A design and implementation of profile based web application securing proxy

Authors:
Youngtae Yun;Sangseo Park;Yosik Kim;Jaecheol Ryou
Affiliations:
National Security Research Institute, Daejon, Korea;National Security Research Institute, Daejon, Korea;National Security Research Institute, Daejon, Korea;IIRTRC, Chungnam National University, Daejon, Korea
Venue:
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
Year:
2006

Citing 3
Cited 0

Abstracting application-level web security

Proceedings of the 11th international conference on World Wide Web
Securing web application code by static analysis and runtime protection

Proceedings of the 13th international conference on World Wide Web
A multi-model approach to the detection of web-based attacks

Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recently, the security threat on web application is increasing rapidly and especially open source web applications are becoming popular target of web server hacking. And more there was a worm which spread via web application vulnerabilities. Web application attack uses the vulnerability not in web server itself, but in structural, logical, and code errors. The majority of flaws in web applications are caused by absence of the user input validation. But, it is difficult to detect various abnormal user inputs by pattern matching method. In this paper, we propose the web application securing proxy based on profiling which can be constructed by learning usual normal activity. The proposed proxy system can detect and filter out attacker's abnormal requests via anomaly detection mechanism.