Semantic security against web application attacks

Authors:
Abdul Razzaq;Khalid Latif;H. Farooq Ahmad;Ali Hur;Zahid Anwar;Peter Charles Bloodsworth
Affiliations:
-;-;-;-;-;-
Venue:
Information Sciences: an International Journal
Year:
2014

Citing 47
Cited 0

A taxonomy of computer program security flaws

ACM Computing Surveys (CSUR)
A fast string searching algorithm

Communications of the ACM
Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory

ACM Transactions on Information and System Security (TISSEC)
Abstraction-based intrusion detection in distributed environments

ACM Transactions on Information and System Security (TISSEC)
Ontology in information security: a useful theoretical foundation and methodological tool

Proceedings of the 2001 workshop on New security paradigms
Service specific anomaly detection for network intrusion detection

Proceedings of the 2002 ACM symposium on Applied computing
Jena: implementing the semantic web recommendations

Proceedings of the 13th international World Wide Web conference on Alternate track papers & posters
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration
Context based Application Level Intrusion Detection System

ICNS '06 Proceedings of the International conference on Networking and Services
Application layer intrusion detection for SQL injection

Proceedings of the 44th annual Southeast regional conference
Reflection in membership equational logic, many-sorted equational logic, Horn logic with equality, and rewriting logic

Theoretical Computer Science
Pellet: A practical OWL-DL reasoner

Web Semantics: Science, Services and Agents on the World Wide Web
Building a Test Suite for Web Application Scanners

HICSS '08 Proceedings of the Proceedings of the 41st Annual Hawaii International Conference on System Sciences
Combating the Insider Cyber Threat

IEEE Security and Privacy
Information Security Fortification by Ontological Mapping of the ISO/IEC 27001 Standard

PRDC '07 Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing
Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications

SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Joomla! Web Security

Joomla! Web Security
Static analysis for detecting taint-style vulnerabilities in web applications

Journal of Computer Security
Foundation of Semantic Rule Engine to Protect Web Application Attacks

ISADS '11 Proceedings of the 2011 Tenth International Symposium on Autonomous Decentralized Systems
Secure data preservers forweb services

WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
Enhanced Topic-based Vector Space Model for semantics-aware spam filtering

Expert Systems with Applications: An International Journal
Identifying Web Spam with the Wisdom of the Crowds

ACM Transactions on the Web (TWEB)
Identity Theft and Financial Fraud: Some Strangeness in the Proportions

Computer
Detecting Spam Zombies by Monitoring Outgoing Messages

IEEE Transactions on Dependable and Secure Computing
Data mining methods for anomaly detection of HTTP request exploitations

FSKD'05 Proceedings of the Second international conference on Fuzzy Systems and Knowledge Discovery - Volume Part II
Integrating trust management and access control in data-intensive Web applications

ACM Transactions on the Web (TWEB)
Knowledge discovery through ontology matching: An approach based on an Artificial Neural Network model

Information Sciences: an International Journal
Defending against Cross-Site Scripting Attacks

Computer
Using Rule Ontology in Repeated Rule Acquisition from Similar Web Sites

IEEE Transactions on Knowledge and Data Engineering
Detecting and Resolving Firewall Policy Anomalies

IEEE Transactions on Dependable and Secure Computing
Detecting Anomalous Insiders in Collaborative Information Systems

IEEE Transactions on Dependable and Secure Computing
Automated Security Test Generation with Formal Threat Models

IEEE Transactions on Dependable and Secure Computing
Hierarchical Kohonenen net for anomaly detection in network security

IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics
Internet access traffic measurement and analysis

TMA'12 Proceedings of the 4th international conference on Traffic Monitoring and Analysis
Ranking semantic relationships between two entities using personalization in context specification

Information Sciences: an International Journal
Detecting Targeted Malicious Email

IEEE Security and Privacy
Integrated access control and intrusion detection for Web servers

IEEE Transactions on Parallel and Distributed Systems
Network security via reverse engineering of TCP code: vulnerability analysis and proposed solutions

IEEE Network: The Magazine of Global Internetworking
Defending against Web Application Vulnerabilities

Computer
Ontology paper: The SSN ontology of the W3C semantic sensor network incubator group

Web Semantics: Science, Services and Agents on the World Wide Web
Ontology paper: Community analysis through semantic rules and role composition derivation

Web Semantics: Science, Services and Agents on the World Wide Web
In-execution dynamic malware analysis and detection by mining information in process control blocks of Linux OS

Information Sciences: an International Journal
Toward a more practical unsupervised anomaly detection system

Information Sciences: an International Journal
idMAS-SQL: Intrusion Detection Based on MAS to Detect and Block SQL injection through data mining

Information Sciences: an International Journal
How Can We Deter Cyber Terrorism?

Information Security Journal: A Global Perspective
Towards an Ontological Approach to Information System Security and Safety Requirement Modeling and Reuse

Information Security Journal: A Global Perspective
Bayesian approach for inconsistent information

Information Sciences: an International Journal

Quantified Score

Hi-index	0.07

Visualization

Abstract

In this paper, we propose a method of detecting and classifying web application attacks. In contrast to current signature-based security methods, our solution is an ontology based technique. It specifies web application attacks by using semantic rules, the context of consequence and the specifications of application protocols. The system is capable of detecting sophisticated attacks effectively and efficiently by analyzing the specified portion of a user request where attacks are possible. Semantic rules help to capture the context of the application, possible attacks and the protocol that was used. These rules also allow inference to run over the ontological models in order to detect, the often complex polymorphic variations of web application attacks. The ontological model was developed using Description Logic that was based on the Web Ontology Language (OWL). The inference rules are Horn Logic statements and are implemented using the Apache JENA framework. The system is therefore platform and technology independent. Prior to the evaluation of the system the knowledge model was validated by using OntoClean to remove inconsistency, incompleteness and redundancy in the specification of ontological concepts. The experimental results show that the detection capability and performance of our system is significantly better than existing state of the art solutions. The system successfully detects web application attacks whilst generating few false positives. The examples that are presented demonstrate that a semantic approach can be used to effectively detect zero day and more sophisticated attacks in a real-world environment.