Using response action with intelligent intrusion detection and prevention system against web application malware
Author:
Alazab Ammar,Hobbs Michael,Abawajy Jemal,Khraisat Ansam,Alazab Mamoun
Abstract
Purpose
– The purpose of this paper is to mitigate vulnerabilities in web applications, security detection and prevention are the most important mechanisms for security. However, most existing research focuses on how to prevent an attack at the web application layer, with less work dedicated to setting up a response action if a possible attack happened.
Design/methodology/approach
– A combination of a Signature-based Intrusion Detection System (SIDS) and an Anomaly-based Intrusion Detection System (AIDS), namely, the Intelligent Intrusion Detection and Prevention System (IIDPS).
Findings
– After evaluating the new system, a better result was generated in line with detection efficiency and the false alarm rate. This demonstrates the value of direct response action in an intrusion detection system.
Research limitations/implications
– Data limitation.
Originality/value
– The contributions of this paper are to first address the problem of web application vulnerabilities. Second, to propose a combination of an SIDS and an AIDS, namely, the IIDPS. Third, this paper presents a novel approach by connecting the IIDPS with a response action using fuzzy logic. Fourth, use the risk assessment to determine an appropriate response action against each attack event. Combining the system provides a better performance for the Intrusion Detection System, and makes the detection and prevention more effective.
Subject
Library and Information Sciences,Management Science and Operations Research,Business and International Management,Management Information Systems
Reference32 articles.
1. Alazab, A.
,
Abawajy, J.
and
Hobbs, M.
(2013), “Web malware that target web application”,
Social Network Engineering for Secure Web Data and Services
, IGI Global, Hershey, PA, pp. 248-264. 2. Alazab, A.
,
Hobbs, M.
,
Abawajy, J.
and
Alazab, M.
(2012), “Using feature selection for intrusion detection system”, 2012 International Symposium on Communications and Information Technologies (ISCIT), Gold Coast, pp. 296-301. 3. Alazab, M.
,
Ventatraman, S.
,
Watters, P.
,
Alazab, M.
and
Alazab, A.
(2011a), “Cybercrime: the case of obuscated malware”, in 7th International Conference on Global Security, Safety & Sustainability, Thessaloniki. 4. Alazab, M.
,
Venkatraman, S.
,
Watters, P.
and
Alazab, M.
(2011b), “Zero-day malware detection based on supervised learning algorithms of API call signatures”, Australasian Data Mining Conference (AusDM 11), Ballarat, pp. 171-182. 5. Corporation, M.
(2003), “Improving web application security: threats and countermeasures”, available at: http://msdn.microsoft.com/en-us/library/ff648644.aspx
Cited by
25 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
|
|