Aggressive web application honeypot for exposing attacker's identity

Supeno Djanali; Fx Arunanto; Baskoro Adi Pratomo; Abdurrazak Baihaqi; Hudan Studiawan; Ary Mazharuddin Shiddiqi

doi:10.1109/ICITACEE.2014.7065744

Aggressive web application honeypot for exposing attacker's identity

Supeno Djanali, Fx Arunanto, Baskoro Adi Pratomo, Abdurrazak Baihaqi, Hudan Studiawan, Ary Mazharuddin Shiddiqi

Institut Teknologi Sepuluh Nopember

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

21 Citations (Scopus)

Abstract

Attackers are most likely to exploit invalidated and unsanitized user input with several attacks such as cross-site scripting (XSS) or SQL injection. Many methods were proposed to prevent those attacks. Some of them were created to learn about pattern and behavior of the attacker. That is honeypot. Honeypot is classified into two types based on the simulation that honeypot can do: low interaction and high interaction.

Original language	English
Title of host publication	2014 1st International Conference on Information Technology, Computer, and Electrical Engineering
Subtitle of host publication	Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings
Editors	Mochammad Facta, R. Rizal Isnanto, Munawar Agus Riyadi, Dania Eridani
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	212-216
Number of pages	5
ISBN (Electronic)	9781479964314
DOIs	https://doi.org/10.1109/ICITACEE.2014.7065744
Publication status	Published - 23 Mar 2015
Event	2014 1st International Conference on Information Technology, Computer, and Electrical Engineering, ICITACEE 2014 - Semarang, Indonesia Duration: 8 Nov 2014 → 9 Nov 2014

Publication series

Name	2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings

Conference

Conference	2014 1st International Conference on Information Technology, Computer, and Electrical Engineering, ICITACEE 2014
Country/Territory	Indonesia
City	Semarang
Period	8/11/14 → 9/11/14

Keywords

LikeJacking
SQL injection
cross-site scripting
web application honeypot

Access to Document

10.1109/ICITACEE.2014.7065744

Cite this

Djanali, S., Arunanto, F., Pratomo, B. A., Baihaqi, A., Studiawan, H., & Shiddiqi, A. M. (2015). Aggressive web application honeypot for exposing attacker's identity. In M. Facta, R. R. Isnanto, M. A. Riyadi, & D. Eridani (Eds.), 2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings (pp. 212-216). Article 7065744 (2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICITACEE.2014.7065744

Djanali, Supeno ; Arunanto, Fx ; Pratomo, Baskoro Adi et al. / Aggressive web application honeypot for exposing attacker's identity. 2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings. editor / Mochammad Facta ; R. Rizal Isnanto ; Munawar Agus Riyadi ; Dania Eridani. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 212-216 (2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings).

@inproceedings{4ca542a1a1e64a6da6d0e2bd1ed82945,

title = "Aggressive web application honeypot for exposing attacker's identity",

abstract = "Attackers are most likely to exploit invalidated and unsanitized user input with several attacks such as cross-site scripting (XSS) or SQL injection. Many methods were proposed to prevent those attacks. Some of them were created to learn about pattern and behavior of the attacker. That is honeypot. Honeypot is classified into two types based on the simulation that honeypot can do: low interaction and high interaction.",

keywords = "LikeJacking, SQL injection, cross-site scripting, web application honeypot",

author = "Supeno Djanali and Fx Arunanto and Pratomo, {Baskoro Adi} and Abdurrazak Baihaqi and Hudan Studiawan and Shiddiqi, {Ary Mazharuddin}",

note = "Publisher Copyright: {\textcopyright} 2014 IEEE.; 2014 1st International Conference on Information Technology, Computer, and Electrical Engineering, ICITACEE 2014 ; Conference date: 08-11-2014 Through 09-11-2014",

year = "2015",

month = mar,

day = "23",

doi = "10.1109/ICITACEE.2014.7065744",

language = "English",

series = "2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "212--216",

editor = "Mochammad Facta and Isnanto, {R. Rizal} and Riyadi, {Munawar Agus} and Dania Eridani",

booktitle = "2014 1st International Conference on Information Technology, Computer, and Electrical Engineering",

address = "United States",

}

Djanali, S, Arunanto, F, Pratomo, BA, Baihaqi, A, Studiawan, H & Shiddiqi, AM 2015, Aggressive web application honeypot for exposing attacker's identity. in M Facta, RR Isnanto, MA Riyadi & D Eridani (eds), 2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings., 7065744, 2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings, Institute of Electrical and Electronics Engineers Inc., pp. 212-216, 2014 1st International Conference on Information Technology, Computer, and Electrical Engineering, ICITACEE 2014, Semarang, Indonesia, 8/11/14. https://doi.org/10.1109/ICITACEE.2014.7065744

Aggressive web application honeypot for exposing attacker's identity. / Djanali, Supeno; Arunanto, Fx; Pratomo, Baskoro Adi et al.
2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings. ed. / Mochammad Facta; R. Rizal Isnanto; Munawar Agus Riyadi; Dania Eridani. Institute of Electrical and Electronics Engineers Inc., 2015. p. 212-216 7065744 (2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Aggressive web application honeypot for exposing attacker's identity

AU - Djanali, Supeno

AU - Arunanto, Fx

AU - Pratomo, Baskoro Adi

AU - Baihaqi, Abdurrazak

AU - Studiawan, Hudan

AU - Shiddiqi, Ary Mazharuddin

PY - 2015/3/23

Y1 - 2015/3/23

N2 - Attackers are most likely to exploit invalidated and unsanitized user input with several attacks such as cross-site scripting (XSS) or SQL injection. Many methods were proposed to prevent those attacks. Some of them were created to learn about pattern and behavior of the attacker. That is honeypot. Honeypot is classified into two types based on the simulation that honeypot can do: low interaction and high interaction.

AB - Attackers are most likely to exploit invalidated and unsanitized user input with several attacks such as cross-site scripting (XSS) or SQL injection. Many methods were proposed to prevent those attacks. Some of them were created to learn about pattern and behavior of the attacker. That is honeypot. Honeypot is classified into two types based on the simulation that honeypot can do: low interaction and high interaction.

KW - LikeJacking

KW - SQL injection

KW - cross-site scripting

KW - web application honeypot

UR - http://www.scopus.com/inward/record.url?scp=84927935775&partnerID=8YFLogxK

U2 - 10.1109/ICITACEE.2014.7065744

DO - 10.1109/ICITACEE.2014.7065744

M3 - Conference contribution

AN - SCOPUS:84927935775

T3 - 2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings

SP - 212

EP - 216

BT - 2014 1st International Conference on Information Technology, Computer, and Electrical Engineering

A2 - Facta, Mochammad

A2 - Isnanto, R. Rizal

A2 - Riyadi, Munawar Agus

A2 - Eridani, Dania

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2014 1st International Conference on Information Technology, Computer, and Electrical Engineering, ICITACEE 2014

Y2 - 8 November 2014 through 9 November 2014

ER -

Djanali S, Arunanto F, Pratomo BA, Baihaqi A, Studiawan H , Shiddiqi AM. Aggressive web application honeypot for exposing attacker's identity. In Facta M, Isnanto RR, Riyadi MA, Eridani D, editors, 2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings. Institute of Electrical and Electronics Engineers Inc. 2015. p. 212-216. 7065744. (2014 1st International Conference on Information Technology, Computer, and Electrical Engineering: Green Technology and Its Applications for a Better Future, ICITACEE 2014 - Proceedings). doi: 10.1109/ICITACEE.2014.7065744

Aggressive web application honeypot for exposing attacker's identity

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this