Policy-based intrusion detection in web applications by monitoring Java information flows

  • Authors:
  • Guillaume Hiet;Valerie Viet Triem Tong;Ludovic Me;Benjamin Morin

  • Affiliations:
  • SUPELEC, Avenue de la Boulais, CS 47601, F-35576 Cesson-Sevigne Cedex, France.;SUPELEC, Avenue de la Boulais, CS 47601, F-35576 Cesson-Sevigne Cedex, France.;SUPELEC, Avenue de la Boulais, CS 47601, F-35576 Cesson-Sevigne Cedex, France.;SUPELEC, Avenue de la Boulais, CS 47601, F-35576 Cesson-Sevigne Cedex, France

  • Venue:
  • International Journal of Information and Computer Security
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

This paper focuses on intrusion detection in systems using web applications and Commercial Off-The-Shelf (COTS). We present a solution that combines policy-based intrusion detection and information flow control. We describe JBlare, an inline Java monitor that tracks inter-method flows in Java applications. This monitor collaborates with Blare, a monitor that tracks information flow in the whole system at the OS-level. The combination of these two detectors constitutes a policy-based Intrusion Detection System (IDS) that can address a wide range of attacks.