• DocumentCode
    2445835
  • Title

    Policy-based intrusion detection in Web applications by monitoring Java information flows

  • Author

    Hiet, Guillaume ; Tong, Valérie Viet Triem ; Mé, Ludovic ; Morin, Benjamin

  • Author_Institution
    Supelec, Cesson-Sevigne
  • fYear
    2008
  • fDate
    28-30 Oct. 2008
  • Firstpage
    53
  • Lastpage
    60
  • Abstract
    This article focuses on intrusion detection in systems using Web applications and COTS. We present a solution that combines policy-based intrusion detection and information flow control. We describe JBlare, an inline Java monitor that tracks inter-method flows in Java applications. This monitor collaborates with Blare, a monitor that tracks information flow in the whole system at the OS-level. The combination of these two detectors constitutes a policy-based Intrusion Detection System that can address a wide range of attacks.
  • Keywords
    Java; security of data; JBlare; Java information flows; Web applications; information flow control; policy-based intrusion detection; Access control; Application software; Collaborative software; Collaborative work; Control systems; Information security; Intrusion detection; Java; Logic; Monitoring; information flow control; policy-based intrusion detection; web applications security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Risks and Security of Internet and Systems, 2008. CRiSIS '08. Third International Conference on
  • Conference_Location
    Tozeur
  • Print_ISBN
    978-1-4244-3309-4
  • Type

    conf

  • DOI
    10.1109/CRISIS.2008.4757463
  • Filename
    4757463
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2445835