Abstract
Problem statement: It is necessary to propose suitable detection and prevention mechanisms to provide security for the information contents used by the web application. Many prevention mechanisms which are currently available are not able to classify anomalous, random and normal request. This leads to the problem of false positives which is classifying a normal request as anomalous and denying access to information. Approach: In this study, we propose an anomaly detection system which will act as a Web based anomaly detector called intelligent SQL Anomaly detector and it uses decision tree algorithm and a feedback mechanism for effective classification. Results: This newly proposed and implemented technique has higher probability for reducing false positives which are the drawbacks in the earlier systems. Hence, our system proves that it detects all anomalies and shows better results when compared with the existing system. Conclusion: A refreshing technique to improve the detection rate of web-based intrusion detection systems by serially framing a web request anomaly detector using fuzzy rules has been proposed and implemented and this system proves to be more efficient then the existing earlier system when compared with the obtained results.
Highlights
The Web applications provide easy access to the relevant and necessary information through web pages to the users
Web applications include client-side components such as JavaScript code that interact with server-side components
These vulnerable web-based applications has attracted the attention of malicious hackers, who see in web-based applications relatively easy ways for exploitation and try to access sensitive information, which might lead to a monetary gain
Summary
The Web applications provide easy access to the relevant and necessary information through web pages to the users. Query classifier: This access control manager utilizes anomaly scores sent by the anomaly detection module to detect attacks against back-end SQL databases by setting privilege levels. This module is deployed between web based applications and the back-end database server. For user-supplied data which requires certain amount of each HTTP request, compute the relative frequency of data to be sent that significantly exceed the length of legitimate parameters The goal of this model is to approximate the unknown distribution of the parameter lengths and detect instances that substantially deviate from the observed normal behavior. When no enumeration can be identified, it is assumed that the attribute values are random
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
