Defending On-Line Web Application Security with User-Behavior Surveillance

With the incoming of information era, web-based service has been developed rapidly and offered more and more business. These "open", and widely "web enabled" applications are subject to greater and greater levels and types of attacks as hackers exploit vulnerabilities within the...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Proceedings of the Third International Conference on Availability, Security, and Reliability : March 4-7, 2008, Barcelona, Spain S. 410 - 415
Hauptverfasser: Yu-Chin Cheng, Chi-Sung Laih, Gu-Hsin Lai, Chia-Mei Chen, Tsuhan Chen
Format: Tagungsbericht
Sprache:Englisch
Veröffentlicht: IEEE 01.03.2008
Schlagworte:
Application software
Availability
Buffer overflow
Computer crime
Computer hacking
Information security
Markov model
Monitoring
National security
Statistics
Surveillance
User behavior
Web application security
Web attacks
Web security
ISBN:9780769531021, 0769531024
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:With the incoming of information era, web-based service has been developed rapidly and offered more and more business. These "open", and widely "web enabled" applications are subject to greater and greater levels and types of attacks as hackers exploit vulnerabilities within the software like SQL injection and cross site scripts (XSS) attack. In this paper, we proposed a type of novel embedded Markov model (EMM) to detect different web application attacks, monitor the on-line user behavior and defend the malevolent user promptly. Comparing to previous web application attacks detecting approaches, our EMM approach can not only detect user's invalidated input errors but also find out the unreasonable page transition behavior. By detecting unreasonable page transition, we can immediately defend the malevolent or silly user behavior to avoid the further web system failures and sensitive information disclosure. Furthermore, we implement an on-line user behavior surveillance system and use the real web traffic to evaluate the performance of our system. The experiment results show that our proposed EMM method can discover the abnormal behavior of malevolent user and detect the invalidated input attacks like SQL injection, XSS and string buffer overflow attacks.
ISBN:9780769531021
0769531024
DOI:10.1109/ARES.2008.127