T. Mantoro, Normaziah Binti Abdul Aziz, Nur Dalilah Binti Meor Yusoff, Nor Aishah Binti Abu Talib
{"title":"入侵和防御反向代理服务器Web攻击的日志可视化","authors":"T. Mantoro, Normaziah Binti Abdul Aziz, Nur Dalilah Binti Meor Yusoff, Nor Aishah Binti Abu Talib","doi":"10.1109/ICICM.2013.70","DOIUrl":null,"url":null,"abstract":"SQL Injection Attack (SQLIA) has made to the top of the OWASP, Top 10 Web Application Security Risks in 2013 and in 2010. The explosive use of web application with very little emphasis lay on securing it make this attack becoming more popular. Various methods have been discussed and proposed as countermeasure to the attack. Unfortunately, most of them are seen to be not comprehensive enough to address any kind of issues an organization might have when it comes to hardening the web security such as technical and financial matter for instance. This study presents a way to prevent and detect intrusion through the deployment of reverse proxy with an intrusion and prevention mechanism built in against web attacks especially SQLIA. With the flexibility offered in server logging process, we obtain and analyse preferred data to visualize the type of attack based on logs information. Our graph visualization development monitors three web security aspects, i.e. the top traffic blocked attempted by IP address, number of regular expression rules violated and detect the rules of intrusion detection.","PeriodicalId":179536,"journal":{"name":"2013 International Conference on Informatics and Creative Multimedia","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Log Visualization of Intrusion and Prevention Reverse Proxy Server against Web Attacks\",\"authors\":\"T. Mantoro, Normaziah Binti Abdul Aziz, Nur Dalilah Binti Meor Yusoff, Nor Aishah Binti Abu Talib\",\"doi\":\"10.1109/ICICM.2013.70\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"SQL Injection Attack (SQLIA) has made to the top of the OWASP, Top 10 Web Application Security Risks in 2013 and in 2010. The explosive use of web application with very little emphasis lay on securing it make this attack becoming more popular. Various methods have been discussed and proposed as countermeasure to the attack. Unfortunately, most of them are seen to be not comprehensive enough to address any kind of issues an organization might have when it comes to hardening the web security such as technical and financial matter for instance. This study presents a way to prevent and detect intrusion through the deployment of reverse proxy with an intrusion and prevention mechanism built in against web attacks especially SQLIA. With the flexibility offered in server logging process, we obtain and analyse preferred data to visualize the type of attack based on logs information. Our graph visualization development monitors three web security aspects, i.e. the top traffic blocked attempted by IP address, number of regular expression rules violated and detect the rules of intrusion detection.\",\"PeriodicalId\":179536,\"journal\":{\"name\":\"2013 International Conference on Informatics and Creative Multimedia\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-09-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Conference on Informatics and Creative Multimedia\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICICM.2013.70\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Informatics and Creative Multimedia","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICICM.2013.70","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Log Visualization of Intrusion and Prevention Reverse Proxy Server against Web Attacks
SQL Injection Attack (SQLIA) has made to the top of the OWASP, Top 10 Web Application Security Risks in 2013 and in 2010. The explosive use of web application with very little emphasis lay on securing it make this attack becoming more popular. Various methods have been discussed and proposed as countermeasure to the attack. Unfortunately, most of them are seen to be not comprehensive enough to address any kind of issues an organization might have when it comes to hardening the web security such as technical and financial matter for instance. This study presents a way to prevent and detect intrusion through the deployment of reverse proxy with an intrusion and prevention mechanism built in against web attacks especially SQLIA. With the flexibility offered in server logging process, we obtain and analyse preferred data to visualize the type of attack based on logs information. Our graph visualization development monitors three web security aspects, i.e. the top traffic blocked attempted by IP address, number of regular expression rules violated and detect the rules of intrusion detection.