[Owasp-appsensor-project] New Detection Point Candidate: New Parent Category - OutputException (OE)
Ryan Barnett
ryan.barnett at owasp.org
Fri Sep 30 11:52:38 EDT 2011
We currently have InputException (IE) and this would be its counterpart and
would include all issues related to inspecting the HTTP response.
There are a number of current detection points that could move here -
* IE7: Detect Abnormal Content Output Structure could actually move here
to
* CIE2: Detect Abnormal Quantity of Returned Records
There is also a new Detection Point for this category that I recommend -
- Deviation from normal response time interval which could detect if an
application is under a resource DoS attack.
So the new category could be this -
OutputException (OE)
* OE1: Detect Abnormal Content Output Structure
* OE2: Detect Abnormal Quantity of Returned Records
* OE3: Deviation from normal response time interval
Thoughts?
--
Ryan Barnett
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20110930/6df9bb2f/attachment.html
More information about the Owasp-appsensor-project
mailing list