Development of a hybrid web application firewall to prevent web based attacks

机译：开发混合Web应用程序防火墙以防止基于Web的攻击

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Firewall and intrusion detection systems are used by the purposes of preventing information loss and weakness on internet and providing security for web applications. However attacks to web applications do not only come from network layer. Web applications use Hyper Text Transfer Protocol (HTTP) and attacks come from this protocol to web pages. Tools used for providing security on network layer become inefficient for HTTP attacks. These attacks to web applications can be prevented by detection of HTTP. In this study, a hybrid web application firewall is developed by using proposed signature based detection and anomaly detection methods, to prevent attacks by detection of HTTP requests.

机译：使用防火墙和入侵检测系统的目的是防止信息丢失和Internet上的漏洞，并为Web应用程序提供安全性。但是，对Web应用程序的攻击不仅来自网络层。 Web应用程序使用超文本传输协议（HTTP），并且从该协议到网页的攻击。用于在网络层上提供安全性的工具对于HTTP攻击而言效率低下。通过检测HTTP可以防止对Web应用程序的这些攻击。在这项研究中，使用建议的基于签名的检测和异常检测方法开发了混合Web应用程序防火墙，以通过检测HTTP请求来防止攻击。

著录项

来源
《IEEE International Conference on Application of Information and Communication Technologies》|2014年|1-4|共4页
会议地点
作者
Tekerek Adem; Gemci Cemal; Bay Omer Faruk;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Internet; digital signatures; firewalls; hypermedia; HTTP attack; Internet; Web based attack; anomaly detection method; hybrid Web application firewall; hypertext transfer protocol; intrusion detection system; signature based detection; Computers; Firewalls (computing); Intrusion detection; Protocols; Web servers; Anomaly Detection. Signature Base Detection; Web Application Security;

机译：互联网;数字签名;防火墙;超媒体; HTTP攻击;互联网;基于Web的攻击;异常检测方法;混合Web应用程序防火墙;超文本传输协议;入侵检测系统;基于签名的检测;计算机;防火墙（计算）;入侵检测;协议; Web服务器;异常检测。签名库检测; Web应用程序安全性;

相似文献

外文文献
中文文献
专利

1. Estimates on the effectiveness of web application firewalls against targeted attacks [J] . Hannes Holm, Mathias Ekstedt Information management & computer security . 2013,第4期

机译：评估Web应用程序防火墙针对定向攻击的有效性
2. Preventing Client-Side Attack in Web Applications Through Web Services [J] . V.Shanmughaneethi, P.Ramesh, S.Swamynathan International journal of soft computing . 2012,第4期

机译：通过Web服务防止Web应用程序中的客户端攻击
3. Preventing Client-Side Attack in Web Applications Through Web Services [J] . V. Shanmughaneethi, P. Ramesh, S. Swamynathan International journal of soft computing . 2012,第4期

机译：通过Web服务防止Web应用程序中的客户端攻击
4. Development of a hybrid web application firewall to prevent web based attacks [C] . Tekerek Adem, Gemci Cemal, Bay Omer Faruk IEEE International Conference on Application of Information and Communication Technologies . 2014

机译：开发混合Web应用程序防火墙以防止基于Web的攻击
5. Detecting and preventing attacks against web applications [D] . Robertson, William Kim 2009

机译：检测并防止针对Web应用程序的攻击
6. Toward Exposing Timing-Based Probing Attacks in Web Applications [O] . Jian Mao, Yue Chen, Futian Shi, 2017

机译：在Web应用程序中公开基于计时的探测攻击
7. Automatically Repairing Web Application Firewalls Based on Successful SQL Injection Attacks [O] . Appelt, Dennis, Panichella, Annibale, Briand, Lionel 2017

机译：基于成功的sQL注入攻击自动修复Web应用程序防火墙

Development of a hybrid web application firewall to prevent web based attacks

摘要

著录项

相似文献

相关主题

期刊订阅