HTTPFuzz: Web Server Fingerprinting with HTTP Request Fuzzing

Animesh Kar; Andrei Natadze; Enrico Branca; Natalia Stakhanova

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

HTTPFuzz: Web Server Fingerprinting with HTTP Request Fuzzing

Topics: Information Hiding; Machine Learning and AI Security; Security and Privacy in Web Services

In Proceedings of the 19th International Conference on Security and Cryptography SECRYPT - Volume 1, 261-271, 2022 , Lisbon, Portugal

Authors: Animesh Kar ; Andrei Natadze ; Enrico Branca and Natalia Stakhanova

Affiliation: Department of Computer Science, University of Saskatchewan, Saskatoon, Canada

Keyword(s): Web Server Fingerprinting, Protocol Fuzzing.

Abstract: Web server-based fingerprinting is a type of fingerprinting that allows security practitioners, penetration testers, and attackers to distinguish between servers based on the set of information these servers disclose. A common approach to hide this information is to apply fingerprinting mitigating techniques. In this work, we present a new approach for fingerprinting web server software irrespective of the applied fingerprinting mitigation techniques. The premise of our approach is based on the simple insight, i.e., web servers handle different types of HTTP requests differently. We use the fuzzing approach for intelligent and adaptive selection of HTTP requests that are able to provoke servers to disclose their service-level information.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.189.171.137

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Kar, A., Natadze, A., Branca, E. and Stakhanova, N. (2022). HTTPFuzz: Web Server Fingerprinting with HTTP Request Fuzzing. In Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-590-6; ISSN 2184-7711, SciTePress, pages 261-271. DOI: 10.5220/0011328900003283

@conference{secrypt22,
author={Animesh Kar and Andrei Natadze and Enrico Branca and Natalia Stakhanova},
title={HTTPFuzz: Web Server Fingerprinting with HTTP Request Fuzzing},
booktitle={Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT},
year={2022},
pages={261-271},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011328900003283},
isbn={978-989-758-590-6},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT
TI - HTTPFuzz: Web Server Fingerprinting with HTTP Request Fuzzing
SN - 978-989-758-590-6
IS - 2184-7711
AU - Kar, A.
AU - Natadze, A.
AU - Branca, E.
AU - Stakhanova, N.
PY - 2022
SP - 261
EP - 271
DO - 10.5220/0011328900003283
PB - SciTePress