Title :
A P2P and rule-based Web application intrusion prevention system
Author :
Wang Fang ; He Qian ; Wang Yong ; Yao Linlin
Author_Institution :
Guangxi Key Lab. of Wireless Wideband Commun. & Signal Process., Guilin Univ. of Electron. Technol., Guilin, China
Abstract :
Such traditional security tools as Firewalls, IDS and IPS are limited to their own product positioning and the depth of protection, which cannot resist attacks against web platform effectively, so a P2P and rule based Web application intrusion prevention system is designed in this paper. The system achieves to client requests and responses through a reverse proxy, and each node runs the same application program to accomplish peer-to-peer structure using P2P architecture. The primary and secondary nodes are determined dynamically based on users´ demand. The primary node can remain sessions and balance the loads. The secondary node is used to detect intrusions using rule based expert libraries and plug-ins. The experimental results show that the system can prevent application layer attacks effectively, and response more quickly and more stable than single node.
Keywords :
firewalls; peer-to-peer computing; IDS; IPS; P2P architecture; Web platform; client requests; firewalls; peer-to-peer structure; product positioning; reverse proxy; rule based Web application intrusion prevention system; Computer architecture; Intrusion detection; Libraries; Load management; Monitoring; Peer-to-peer computing; Intrusion Prevention System; P2P; Rule based; Web application;
Conference_Titel :
Communications and Networking in China (CHINACOM), 2013 8th International ICST Conference on
Conference_Location :
Guilin
DOI :
10.1109/ChinaCom.2013.6694631
