Unknown Attacks
The term "unknown attack", when used in the context of application security, generally refers to attacks that target previously undocumented vulnerabilities in custom developed enterprise Web application code. Based on penetration testing of over 250 private and public sector penetration tests, Imperva's Application Defense Center has concluded that 92% of Web applications are vulnerable to targeted attacks on internally developed code.
Since the attacker does not have advance knowledge of the specific nature of a Web site's vulnerabilities, these targeted attacks require a systematic reconnaissance and exploit construction process. Each attack is completely unique and therefore cannot be protected by signatures. Examples of these attacks include Parameter Tampering, Cookie Poisoning, and Brute Force attacks on session IDs. The only way to defend against these attacks is to use behavior-based anomaly detection. Behavior-based security systems build a detailed profile of all allowed application behavior and use that profile as a baseline to identify unusual behaviors.
- Administrative Interface Access
- Access of Internal Components
- Anomaly Detection
- Brute Force
- Buffer Overflow
- Cookie Poisoning
- Cross-Site Request Forgery
- Cross-Site Scripting
- Denial of Service (DoS)
- Directory Traversal
- Distributed Denial of Service (DDoS)
- File/Parameter Enumeration
- Forceful Browsing
- Google Hacking
- Known Attacks
- LAND Attacks
- Malicious Encodings
- Parameter Tampering
- Server Takeover
- Session Hijacking
- Signature Detection
- Site Scanning/Probing
- Source Code Disclosure
- SQL Injection
- Stealth Commanding
- Unknown Attacks