A Traffic Monitoring and Policy Enforcement Framework for HTTP

Abstract

Due to the accessibility and popularity of Internet, web based applications are commonly used for providing different services to the users. At the same time, the simplicity to conduct attacks and the availability of several attack tools have made web applications the most common target for attackers. Hence monitoring and analysis of web applications require special attention. In this paper, we describe a policy enforcement and web attack detection framework for HTTP protocol. The proposed framework can monitor and analyze HTTP traffic to detect injection, misconfiguration and directory traversal attacks. Moreover, this framework can be used to enforce web application access policies involving content type, URL and device level access.