Skip to main content
SpringerLink
Log in

Developing an Intelligent Intrusion Detection and Prevention System against Web Application Malware

  • Conference paper
Advances in Security of Information and Communication Networks (SecNet 2013)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 381))

  • 1340 Accesses

Abstract

Malware authors are continuously developing crime toolkits. This has led to the situation of zero-day attacks, where malware harm computer systems despite the protection from existing Intrusion Detection Systems (IDSs). We propose an Intelligent Intrusion Detection and Prevention System (IIDPS) approach that combines the Signature based Intrusion Detection system (SIDS), Anomaly based Intrusion Detection System (AIDS) and Response Intrusion Detection System (RIDS). We used a risk assessment approach to determine an appropriate response action against each attack event. We also demonstrated the IIDPS make the detection and prevention of malware more effective.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alazab, A., Abawajy, J., Hobbs, M.: Web Malware That Target Web Application. In: Caviglione, L., Coccoli, M., Merlo, A. (eds.) Social Network Engineering for Secure Web Data and Services. IGI Global, USA (2013)

    Google Scholar 

  2. Alazab, A., Alazab, M., Abawajy, J., Hobbs, M.: Web Application Protection against SQL injection Attack. In: Proceedings of the 7th International Conference on Information Technology and Applications, pp. 1–7. IEEE (2011)

    Google Scholar 

  3. Alazab, M., Ventatraman, S., Watters, P., Alazab, M., Alazab, A.: Cybercrime: The Case of Obuscated Malware. In: 7th International Conference on Global Security, Safety & Sustainability (2011)

    Google Scholar 

  4. Alazab, M., Venkatraman, S., Watters, P., Alazab, M.: Zero-day Malware Detection based on Supervised Learning Algorithms of API call Signatures. In: Australasian Data Mining Conference (AusDM 2011), pp. 171–182. ACS (2011)

    Google Scholar 

  5. Shameli-Sendi, A., Ezzati-Jivan, N., Jabbarifar, M., Dagenais, M.: Intrusion response systems: survey and taxonomy. Int. J. Comput. Sci. Network Secur (IJCSNS) 12(1), 1–14 (2012)

    Google Scholar 

  6. Alazab, A., Hobbs, M., Abawajy, J., Alazab, M.: Using feature selection for intrusion detection system. In: International Symposium on Communications and Information Technologies (ISCIT), pp. 296–301. IEEE (2012)

    Google Scholar 

  7. Vigna, G., Valeur, F., Balzarotti, D., Robertson, W., Kruegel, C., Kirda, E.: Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries. Journal of Computer Security 17, 305–329 (2009)

    Google Scholar 

  8. Robertson, W., Maggi, F., Kruegel, C., Vigna, G.: Effective anomaly detection with scarce training data. In: Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA (2010)

    Google Scholar 

  9. Kruegel, C., Vigna, G.: Anomaly detection of web-based attacks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 251–261. ACM (2003)

    Google Scholar 

  10. Robertson, W.K., Adviser-Kemmerer, R.A., Adviser-Vigna, G.: Detecting and preventing attacks against web applications. University of California at Santa Barbara (2009)

    Google Scholar 

  11. Cova, M., Balzarotti, D., Felmetsger, V., Vigna, G.: Swaddler: An approach for the anomaly-based detection of state violations in web applications. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 63–86. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  12. Dagorn, N.: WebIDS: A Cooperative Bayesian Anomaly-Based Intrusion Detection System for Web Applications (Extended Abstract). In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 392–393. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  13. http://msdn.microsoft.com/en-us/library/ff648644.aspx

Download references

Author information

Authors and Affiliations

  1. School of Information Technology, Deakin University, Waurn Ponds, Australia

    Ammar Alazab, Michael Hobbs & Jemal Abawajy

  2. University of Ballarat, Ballarat, Australia

    Ansam Khraisat

Authors
  1. Ammar Alazab
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Michael Hobbs
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jemal Abawajy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ansam Khraisat
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Engineering, Faculty of Engineering, Al Azhar University, 83513, Qena, Egypt

    Ali Ismail Awad

  2. Department of Information Technology, Cairo University, 5 Dr. Ahmed Zewail Street, 12613, Giza, Cairo, Egypt

    Aboul Ella Hassanien

  3. Library, Kyushu University, 10-1, Hakozaki 6, Higashi-ku, 812-8581, Fukuoka, Japan

    Kensuke Baba

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Alazab, A., Hobbs, M., Abawajy, J., Khraisat, A. (2013). Developing an Intelligent Intrusion Detection and Prevention System against Web Application Malware. In: Awad, A.I., Hassanien, A.E., Baba, K. (eds) Advances in Security of Information and Communication Networks. SecNet 2013. Communications in Computer and Information Science, vol 381. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40597-6_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-40597-6_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-40596-9

  • Online ISBN: 978-3-642-40597-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation