{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,5,30]],"date-time":"2023-05-30T04:09:18Z","timestamp":1685419758363},"reference-count":0,"publisher":"National Library of Serbia","issue":"2","license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ComSIS","COMPUT SCI INF SYST","COMPUT SCI INFORM SY","COMPUTER SCI INFORM","COMSIS J"],"published-print":{"date-parts":[[2013]]},"abstract":"<jats:p>In this paper, we propose an improved detection scheme to protect a Web\n   server from detoured attacks, which disclose confidential\/ private\n   information or disseminate malware codes through outbound traffic. Our scheme\n   has a two-step hierarchy, whose detection methods are complementary to each\n   other. The first step is a signature-based detector that uses Snort and\n   detects the marks of disseminating malware, XSS, URL Spoofing and information\n   leakage from the Web server. The second step is an anomaly-based detector\n   which detects attacks by using the probability evaluation in HMM, driven by\n   both payload and traffic characteristics of outbound packets. Through the\n   verification analysis under the attacked Web server environment, we show that\n   our proposed scheme improves the False Positive rate and detection efficiency\n   for detecting detoured attacks to a Web server.<\/jats:p>","DOI":"10.2298\/csis120908026c","type":"journal-article","created":{"date-parts":[[2013,4,16]],"date-time":"2013-04-16T09:16:28Z","timestamp":1366103788000},"page":"633-649","source":"Crossref","is-referenced-by-count":3,"title":["Two-step hierarchical scheme for detecting detoured attacks to the web server"],"prefix":"10.2298","volume":"10","author":[{"given":"Byungha","family":"Choi","sequence":"first","affiliation":[{"name":"Graduate School, Dankook University Yongin, Gyeonggi, Korea"}]},{"given":"Kyungsan","family":"Cho","sequence":"additional","affiliation":[{"name":"Dept. of Software Science, Dankook University Yongin, Gyeonggi, Korea"}]}],"member":"1078","container-title":["Computer Science and Information Systems"],"original-title":[],"language":"en","deposited":{"date-parts":[[2023,5,29]],"date-time":"2023-05-29T08:30:58Z","timestamp":1685349058000},"score":1,"resource":{"primary":{"URL":"https:\/\/doiserbia.nb.rs\/Article.aspx?ID=1820-02141300026C"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"references-count":0,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2013]]}},"URL":"https:\/\/doi.org\/10.2298\/csis120908026c","relation":{},"ISSN":["1820-0214","2406-1018"],"issn-type":[{"value":"1820-0214","type":"print"},{"value":"2406-1018","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013]]}}}