Despite the efforts of the security community, attacks against web applications are still one of the most common forms of compromise. The rate of vulnerable websites continues to be a concern not only to the site owners but also to the rest of the Internet.
While the phenomenon of web attacks studied thoroughly from a client-side perspective, only a few work focused on the nature of this phenomenon. Hence, our understanding of attacks against web applications still relies on rudimentary tools and tedious manual analysis efforts. In this thesis, we adopt a server-side approach to study attackers behavior on the Internet by analyzing the information collected by a high-interaction honeypot.