Abstract
Today's combat zone for both ethical and unethical hackers is the web. Rapid growth of web sites and web applications gives way to deliver complex business applications through the web. As the web dependency increases, so do the web hacking activities. Web applications are normally written in scripting languages like JavaScript, PHP embedded in HTML allowing connectivity to the databases, retrieving data and putting them in the WWW site. A web application is vulnerable to many kinds of threats and attacks. In order to detect known attacks, some set of attack rules and detections are needed. In this paper, a negative security model based on misuse of web applications is used. This negative security model provides a Web Application Firewall(WAF) engine with a rule set, to ensure critical protection across every web architecture. WAFs are deployed to establish an increased external security layer to detect and/or prevent attacks before they reach web applications. This paper has been tested with apache web server's log file. We have tested successfully almost all the common attacks. This paper also allows for HTTP traffic monitoring and real-time analysis with little or no changes to existing infrastructure.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
