A Closer Look at Intrusion Detection System for Web Applications

Agarwal, Nancy; Hussain, S. M. Suhail

doi:10.1155/2018/9601357

Cited by 37 publications

(18 citation statements)

References 63 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The classification is mainly based on the detection mechanism of the methods.  Signature-based methods [3,4]: this is a well-known approach and has been investigated by many researchers. So far, the research community of web attack detection has built up a complete Core Rule Set [9] to support network users.…”

Section: Related Work 21 Web Attack Detection Researchmentioning

confidence: 99%

“…So far, the research community of web attack detection has built up a complete Core Rule Set [9] to support network users. Currently, the Core Rule Set is used in most of the web firewalls [3].  Anomaly-based methods: there have been many different anomaly based approaches on network security.…”

Section: Related Work 21 Web Attack Detection Researchmentioning

confidence: 99%

“…In [2], Mookhey presented the characteristics, compositions and operation principles of WA. Besides, some other works in [2][3][4] have shown several vulnerabilities and threats that attackers could exploit to attack the web applications. According to the surveys in [3] and [4], the vulnerabilities of the protocol hyper text transfer protocol (HTTP) or hypertext transfer protocol secure (HTTPS) are often preferable to be exploited by attackers.…”

Section: Introductionmentioning

confidence: 99%

“…Both signature-based and anomaly-based methods have certain advantages and disadvantages. In general, solutions applying signature-based techniques [2,3] are not able to detect unusual requests since these methods are mainly based on fixed ruling systems. Anomaly-based methods are capable of detecting abnormal requests because they utilize techniques to analyze and evaluate the behaviors of the requests.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

An adaptive anomaly request detection framework based on dynamic web application profiles

Xuan

Nguyễn

Dinh

2020

IJECE

View full text Add to dashboard Cite

Web application firewall is a highly effective application in protecting the application layer and database layer of websites from attack access. This paper proposes a new web application firewall deploying method based on Dynamic Web application profiling (DWAP) analysis technique. This is a method to deploy a firewall based on analyzing website access data. DWAP is improved to integrate deeply into the structure of the website to increase the compatibility of the anomaly detection system into each website, thereby improving the ability to detect abnormal requests. To improve the compatibility of the web application firewall with protected objects, the proposed system consists of two parts with the main tasks are: i) Detect abnormal access in web application (WA) access; ii) Semi-automatic update the attack data to the abnormal access detection system during WA access. This new method is applicable in real-time detection systems where updating of new attack data is essential since web attacks are increasingly complex and sophisticated.

show abstract

Section: Related Work 21 Web Attack Detection Researchmentioning

confidence: 99%

Section: Related Work 21 Web Attack Detection Researchmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An adaptive anomaly request detection framework based on dynamic web application profiles

Xuan

Nguyễn

Dinh

2020

IJECE

View full text Add to dashboard Cite

show abstract

“…To prevent the attack, an intrusion detection/prevention system (IDS/IPS) can be used. However, several studies in the literature concur that such third-party solutions exhibit practical limitations due to persistent system complexities, escalating deployment costs, and several inconveniences, including business productivity losses due to high false alarms [3,4]. To address these issues with the aim of ensuring secure information communications, we propose a novel inference scheme using trusted time-based verification for automatically detecting MITM attacks.…”

Section: Introductionmentioning

confidence: 99%

Trusted Time-Based Verification Model for Automatic Man-in-the-Middle Attack Detection in Cybersecurity

Kang

Fahd²,

Venkatraman³

2018

Cryptography

View full text Add to dashboard Cite

Due to the prevalence and constantly increasing risk of cyber-attacks, new and evolving security mechanisms are required to protect information and networks and ensure the basic security principles of confidentiality, integrity, and availability—referred to as the CIA triad. While confidentiality and integrity can be achieved using Secure Sockets Layer (SSL)/Transport Layer Security (TLS) certificates, these depend on the correct authentication of servers, which could be compromised due to man-in-the-middle (MITM) attacks. Many existing solutions have practical limitations due to their operational complexity, deployment costs, as well as adversaries. We propose a novel scheme to detect MITM attacks with minimal intervention and workload to the network and systems. Our proposed model applies a novel inferencing scheme for detecting true anomalies in transmission time at a trusted time server (TTS) using time-based verification of sent and received messages. The key contribution of this paper is the ability to automatically detect MITM attacks with trusted verification of the transmission time using a learning-based inferencing algorithm. When used in conjunction with existing systems, such as intrusion detection systems (IDS), which require comprehensive configuration and network resource costs, it can provide a robust solution that addresses these practical limitations while saving costs by providing assurance.

show abstract

Design Challenges and Assessment of Modern Web Applications Intrusion Detection and Prevention Systems (IDPS)

Sadqi¹,

Mekkaoui²

2021

Innovations in Smart Cities Applications Volume 4

View full text Add to dashboard Cite

A Closer Look at Intrusion Detection System for Web Applications

Cited by 37 publications

References 63 publications

An adaptive anomaly request detection framework based on dynamic web application profiles

An adaptive anomaly request detection framework based on dynamic web application profiles

Trusted Time-Based Verification Model for Automatic Man-in-the-Middle Attack Detection in Cybersecurity

Design Challenges and Assessment of Modern Web Applications Intrusion Detection and Prevention Systems (IDPS)

Contact Info

Product

Resources

About