Title :
Development of a hybrid web application firewall to prevent web based attacks
Author :
Tekerek, Adem ; Gemci, Cemal ; Bay, Omer Faruk
Author_Institution :
Gazi Univ., Ankara, Turkey
Abstract :
Firewall and intrusion detection systems are used by the purposes of preventing information loss and weakness on internet and providing security for web applications. However attacks to web applications do not only come from network layer. Web applications use Hyper Text Transfer Protocol (HTTP) and attacks come from this protocol to web pages. Tools used for providing security on network layer become inefficient for HTTP attacks. These attacks to web applications can be prevented by detection of HTTP. In this study, a hybrid web application firewall is developed by using proposed signature based detection and anomaly detection methods, to prevent attacks by detection of HTTP requests.
Keywords :
Internet; digital signatures; firewalls; hypermedia; HTTP attack; Internet; Web based attack; anomaly detection method; hybrid Web application firewall; hypertext transfer protocol; intrusion detection system; signature based detection; Computers; Firewalls (computing); Intrusion detection; Protocols; Web servers; Anomaly Detection. Signature Base Detection; Web Application Security;
Conference_Titel :
Application of Information and Communication Technologies (AICT), 2014 IEEE 8th International Conference on
Conference_Location :
Astana
Print_ISBN :
978-1-4799-4120-9
DOI :
10.1109/ICAICT.2014.7035910
