Active Intrusion Management for Web Server Software: Case WordPress

Paarnio, Patrik; Stenvall, Sam; Westerlund, Magnus; Pulkkis, Göran

Home // ICCGI 2015, The Tenth International Multi-Conference on Computing in the Global Information Technology // View article

Active Intrusion Management for Web Server Software: Case WordPress

Authors:
Patrik Paarnio
Sam Stenvall
Magnus Westerlund
Göran Pulkkis

Keywords: active intrusion prevention; active intrusion detection; web site vulnerability; WordPress vulnerability; booby trap.

Abstract:
Methods for active management of intrusion attacks against WordPress web sites are proposed for improved real-time web security. Intrusion management is defined to be active when both intrusion responses and forensic investigations are proactive and/or automatically triggered by intrusion attacks. Booby traps as active defense against intrusion attacks using return-oriented programming and other related research is briefly surveyed. Active intrusion management techniques such as booby trapped patches to publicly known vulnerabilities in WordPress plug-ins and redirection scripts for WordPress plug-ins are proposed. Experimentation results with proposed booby trapped patches and proposed redirection scripts are presented and evaluated.

Pages: 6 to 12

Copyright: Copyright (c) IARIA, 2015

Publication date: October 11, 2015

Published in: conference

ISSN: 2308-4529

ISBN: 978-1-61208-432-9

Location: St. Julians, Malta

Dates: from October 11, 2015 to October 16, 2015