| HAL-Inria | Publications, software ... of Inria's scientists |
Journal articles
An Invariant-based Approach for Detecting Attacks against Data in Web Applications
Abstract : RRABIDS (Ruby on Rails Anomaly Based Intrusion Detection System) is an application levelintrusion detection system (IDS) for applications implemented with the Ruby on Railsframework. The goal of this intrusion detection system is to detect attacks against data in thecontext of web applications. This anomaly based IDS focuses on the modelling of the normalapplication profile using invariants. These invariants are discovered during a learning phase.Then, they are used to instrument the web application at source code level, so that a deviationfrom the normal profile can be detected at run-time. This paper illustrates on simple exampleshow the approach detects well-known categories of web attacks that involve a state violation ofthe application, such as SQL injections. Finally, an assessment phase is performed to evaluatethe accuracy of the detection provided by the proposed approach.
Cited literature [18 references]
https://hal.inria.fr/hal-01083296
Contributor : Frédéric Tronel <>
Submitted on : Monday, November 17, 2014 - 9:26:14 AM
Last modification on : Friday, July 10, 2020 - 4:06:02 PM
Document(s) archivé(s) le : Friday, April 14, 2017 - 1:54:15 PM
Contributor : Frédéric Tronel <>
Submitted on : Monday, November 17, 2014 - 9:26:14 AM
Last modification on : Friday, July 10, 2020 - 4:06:02 PM
Document(s) archivé(s) le : Friday, April 14, 2017 - 1:54:15 PM
File
IJSSE_APA4_def.pdf
Files produced by the author(s)