JOURNAL OF COMPUTERS (JCP)
ISSN : 1796-203X
Volume : 4    Issue : 5    Date : May 2009

An IPS for Web Applications
Angelo Biscotti, Gianluca Capuzzi, Egidio Cardinale, Francesco Pagliarecci, Luca Spalazzi
Page(s): 387-394
Full Text:
PDF (371 KB)


Abstract
This work presents an IPS for web applications that combines anomaly detection, misuse
detection, and a prevention module. This approach provides us a solution that produce a number of
false positives and false negatives less than traditional solutions. The proposed system is also
able to update the misuse and anomaly model according to feedback received by the security
manager. Finally, in our system the anomaly model has been specifically designed for web
applications. We implemented and experimented our system in a real service company. From the
results arises an improvement with respect to other state-of-the-art WEBIDSs.

Index Terms
Intrusion Detection Systems, Intrusion Prevention Systems, Web Applications