Ultrabroadband photonic Internet: data mining approach to security aspects
- Arkadiusz Kalicki
Web applications became most popular medium in the Internet. Popularity, easiness of web application frameworks together with careless development results in high number of vulnerabilities and attacks. There are several types of attacks possible because of improper input validation. SQL injection is ability to execute arbitrary SQL queries in a database through an existing application. Cross-site scripting is the vulnerability which allows malicious web users to inject code into the web pages viewed by other users. Cross-Site Request Forgery (CSRF) is an attack that tricks the victim into loading a page that contains malicious request. Web spam in blogs. In order to secure web applications intrusion detection (IDS) and intrusion prevention systems (IPS) are being used. Intrusion detection systems are divided in two groups: misuse detection (traditional IDS) and anomaly detection. Misuse detection systems are signature based, have high accuracy in detecting many kinds of known attacks but cannot detect unknown and emerging attacks. This can be complemented with anomaly based intrusion detection and prevention systems. This paper presents anomaly driven proxy as an IPS and data mining based algorithm which was used to detecting anomalies. The principle of this method is the comparison of the incoming HTTP traffic with a previously built profile that contains a representation of the "normal" or expected web application usage sequence patterns. The frequent sequence patterns are found with GSP algorithm. Some basic tests show that the software catches malicious requests.
- Record ID
- Romaniuk Ryszard, Ryszard Romaniuk Kulpa Krzysztof Krzysztof Kulpa (eds.): Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments 2009, vol. 7502, 2009, SPIE, Bellingham, SPIE, 786 p., ISBN 9780819478139. DOI:10.1117/12.843290 Opening in a new tab
- Keywords in English
- web security, xss, sql injection, web spam, anomaly detection, data mining
- DOI:10.1117/12.838261 Opening in a new tab
- http://dx.doi.org/10.1117/12.838261 Opening in a new tab
- (en) English
- Score (nominal)
- Citation count
- Uniform Resource Identifier
* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or PerishOpening in a new tab system.