Towards Improving Web Attack Detection: Highlighting the Significant Factors

Wazzan, Majda; Awadh, Mohammad H.

doi:10.1109/icitcs.2015.7293028

Cited by 6 publications

(1 citation statement)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…is layer will force each request to comply with the HTTP/1.x standard to fulfill the requirement of protection for HTTP request smuggling. e design principle hinges on whenever each request containing malicious content is found, the socket will be immediately closed and not forwarded to the web server [11][12][13][14][15][16][17][18].…”

Section: Related Workmentioning

confidence: 99%

Attacking Websites: Detecting and Preventing HTTP Request Smuggling Attacks

Huang

Chiu

Chen

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Until the development of HTTP request smuggling in 2005, individual HTTP requests were considered as independent entities and could not be split or merged. This is a security problem caused by inconsistent content length interpretation approach between web servers, or the web server is not fully implemented in accordance with the RFC standard. It is especially dangerous for web services with complex web architectures. It can route the victims to receive malicious responses, amplify the impact of certain low-threat vulnerabilities, steal user credentials, or bypass network devices’ defenses. However, since its concept and implementation are quite difficult to overcome, it is often ignored by many network administrators, making users who browse such websites vulnerable to the HTTP request smuggling attacks. This paper proposes a general solution to deal with various HTTP request smuggling attacks. A reverse proxy implemented by Flask validates and cleans dubious HTTP requests from the client side and ensures that the original requests comply with RFC standards. Therefore, the website administrators no longer need to configure complicated network settings or customize some open-source project codes to resist or minimize the risk of the HTTP request smuggling attacks. A series of experiments demonstrate that this method is effective and practical.

show abstract