• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Information management & computer security >Using response action with intelligent intrusion detection and prevention system against web application malware
【24h】

Using response action with intelligent intrusion detection and prevention system against web application malware

机译:将响应动作与智能入侵检测和防御系统结合使用,以应对Web应用程序恶意软件

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Purpose - The purpose of this paper is to mitigate vulnerabilities in web applications, security detection and prevention are the most important mechanisms for security. However, most existing research focuses on how to prevent an attack at the web application layer, with less work dedicated to setting up a response action if a possible attack happened. Design/methodology/approach - A combination of a Signature-based Intrusion Detection System (SIDS) and an Anomaly-based Intrusion Detection System (AIDS), namely, the Intelligent Intrusion Detection and Prevention System (IIDPS). Findings - After evaluating the new system, a better result was generated in line with detection efficiency and the false alarm rate. This demonstrates the value of direct response action in an intrusion detection system. Research limitations/implications - Data limitation. Originality/value - The contributions of this paper are to first address the problem of web application vulnerabilities. Second, to propose a combination of an SIDS and an AIDS, namely, the IIDPS. Third, this paper presents a novel approach by connecting the IIDPS with a response action using fuzzy logic. Fourth, use the risk assessment to determine an appropriate response action against each attack event. Combining the system provides a better performance for the Intrusion Detection System, and makes the detection and prevention more effective.
机译:目的-本文的目的是减轻Web应用程序中的漏洞,安全检测和预防是最重要的安全机制。但是,大多数现有研究都集中在如何防止Web应用程序层上的攻击上,而如果发生可能的攻击,则很少有工作来设置响应动作。设计/方法/方法-基于签名的入侵检测系统(SIDS)和基于异常的入侵检测系统(AIDS)的组合,即智能入侵检测和防御系统(IIDPS)。调查结果-在评估新系统后,根据检测效率和误报率产生了更好的结果。这证明了直接响应措施在入侵检测系统中的价值。研究限制/含义-数据限制。原创性/价值-本文的贡献是首先解决Web应用程序漏洞的问题。第二,提议将小岛屿发展中国家和艾滋病结合起来,即国际疾病预防和预防计划。第三,本文提出了一种通过使用模糊逻辑将IIDPS与响应动作联系起来的新颖方法。第四,使用风险评估来确定针对每个攻击事件的适当响应措施。组合该系统可为入侵检测系统提供更好的性能,并使检测和预防更加有效。

著录项

  • 来源
    《Information management & computer security》 |2014年第5期|431-449|共19页
  • 作者

    Ammar Alazab; Michael Hobbs; Jemal Abawajy; Ansam Khraisat; Mamoun Alazab;

  • 作者单位

    College of Engineering and Technology, The American University of the Middle East, Egaila, Kuwait;

    Faculty of Science Engineering & Built Environment, Deakin University, Geelong, Australia;

    School of Information Technology, Deakin University, Geelong, Australia;

    Faculty of Science Engineering & Built Environment, Deakin University, Geelong, Australia;

    Department of Crime, Policing, Security and Justice, Australian National University, Canberra, Australia;

  • 收录信息 美国《工程索引》(EI);
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    Information security; Security; Risk management;

    机译:信息安全;安全;风险管理;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号