DOUBLEGUARD: DETECTING INTRUSIONS IN MULTI-TIER WEB APPLICATIONS

Sri Vasavi College, Erode Self-Finance Wing, 3rd February 2017. National Conference on Computer and Communication, NCCC’17. International Journal of Computer Science (IJCS) Published by SK Research Group of Companies (SKRGC)

Abstract

Network attacks are increased in number and severity over the past few years, intrusion detection system (IDS) is increasingly becoming a critical component to secure the network. Intrusion detection is the process of monitoring and analyzing the events occurring in a computer system in order to detect signs of security problems. Intrusion Detection Systems has the additional job of triggering alarms toward this security problem and some of it automated in the role of triggering or doing an action on behalf of the network administrator. The goal of intrusion detection system (IDS) is to provide another layer of defense against malicious (or unauthorized) uses of computer systems by sensing a misuse or a breach of a security policy and alerting operators to an ongoing attack.

References

[1]R. Ezumalai, G. Aghila, “Combinatorial Approach for Preventing SQL Injection Attacks”, 2009 IEEE International Advance Computing Conference (IACC 2009) Patiala, India, 6-7 March 2009.

[2] Asha. N, M. Varun Kumar, Vaidhyanathan. G of Anomaly Based Character Distribution Models in th,”Preventing SQL Injection Attacks”, International Journal of Computer Applications (0975 – 8887) Volume 52– No.13, August 2012

[3] Yuji Kosuga, Kenji Kono, Miyuki Hanaoka, Hiyoshi Kohoku-ku, Yokohama, Miho Hishiyama, Yu Takahama, Kaigan Minato-ku, “Sania: Syntactic and Semantic Analysis for Automated Testing against SQL Injection” 23rd Annual Computer Security Applications Conference, 2007, 1063-9527/07, 2007 IEEE

[4] Prof (Dr.) Sushila, MadanSupriyaMadan, “Shielding Against SQL Injection Attacks Using ADMIRE Model”, 2009 First International Conference on Computational Intelligence, Communication Systems and Networks, 978-0-7695-3743-6/09 2009 IEEE

[5] A S Yeole, B BMeshram, “Analysis of Different Technique for Detection of SQL Injection”, International Conference and Workshop on Emerging Trends in Technology (ICWET 2011) – TCET, Mumbai, India, ICWET?11, February 25–26, 2011, Mumbai, Maharashtra, India. 2011 ACM.

[6] Ke Wei, M. Muthuprasanna, Suraj Kothari, “Preventing SQL Injection Attacks in Stored Procedures”.Proceedings of the 2006 Australian Software Engineering Conference

[7] Debasish Das, Utpal Sharma, D. K. Bhattacharyya, “Rule based Detection of SQL Injection Attack”, International Journal of Computer Applications (0975 – 8887) Volume 43– No.19, April 2012. [17] NTAGW ABIRA Lambert, KANG Song Lin, “Use of Query Tokenization to detect and prevent SQL Injection Attacks.

[8] Kai-Xiang Zhang, Chia-Jun Lin, Shih-Jen Chen, Yanling Hwang, Hao-Lun Huang, and Fu-Hau Hsu, “TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks”, First International Conference on Robot, Vision and Signal Processing, IEEE, 2011.

Keywords

Intrusion Detection System, Anomaly Detection, Web Server, Attacks, SQLIA, Classification of SQLIA.