A closer look on Intrusion Detection System for web applications

by   Nancy Agarwal, et al.

Intrusion Detection System (IDS) is one of the security measures being used as an additional defence mechanism to prevent the security breaches on web. It has been well known methodology for detecting network-based attacks but still immature in the domain of securing web application. The objective of the paper is to thoroughly understand the design methodology of the detection system in respect to web applications. In this paper, we discuss several specific aspects of a web application in detail that makes challenging for a developer to build an efficient web IDS. The paper also provides a comprehensive overview of the existing detection systems exclusively designed to observe web traffic. Furthermore, we identify various dimensions for comparing the IDS from different perspectives based on their design and functionalities. We also provide a conceptual framework of an IDS with prevention mechanism to offer a systematic guidance for the implementation of the system specific to the web applications. We compare its features with five existing detection systems, namely AppSensor, PHPIDS, ModSecurity, Shadow Daemon and AQTRONIX WebKnight. The paper will highly facilitate the interest groups with the cutting edge information to understand the stronger and weaker sections of the web IDS and provide a firm foundation for developing an intelligent and efficient system.


page 1

page 2

page 3

page 4


A Visual Model for Web Applications Security Monitoring

This paper proposes a novel visual model for web applications security m...

Encoding a Taxonomy of Web Attacks with Different-Length Vectors

Web attacks, i.e. attacks exclusively using the HTTP protocol, are rapid...

Practical Whole-System Provenance Capture

Data provenance describes how data came to be in its present form. It in...

A Survey of Network-based Intrusion Detection Data Sets

Labeled data sets are necessary to train and evaluate anomaly-based netw...

Detecting intrusions in control systems: a rule of thumb, its justification and illustrations

Control systems are exposed to unintentional errors, deliberate intrusio...

Identification of Flaws in the Design of Signatures for Intrusion Detection Systems

Signature-based Intrusion Detection System (SIDS) provides a promising s...

Web application for size and topology optimization of trusses and gusset plates

With its ever growing popularity, providing Internet based applications ...

Please sign up or login with your details

Forgot password? Click here to reset