An Invariant-based Approach for Detecting Attacks against Data in Web Applications - Archive ouverte HAL Access content directly
Journal Articles International journal of secure software engineering Year : 2014

An Invariant-based Approach for Detecting Attacks against Data in Web Applications

(1) , (1) , (1) , (2) , (2) , (2) , (2) , (2)
1
2

Abstract

RRABIDS (Ruby on Rails Anomaly Based Intrusion Detection System) is an application levelintrusion detection system (IDS) for applications implemented with the Ruby on Railsframework. The goal of this intrusion detection system is to detect attacks against data in thecontext of web applications. This anomaly based IDS focuses on the modelling of the normalapplication profile using invariants. These invariants are discovered during a learning phase.Then, they are used to instrument the web application at source code level, so that a deviationfrom the normal profile can be detected at run-time. This paper illustrates on simple exampleshow the approach detects well-known categories of web attacks that involve a state violation ofthe application, such as SQL injections. Finally, an assessment phase is performed to evaluatethe accuracy of the detection provided by the proposed approach.

Domains

Cognitive science Computer science
Fichier principal
Vignette du fichier
IJSSE_APA4_def.pdf (641.6 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Frédéric Tronel  : Connect in order to contact the contributor

https://hal.inria.fr/hal-01083296

Submitted on : Monday, November 17, 2014-9:26:14 AM

Last modification on : Thursday, January 26, 2023-4:00:42 AM

Long-term archiving on: Friday, April 14, 2017-1:54:15 PM

Download

Dates and versions

hal-01083296 , version 1 (17-11-2014)

Identifiers

Cite

Romaric Ludinard, Eric Totel, Frédéric Tronel, Vincent Nicomette, Mohamed Kaâniche, et al.. An Invariant-based Approach for Detecting Attacks against Data in Web Applications. International journal of secure software engineering, 2014, 5 (1), pp.19-38. ⟨10.4018/ijsse.2014010102⟩. ⟨hal-01083296⟩

Export

BibTeX TEI Dublin Core DC Terms EndNote Datacite

Collections

INSTITUT-TELECOM EC-PARIS UNIV-TLSE2 UNIV-RENNES1 CNRS INRIA INSA-RENNES INSA-TOULOUSE LAAS IRISA SUP_CIDRE LAAS-TSF UT1-CAPITOLE IRISA-D1 LAAS-INFORMATIQUE-CRITIQUE INRIA2 UR1-MATH-STIC UR1-UFR-ISTIC UNIV-RENNES INSA-GROUPE INSA-TOULOUSE-GEI LAAS-RISC UR1-MATH-NUM TOULOUSE-INP UNIV-UT3 UT3-TOULOUSEINP
519 View
545 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More