Show simple item record

dc.contributor.authorKoch, William
dc.contributor.authorBestavros, Azer
dc.date.accessioned2017-04-26T18:43:49Z
dc.date.available2017-04-26T18:43:49Z
dc.date.issued2016-11-11
dc.identifier.citationKoch, William; Bestavros, Azer. Hyp3rArmor: Reducing Web Application Exposure to Automated Attacks. Technical Report BU-CS-TR 2016-010, Computer Science Department, Boston University, November 11, 2016.
dc.identifier.urihttps://hdl.handle.net/2144/21788
dc.description.abstractWeb applications (webapps) are subjected constantly to automated, opportunistic attacks from autonomous robots (bots) engaged in reconnaissance to discover victims that may be vulnerable to specific exploits. This is a typical behavior found in botnet recruitment, worm propagation, largescale fingerprinting and vulnerability scanners. Most anti-bot techniques are deployed at the application layer, thus leaving the network stack of the webapp’s server exposed. In this paper we present a mechanism called Hyp3rArmor, that addresses this vulnerability by minimizing the webapp’s attack surface exposed to automated opportunistic attackers, for JavaScriptenabled web browser clients. Our solution uses port knocking to eliminate the webapp’s visible network footprint. Clients of the webapp are directed to a visible static web server to obtain JavaScript that authenticates the client to the webapp server (using port knocking) before making any requests to the webapp. Our implementation of Hyp3rArmor, which is compatible with all webapp architectures, has been deployed and used to defend single and multi-page websites on the Internet for 114 days. During this time period the static web server observed 964 attempted attacks that were deflected from the webapp, which was only accessed by authenticated clients. Our evaluation shows that in most cases client-side overheads were negligible and that server-side overheads were minimal. Hyp3rArmor is ideal for critical systems and legacy applications that must be accessible on the Internet. Additionally Hyp3rArmor is composable with other security tools, adding an additional layer to a defense in depth approach.
dc.description.sponsorshipThis work has been supported by the National Science Foundation (NSF) awards #1430145, #1414119, and #1012798.
dc.language.isoen_US
dc.publisherComputer Science Department, Boston University
dc.relation.ispartofseriesBUCS Technical Reports;BUCS-TR-2016-010
dc.subjectQuality of Service (QoS)
dc.subjectInternet services
dc.subjectWeb security
dc.titleHyp3rArmor: reducing web application exposure to automated attacks
dc.typeTechnical Report


This item appears in the following Collection(s)

Show simple item record