A Semantics Based Application Level Intrusion Detection System

Abstract

The increasing cyber threat with the expansion of Web applications demands a constant need for safeguarding our own network resources from vulnerability exploits. Attacks can occur at the network and application level. The existent solutions like firewalls perform well at the network level. The application level detection is based on raw content matching and hence is prone to errors. This paper proposes a design, implementation and performance of an intelligent IDS which looks into the semantics of the application header and also the Web presentation language. The model presented is compatible to work with semantic processors like the XAMBALA semantic processor (XSP), that can look at the structure and content of the traffic