Abstracting application-level web security
Proceedings of the 11th international conference on World Wide Web
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
A multi-model approach to the detection of web-based attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Hi-index | 0.00 |
Recently, the security threat on web application is increasing rapidly and especially open source web applications are becoming popular target of web server hacking. And more there was a worm which spread via web application vulnerabilities. Web application attack uses the vulnerability not in web server itself, but in structural, logical, and code errors. The majority of flaws in web applications are caused by absence of the user input validation. But, it is difficult to detect various abnormal user inputs by pattern matching method. In this paper, we propose the web application securing proxy based on profiling which can be constructed by learning usual normal activity. The proposed proxy system can detect and filter out attacker's abnormal requests via anomaly detection mechanism.