One of the big challenges standing in front of security experts is to detect attacks that cannot easily be detected using signatures; remote file inclusion (RFI) is a good example of such an attack.
In the attached paper link (that I publicized in the past) I'm trying to present the challenges of accurately detecting RFI attacks.
In order to achieve detection of unknown variants of the RFI attack I'm trying to define a generic solution to the problem instead of specific solution for known vulnerabilities.
The solution is a generic rule set that will enable protecting applications from RFI attack.
Detecting remote file inclusion attack
No comments:
Post a Comment