AN ANOMALY-BASED WEB APPLICATION FIREWALL

Alejandro Perez-Villegas; Gonzalo Alvarez

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

AN ANOMALY-BASED WEB APPLICATION FIREWALL

Topics: Intrusion Detection & Prevention; Intrusion Detection and Vulnerability Assessment

In Proceedings of the International Conference on Security and Cryptography - Volume 0ICETE, 23-28, 2009 , Milan, Italy

Authors: Alejandro Perez-Villegas and Gonzalo Alvarez

Affiliation: Consejo Superior de Investigaciones Científicas, Spain

Keyword(s): Web attacks, Anomaly intrusion detection, Web application firewall.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Intrusion Detection & Prevention

Abstract: A simple and effective web application firewall is presented. This system can detect both known and unknown web attacks following a positive security model. For attack detection, the system relies on an XML file, which thoroughly describes normal web application behavior. Any irregular behavior is flagged as intrusive. An initial training phase is required to statistically characterize how normal traffic for a given target application looks like. The system has been tested with a real web application as target and an artificial request generator as input. Experiments show that after the training phase, when the XML file is correctly configured, good results are obtained, with a very high detection rate and a very low false alarm rate.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.222.69.152

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Perez-Villegas, A. and Alvarez, G. (2009). AN ANOMALY-BASED WEB APPLICATION FIREWALL. In Proceedings of the International Conference on Security and Cryptography (ICETE 2009) - SECRYPT; ISBN 978-989-674-005-4; ISSN 2184-3236, SciTePress, pages 23-28. DOI: 10.5220/0002218900230028

@conference{secrypt09,
author={Alejandro Perez{-}Villegas. and Gonzalo Alvarez.},
title={AN ANOMALY-BASED WEB APPLICATION FIREWALL},
booktitle={Proceedings of the International Conference on Security and Cryptography (ICETE 2009) - SECRYPT},
year={2009},
pages={23-28},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002218900230028},
isbn={978-989-674-005-4},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography (ICETE 2009) - SECRYPT
TI - AN ANOMALY-BASED WEB APPLICATION FIREWALL
SN - 978-989-674-005-4
IS - 2184-3236
AU - Perez-Villegas, A.
AU - Alvarez, G.
PY - 2009
SP - 23
EP - 28
DO - 10.5220/0002218900230028
PB - SciTePress