Thumbnail
Access Restriction
Open

Author Agarwal, Nancy ♦ Hussain, Syed Zeeshan
Editor Conti, Vincenzo
Source Hindawi
Content type Text
Publisher Hindawi
File Format PDF
Copyright Year ©2018
Language English
Abstract Intrusion Detection System (IDS) acts as a defensive tool to detect the security attacks on the web. IDS is a known methodology for detecting network-based attacks but is still immature in monitoring and identifying web-based application attacks. The objective of this research paper is to present a design methodology for efficient IDS with respect to web applications. In this paper, we present several specific aspects which make it challenging for an IDS to monitor and detect web attacks. The article also provides a comprehensive overview of the existing detection systems exclusively designed to observe web traffic. Furthermore, we identify various dimensions for comparing the IDS from different perspectives based on their design and functionalities. We also propose a conceptual framework of a web IDS with a prevention mechanism to offer systematic guidance for the implementation of the system. We compare its features with five existing detection systems, namely, AppSensor, PHPIDS, ModSecurity, Shadow Daemon, and AQTRONIX WebKnight. This paper will highly facilitate the interest groups with the cutting-edge information to understand the stronger and weaker sections of the domain and provide a firm foundation for developing an intelligent and efficient system.
ISSN 19390114
Learning Resource Type Article
Publisher Date 2018-08-14
Rights License This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
e-ISSN 19390122
Journal Security and Communication Networks
Volume Number 2018
Page Count 27


Open content in new tab

   Open content in new tab