Research Article Open Access

INTRUSION DETECTION SYSTEM FOR WEB APPLICATIONS WITH ATTACK CLASSIFICATION

Abstract

Nowadays, web-based applications are being widely used. The exorbitant variety of these applications and their development by the programmers, who don’t have much experience on the field of security, Intrusion methods and preventing them, have caused these applications to turn in to some kind of a challenge for the web-servers. This article is an attempt to increase the awareness of the system manager about the possible occurrence of these attacks, by presenting a detection system for web-based applications abnormalities, and by using the requests received by the web-server which can be available through the web-server Log files. The system, detects the abnormality in two separated phases of “Education” and “Detection”. The education phase is an attempt to make a model based on the normal behavior of the system by extracting the needed features through the Log files, and using the model in the next level to detect the abnormal input data in the web-server. The system is made of several modules, and each module has the responsibility of reviewing a specific kind of abnormality. This system also uses another module to detect the class of the occurred attacks to the web-server, so that the system manager will be able to prepare some preventive measures by dividing the attacks into separated groups. The obtained results of implementing this method, shows its high ability of detecting the unknown attacks

To read the full article Download Full Article | Visit Full Article