Angry birding: evaluating application exceptions as attack canaries

Research output: Contribution to conferencePosterpeer-review

2 Downloads (Pure)

Abstract

Application exceptions are anomalous events occurring within the application. These can be caused by common issues such as simple programming errors; however, they can also originate from the side-effects of a trial-and-error process used in active attacks. Utilising attacker-induced exceptions as a canary for intrusion detection has been demonstrated as a feasible technique for SQL injection detection, but this has not been applied to other types of attacks. This paper proposes an approach to consider attacker-induced application exceptions as attack canaries. The work is part of an ongoing investigation on integrating detective defences into applications through established development practices.
Original languageEnglish
Publication statusPublished - 10 Sep 2021
Event6th IEEE European Symposium on Security and Privacy - Online
Duration: 6 Sep 202110 Sep 2021
Conference number: 6th
https://www.ieee-security.org/TC/EuroSP2021/

Conference

Conference6th IEEE European Symposium on Security and Privacy
Abbreviated titleIEEE EuroS&P 2021
Period6/09/2110/09/21
Internet address

Cite this