoto, Kazufumi Aoki, Jun Miyoshi, Hajime Shimada, Hiroki Takakura, "Detecting Successful Attacks against Web Application based-on Attack Code Emulation", IPSJ Journal (Specially Selected Paper), 2019

Related Information

Footer Area

Copyright © 2018 Nippon Telegraph and Telephone Corporation