Show simple item record

dc.contributor.authorKoch, Williamen_US
dc.contributor.authorBestavros, Azeren_US
dc.date.accessioned2017-04-26T18:43:49Z
dc.date.available2017-04-26T18:43:49Z
dc.date.issued2016-11-11
dc.identifier.citationKoch, William; Bestavros, Azer. Hyp3rArmor: Reducing Web Application Exposure to Automated Attacks. Technical Report BU-CS-TR 2016-010, Computer Science Department, Boston University, November 11, 2016.
dc.identifier.urihttps://hdl.handle.net/2144/21788
dc.description.abstractWeb applications (webapps) are subjected constantly to automated, opportunistic attacks from autonomous robots (bots) engaged in reconnaissance to discover victims that may be vulnerable to specific exploits. This is a typical behavior found in botnet recruitment, worm propagation, largescale fingerprinting and vulnerability scanners. Most anti-bot techniques are deployed at the application layer, thus leaving the network stack of the webapp’s server exposed. In this paper we present a mechanism called Hyp3rArmor, that addresses this vulnerability by minimizing the webapp’s attack surface exposed to automated opportunistic attackers, for JavaScriptenabled web browser clients. Our solution uses port knocking to eliminate the webapp’s visible network footprint. Clients of the webapp are directed to a visible static web server to obtain JavaScript that authenticates the client to the webapp server (using port knocking) before making any requests to the webapp. Our implementation of Hyp3rArmor, which is compatible with all webapp architectures, has been deployed and used to defend single and multi-page websites on the Internet for 114 days. During this time period the static web server observed 964 attempted attacks that were deflected from the webapp, which was only accessed by authenticated clients. Our evaluation shows that in most cases client-side overheads were negligible and that server-side overheads were minimal. Hyp3rArmor is ideal for critical systems and legacy applications that must be accessible on the Internet. Additionally Hyp3rArmor is composable with other security tools, adding an additional layer to a defense in depth approach.en_US
dc.description.sponsorshipThis work has been supported by the National Science Foundation (NSF) awards #1430145, #1414119, and #1012798.en_US
dc.language.isoen_US
dc.publisherComputer Science Department, Boston Universityen_US
dc.relation.ispartofseriesBUCS Technical Reports;BUCS-TR-2016-010
dc.subjectQuality of Service (QoS)en_US
dc.subjectInternet servicesen_US
dc.subjectWeb securityen_US
dc.titleHyp3rArmor: reducing web application exposure to automated attacksen_US
dc.typeTechnical Reporten_US


This item appears in the following Collection(s)

Show simple item record