Development of a hybrid web application firewall to prevent web based attacks

Author

Tekerek, Adem ; Gemci, Cemal ; Bay, Omer Faruk

Author_Institution

Gazi Univ., Ankara, Turkey

fYear

2014

fDate

15-17 Oct. 2014

Firstpage

1

Lastpage

4

Abstract

Firewall and intrusion detection systems are used by the purposes of preventing information loss and weakness on internet and providing security for web applications. However attacks to web applications do not only come from network layer. Web applications use Hyper Text Transfer Protocol (HTTP) and attacks come from this protocol to web pages. Tools used for providing security on network layer become inefficient for HTTP attacks. These attacks to web applications can be prevented by detection of HTTP. In this study, a hybrid web application firewall is developed by using proposed signature based detection and anomaly detection methods, to prevent attacks by detection of HTTP requests.

Keywords

Internet; digital signatures; firewalls; hypermedia; HTTP attack; Internet; Web based attack; anomaly detection method; hybrid Web application firewall; hypertext transfer protocol; intrusion detection system; signature based detection; Computers; Firewalls (computing); Intrusion detection; Protocols; Web servers; Anomaly Detection. Signature Base Detection; Web Application Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Application of Information and Communication Technologies (AICT), 2014 IEEE 8th International Conference on

Conference_Location

Astana

Print_ISBN

978-1-4799-4120-9

Type

conf

DOI

10.1109/ICAICT.2014.7035910

Filename

7035910