Vulnerability Ontology for web applications to predict and classify attacks

摘要

Web application security is the major security concern for e-business and information sharing communities. Research showed that more than 75% attacks are being deployed at application layer and almost 90% applications are vulnerable to attacks. Conventional methods of vulnerability and attack prevention and detection are ineffective to provide complete security solution at application level. In this paper, we propose an ontology based approach for effective defenses against the application level vulnerabilities and attacks. The proposed system is an ontology based attack prediction system which infers from the query of the user and classifies the web application attacks. It suggests methods for prevention and countermeasures for the inferred attacks. It also provides ranking and the priority in which the attacks can be encountered with a better defense.