Preventing Attacks on Back-End Servers using Masquerading/Honeypots

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Theodor Richardson

Seventh ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD'06)

Las Vegas, Nevada

June 19-June 20

ISBN: 0-7695-2611-X

	ASCII Text	x
	Theodor Richardson, "Preventing Attacks on Back-End Servers using Masquerading/Honeypots," Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, International Conference on & Self-Assembling Wireless Networks, International Workshop on, pp. 381-388, Seventh ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD'06), 2006.

	BibTex	x
	@article{ 10.1109/SNPD-SAWN.2006.57, author = {Theodor Richardson}, title = {Preventing Attacks on Back-End Servers using Masquerading/Honeypots}, journal ={Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, International Conference on & Self-Assembling Wireless Networks, International Workshop on}, volume = {0}, year = {2006}, isbn = {0-7695-2611-X}, pages = {381-388}, doi = {http://doi.ieeecomputersociety.org/10.1109/SNPD-SAWN.2006.57}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, International Conference on & Self-Assembling Wireless Networks, International Workshop on TI - Preventing Attacks on Back-End Servers using Masquerading/Honeypots SN - 0-7695-2611-X SP381 EP388 A1 - Theodor Richardson, PY - 2006 KW - null VL - 0 JA - Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, International Conference on & Self-Assembling Wireless Networks, International Workshop on ER -

Theodor Richardson, University of South Carolina, Columbia, SC

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SNPD-SAWN.2006.57

Perhaps the most significant threats remaining to web-based applications are back-end server attacks. In general, back-end servers are separate entities that contain more sensitive information such as a database than front-end servers which connect directly to client machines; these front-end servers are typically insulated from such malicious endeavors as Denial-of- Service (DoS) attacks by the ability to massively replicate interfaces. Back-end servers cannot be replicated in the same manner and typically contain sensitive information that is more desirable to attackers; for this reason, back-end servers must be protected from malicious attacks by more stringent means. In this paper, a protective model for back-end servers will be outlined that can provide (1) network isolation from unauthorized traffic, (2) blacklisting of misbehaving client traffic, and (3) a limitation of the effectiveness of back-end DoS attacks. This is accomplished by the novel combination of honeypot deployment, honeypot masquerading, and strict authentication for back-end server access.

Citation:

Theodor Richardson, "Preventing Attacks on Back-End Servers using Masquerading/Honeypots," snpd-sawn, pp.381-388, Seventh ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.