Ontology based intrusion detection system for web application security

Effective web security practices are key to the success of the Semantic Web. Security measures of authorization, integrity and privacy are to be catered for storage and maintenance of data on the web. Ontology is being highly recommended for security of web services. Many security parameters are being embedded in OWL-S. Security models mapped to ontology seem to be very effective. This paper demonstrates ontology based intrusion detection system for web application security. Context capture of information from links and scripts is the premise of the proposed system. The proposed IDS ontological model detects protocol specific attacks as well identifies malicious scripts. This model identifies types of attacks and vulnerabilities therein. A TCP dump of data on LAN was acquired and evaluated against KDD99 intrusion detection predictor model dataset. Ontology model was designed using Protégé. Our ontology model establishes semantic relationship between attacks and networks. The experimental results showed our model has improved detection rate and low rate of false positives.