Abstract

Web application portal with the single sign on (SSO) feature provides an integrated E-Business solution such that web application becomes an essential building block for business operations. Gartner Group report indicates that 75% of malicious attacks targeting the application layer and three out of four business Web sites are vulnerable to application-level attacks. Therefore, the traditional security devices (such as firewall and intrusion detection system) are not able to protect web-based applications any more. Implementing a solid web application security protection shield is top-of-mind of security researchers. Extending the finite state machine theory and coupling with stateful session inspection, we propose Web Intrusion Prevention System (WIPS) to solve web application security issues listed in the OWASP Top Ten project. WIPS works as the last defense line to separate web browsers and web servers by examining network traffic, maintaining every session's state information and allowing only specific web behaviors defined by web finite state machine to pass through. With embedded Snort capability, WIPS also provides negative security models to resist the lower layer attacks. A WIPS prototype has been implemented on Intel Network Processor (IXP425) running with MontaVista Linux. In our study, the functionality and performance has been assessed to show WIPS providing a key answer for advancing the state-of-the-art in web application security in a realistic environment.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.