Presentation is loading. Please wait.

Presentation is loading. Please wait.

Assessing Vulnerabilities in Apache and IIS HTTP Servers Sung-Whan Woo, Omar H. Alhazmi, Yashwant K. Malaiya Sri Reddy IWS2 Bits1.

Published by Modified over 10 years ago

Similar presentations

Presentation on theme: "Assessing Vulnerabilities in Apache and IIS HTTP Servers Sung-Whan Woo, Omar H. Alhazmi, Yashwant K. Malaiya Sri Reddy IWS2 Bits1."— Presentation transcript:

1 Assessing Vulnerabilities in Apache and IIS HTTP Servers Sung-Whan Woo, Omar H. Alhazmi, Yashwant K. Malaiya Sri Reddy IWS2 Bits1

2 Intro  Both of the 2 most popular HTTP servers on the market: Apache & IIS have major vulnerabilities  This study probes the discovery rate of vulnerabilities  Past studies highlighted specific problems like Denial of Service

3 Models  Vulnerabilities Discovery Models Time-based Effort-based (number of installations)  MODELING VULNERABILTIES IN HTTP SERVERS Apache IIS

4 Vulnerabilities Discovery Models  2 models time-based & effort-based number of bugs reported might saturate after a certain amt of time (has for IIS) Effort-based is based on the number of installations (and the effort to find server bugs)

5 Market Share as a Factor in Effort- Based Model

6 MODELING VULNERABILTIES IN HTTP SERVERS (time-based)  Apache  IIS

7 Conclusions  Apache vulnerabilities growth rate appears to be positive due to growth in # of installations of Apache web server  IIS vulnerabilities growth rate appears to be have become low due to little growth in # of IIS installations (saturation of IIS)

Download ppt "Assessing Vulnerabilities in Apache and IIS HTTP Servers Sung-Whan Woo, Omar H. Alhazmi, Yashwant K. Malaiya Sri Reddy IWS2 Bits1."

Similar presentations

The GridSite Toolbar Shiv Kaushal The University of Manchester All Hands Meeting 2006.

The GridSite Toolbar Shiv Kaushal The University of Manchester All Hands Meeting 2006.
Agenda Web Application Web Page development WAMP

Agenda Web Application Web Page development WAMP
INTRO TO THE WWW. What is the World Wide Web? The World Wide Web (WWW) is most often called the Web. The World Wide Web (WWW) is most often called the.

INTRO TO THE WWW. What is the World Wide Web? The World Wide Web (WWW) is most often called the Web. The World Wide Web (WWW) is most often called the.
1. Prelude Diebold’s electronic voting system source code was discovered and subsequently leaked due to it being on a Diebold web server. Although it.

1. Prelude Diebold’s electronic voting system source code was discovered and subsequently leaked due to it being on a Diebold web server. Although it.
Actual Trends Semantic Web Lecture WS 2010/2011. What‘s next? W3C view: Look at Semantic Web activity:

Actual Trends Semantic Web Lecture WS 2010/2011. What‘s next? W3C view: Look at Semantic Web activity:
1 Soar Bugzilla Jonathan Voigt University of Michigan Soar Workshop 24.

1 Soar Bugzilla Jonathan Voigt University of Michigan Soar Workshop 24.
CS 112 Intro to Computer Science II Sami Rollins Spring 2007.

CS 112 Intro to Computer Science II Sami Rollins Spring 2007.
Alessandro Agnello Embedded Web Servers 1IWS2 Bits - Alessandro Agnello.

Alessandro Agnello Embedded Web Servers 1IWS2 Bits - Alessandro Agnello.
Click it Apache Service will start If Skype is on, then Quit Skype and exit from Skype. Does not work if Skype is On. You can start Skype later on.

Click it Apache Service will start If Skype is on, then Quit Skype and exit from Skype. Does not work if Skype is On. You can start Skype later on.
University of Maryland I.T. Security Gerry Sneeringer IT Security Officer

University of Maryland I.T. Security Gerry Sneeringer IT Security Officer
PHP Scripting Language. Introduction “PHP” is an acronym for “PHP: Hypertext Preprocessor.” It is an interpreted, server-side scripting language. Originally.

PHP Scripting Language. Introduction “PHP” is an acronym for “PHP: Hypertext Preprocessor.” It is an interpreted, server-side scripting language. Originally.
IIS vs. Apache. Five advantages of IIS 1. It is has a GUI interface, which makes the installation a bit easier. 2. It plays well with other Microsoft.

IIS vs. Apache. Five advantages of IIS 1. It is has a GUI interface, which makes the installation a bit easier. 2. It "plays" well with other Microsoft.
© HarperCollins Publishers 2010 Interpretation How was propaganda used in World War Two?

© HarperCollins Publishers 2010 Interpretation How was propaganda used in World War Two?
Search Search Drupal with Apache Solr with CERN Web Communications Group – Copyright 2013.

Search Search Drupal with Apache Solr with CERN Web Communications Group – Copyright 2013.
HAPPY MONDAY!! Welcome to Marketing, attracting and keeping customers week. As one of the Growth Voucher advice themes, we wanted to take some time out.

HAPPY MONDAY!! Welcome to Marketing, attracting and keeping customers week. As one of the Growth Voucher advice themes, we wanted to take some time out.
What is IIS? IIS (Internet Information Server) is a group of Internet servers (including a Web or Hypertext Transfer Protocol server and a File Transfer.

What is IIS? IIS (Internet Information Server) is a group of Internet servers (including a Web or Hypertext Transfer Protocol server and a File Transfer.
Internet Information Services 7.0 Infrastructure Planning and Design Series.

Internet Information Services 7.0 Infrastructure Planning and Design Series.
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholder to insert your own image. WEB.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholder to insert your own image. WEB.
Security and Performance Issues Mark J Cox UK Web Ltd.

Security and Performance Issues Mark J Cox UK Web Ltd.
--Harish Reddy Vemula Distributed Denial of Service.

--Harish Reddy Vemula Distributed Denial of Service.

Similar presentations

Ads by Google