Log visualization of intrusion and prevention reverse proxy server against web attacks
SQL Injection Attack (SQLIA) has made to the top of the OWASP, Top 10 Web Application Security Risks in 2013 and in 2010. The explosive use of web application with very little emphasis lay on securing it make this attack becoming more popular. Various methods have been discussed and propos...
| Main Authors: | , , , |
|---|---|
| Format: | Proceeding Paper |
| Language: | English |
| Published: |
IEEE
2013
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/35416/1/06702833.pdf |
| _version_ | 1796878609463377920 |
|---|---|
| author | Mantoro, Teddy Abdul Aziz, Normaziah Meor Yusof, Nur Dalilah Abu Talib, Nor Aishah |
| author_facet | Mantoro, Teddy Abdul Aziz, Normaziah Meor Yusof, Nur Dalilah Abu Talib, Nor Aishah |
| author_sort | Mantoro, Teddy |
| collection | IIUM |
| description | SQL Injection Attack (SQLIA) has made to the top
of the OWASP, Top 10 Web Application Security Risks in
2013 and in 2010. The explosive use of web application with
very little emphasis lay on securing it make this attack
becoming more popular. Various methods have been discussed
and proposed as countermeasure to the attack. Unfortunately,
most of them are seen to be not comprehensive enough to
address any kind of issues an organization might have when it
comes to hardening the web security such as technical and
financial matter for instance. This study presents a way to
prevent and detect intrusion through the deployment of
reverse proxy with an intrusion and prevention mechanism
built in against web attacks especially SQLIA. With the
flexibility offered in server logging process, we obtain and
analyse preferred data to visualize the type of attack based on
logs information. Our graph visualization development
monitors three web security aspects, i.e. the top traffic blocked
attempted by IP address, number of regular expression rules
violated and detect the rules of intrusion detection. |
| first_indexed | 2024-03-05T23:23:59Z |
| format | Proceeding Paper |
| id | oai:generic.eprints.org:35416 |
| institution | International Islamic University Malaysia |
| language | English |
| last_indexed | 2024-03-05T23:23:59Z |
| publishDate | 2013 |
| publisher | IEEE |
| record_format | dspace |
| spelling | oai:generic.eprints.org:354162016-06-05T19:25:46Z http://irep.iium.edu.my/35416/ Log visualization of intrusion and prevention reverse proxy server against web attacks Mantoro, Teddy Abdul Aziz, Normaziah Meor Yusof, Nur Dalilah Abu Talib, Nor Aishah T10.5 Communication of technical information SQL Injection Attack (SQLIA) has made to the top of the OWASP, Top 10 Web Application Security Risks in 2013 and in 2010. The explosive use of web application with very little emphasis lay on securing it make this attack becoming more popular. Various methods have been discussed and proposed as countermeasure to the attack. Unfortunately, most of them are seen to be not comprehensive enough to address any kind of issues an organization might have when it comes to hardening the web security such as technical and financial matter for instance. This study presents a way to prevent and detect intrusion through the deployment of reverse proxy with an intrusion and prevention mechanism built in against web attacks especially SQLIA. With the flexibility offered in server logging process, we obtain and analyse preferred data to visualize the type of attack based on logs information. Our graph visualization development monitors three web security aspects, i.e. the top traffic blocked attempted by IP address, number of regular expression rules violated and detect the rules of intrusion detection. IEEE 2013 Proceeding Paper PeerReviewed application/pdf en http://irep.iium.edu.my/35416/1/06702833.pdf Mantoro, Teddy and Abdul Aziz, Normaziah and Meor Yusof, Nur Dalilah and Abu Talib, Nor Aishah (2013) Log visualization of intrusion and prevention reverse proxy server against web attacks. In: International Conference on Informatics and Creative Multimedia (ICICM), 2013, 4-6 September 2013, Kuala Lumpur, Malaysia. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6702833 |
| spellingShingle | T10.5 Communication of technical information Mantoro, Teddy Abdul Aziz, Normaziah Meor Yusof, Nur Dalilah Abu Talib, Nor Aishah Log visualization of intrusion and prevention reverse proxy server against web attacks |
| title | Log visualization of intrusion and prevention reverse proxy server against web attacks
|
| title_full | Log visualization of intrusion and prevention reverse proxy server against web attacks
|
| title_fullStr | Log visualization of intrusion and prevention reverse proxy server against web attacks
|
| title_full_unstemmed | Log visualization of intrusion and prevention reverse proxy server against web attacks
|
| title_short | Log visualization of intrusion and prevention reverse proxy server against web attacks
|
| title_sort | log visualization of intrusion and prevention reverse proxy server against web attacks |
| topic | T10.5 Communication of technical information |
| url | http://irep.iium.edu.my/35416/1/06702833.pdf |
| work_keys_str_mv | AT mantoroteddy logvisualizationofintrusionandpreventionreverseproxyserveragainstwebattacks AT abdulaziznormaziah logvisualizationofintrusionandpreventionreverseproxyserveragainstwebattacks AT meoryusofnurdalilah logvisualizationofintrusionandpreventionreverseproxyserveragainstwebattacks AT abutalibnoraishah logvisualizationofintrusionandpreventionreverseproxyserveragainstwebattacks |