DoubleGuard: Detecting Intrusions in Multitier Web Applications
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Le, Meixing | ko |
| dc.contributor.author | Stavrou, Angelos | ko |
| dc.contributor.author | Kang, Brent ByungHoon | ko |
| dc.date.accessioned | 2013-08-29T02:30:45Z | - |
| dc.date.available | 2013-08-29T02:30:45Z | - |
| dc.date.created | 2013-08-21 | - |
| dc.date.created | 2013-08-21 | - |
| dc.date.created | 2013-08-21 | - |
| dc.date.created | 2013-08-21 | - |
| dc.date.issued | 2012-07 | - |
| dc.identifier.citation | IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, v.9, no.4, pp.512 - 525 | - |
| dc.identifier.issn | 1545-5971 | - |
| dc.identifier.uri | http://hdl.handle.net/10203/176618 | - |
| dc.description.abstract | Internet services and applications have become an inextricable part of daily life, enabling communication and the management of personal information from anywhere. To accommodate this increase in application and data complexity, web services have moved to a multitiered design wherein the webserver runs the application front-end logic and data are outsourced to a database or file server. In this paper, we present DoubleGuard, an IDS system that models the network behavior of user sessions across both the front-end webserver and the back-end database. By monitoring both web and subsequent database requests, we are able to ferret out attacks that an independent IDS would not be able to identify. Furthermore, we quantify the limitations of any multitier IDS in terms of training sessions and functionality coverage. We implemented DoubleGuard using an Apache webserver with MySQL and lightweight virtualization. We then collected and processed real-world traffic over a 15-day period of system deployment in both dynamic and static web applications. Finally, using DoubleGuard, we were able to expose a wide range of attacks with 100 percent accuracy while maintaining 0 percent false positives for static web services and 0.6 percent false positives for dynamic web services. | - |
| dc.language | English | - |
| dc.publisher | IEEE COMPUTER SOC | - |
| dc.title | DoubleGuard: Detecting Intrusions in Multitier Web Applications | - |
| dc.type | Article | - |
| dc.identifier.wosid | 000304147900007 | - |
| dc.identifier.scopusid | 2-s2.0-84861175145 | - |
| dc.type.rims | ART | - |
| dc.citation.volume | 9 | - |
| dc.citation.issue | 4 | - |
| dc.citation.beginningpage | 512 | - |
| dc.citation.endingpage | 525 | - |
| dc.citation.publicationname | IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING | - |
| dc.identifier.doi | 10.1109/TDSC.2011.59 | - |
| dc.contributor.localauthor | Kang, Brent ByungHoon | - |
| dc.contributor.nonIdAuthor | Le, Meixing | - |
| dc.contributor.nonIdAuthor | Stavrou, Angelos | - |
| dc.description.isOpenAccess | N | - |
| dc.type.journalArticle | Article | - |
| dc.subject.keywordAuthor | Anomaly detection | - |
| dc.subject.keywordAuthor | virtualization | - |
| dc.subject.keywordAuthor | multitier web application | - |
| dc.subject.keywordPlus | DETECTION SYSTEMS | - |
- Appears in Collection
- CS-Journal Papers(저널논문)
- Files in This Item
- There are no files associated with this item.
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 13 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.