@inproceedings{49740894247444cc9e94fa073e3f0c63,
title = "A Lightweight Tool for Detecting Web Server Attacks",
abstract = "We present an intrusion-detection tool aimed at protecting web servers, and justify why such a tool is needed. We describe several interesting features, such as the ability to run in real time and to keep track of suspicious hosts. The design is flexible and the signatures used to detect malicious behavior are not limited to simple pattern matching of dangerous cgi scripts. The tool includes mechanisms to reduce the number of false alarms. We conclude with a discussion of the information gained from deploying the tool at various sites.",
author = "Magnus Almgren and Herv{\'e} Debar and Marc Dacier",
note = "Publisher Copyright: {\textcopyright} 2000 Proceedings of the Symposium on Network and Distributed System Security, NDSS 2000. All Rights Reserved.; 7th Symposium on Network and Distributed System Security, NDSS 2000 ; Conference date: 03-02-2000 Through 04-02-2000",
year = "2000",
language = "English (US)",
series = "Proceedings of the Symposium on Network and Distributed System Security, NDSS 2000",
publisher = "The Internet Society",
booktitle = "Proceedings of the Symposium on Network and Distributed System Security, NDSS 2000",
}