Detecting attacks against data in web applications

Author

Ludinard, Romaric ; Totel, Eric ; Tronel, Frédéric ; Nicomette, Vincent ; Kaâniche, Mohamed ; Alata, Éric ; Akrout, Rim ; Bachy, Yann

Author_Institution

Supelec, Cesson-Sevigné, France

fYear

2012

fDate

10-12 Oct. 2012

Firstpage

1

Lastpage

8

Abstract

RRABIDS (Ruby on Rails Anomaly Based Intrusion Detection System) is an application level intrusion detection system for applications implemented with the Ruby on Rails framework. It is aimed at detecting attacks against data in the context of web applications. This anomaly based IDS focuses on the modeling of the application profile in the absence of attacks (called normal profile) using invariants. These invariants are discovered during a learning phase. Then, they are used to instrument the web application at source code level, so that a deviation from the normal profile can be detected at run-time. This paper illustrates on simple examples how the approach detects well known categories of web attacks that involve a state violation of the application, such as SQL injections. Finally, an assessment phase is performed to evaluate the accuracy of the detection provided by the proposed approach.

Keywords

Internet; SQL; learning (artificial intelligence); public domain software; security of data; RRABIDS; Ruby on Rails anomaly-based intrusion detection system; SQL injections; Web applications; Web attack detection; anomaly-based IDS; application level intrusion detection system; application profile; application state violation; assessment phase; invariant constraints; learning phase; normal profile; source code level; Context; Electronic mail; Indexes; Intrusion detection; Radiation detectors; Rails;

fLanguage

English

Publisher

ieee

Conference_Titel

Risk and Security of Internet and Systems (CRiSIS), 2012 7th International Conference on

Conference_Location

Cork

Print_ISBN

978-1-4673-3087-9

Electronic_ISBN

978-1-4673-3088-6

Type

conf

DOI

10.1109/CRISIS.2012.6378943

Filename

6378943