An Efficient Attack Defensive Models For Web Security
Mohammad Arshad1, Ali Hussain2
1Mohammad Arshad, Research Scholar, KLEF, Guntur (Andhra Pradesh), India.
2Md. Ali Hussain, Professor, KLEF, Guntur (Andhra Pradesh), India.
Manuscript received on 18 June 2019 | Revised Manuscript received on 25 June 2019 | Manuscript published on 30 June 2019 | PP: 969-974 | Volume-8 Issue-5, June 2019 | Retrieval Number: E7056068519/19©BEIESP
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Web security plays vital role in protecting interests of genuine users associated with different web applications that are deployed in web server running either in Local Area Network (LAN) or Wireless Local Area Network (WLAN). There are many attacks possible to violate web security. They include URL interpretation, impersonation and session hijacking to mention few. These attacks make significant damage to legitimate users. They may cause financial and other risks. The existing solutions to prevent such attacks are very useful. However, a framework that is extensible and caters to the security services required by web server is important to have sustainable and continuous effort to have countermeasures to the known attacks and also unknown attacks that may be devised by adversaries in future. Towards this end, in this paper, we proposed a framework known as Attack Detection and Prevention Framework (ADPF) with mechanisms and underlying algorithms to detect and prevent various kinds of attacks that jeopardise web security. This paper has focused on three attacks though the framework is extensible to support prevention of other attacks. They are known as URL interpretation, session hijacking and impersonation. We built a prototype framework that is deployed in web server to demonstrate proof of the concept. Our experimental results revealed that the proposed framework has high utility in preventing aforementioned attacks.
Keywords: Web Security, Automatic Vulnerability Detection, URL Interpretation Attack, Impersonation Attack, Session Hijacking Attack
Scope of the Article: Web Technologies