Web Threats Detection and Prevention Framework

作     者：Osama M. Rababah Ahmad K. Al Hwaitat Saher Al Manaseer Hussam N. Fakhouri Rula Halaseh Osama M. Rababah;Ahmad K. Al Hwaitat;Saher Al Manaseer;Hussam N. Fakhouri;Rula Halaseh

作者机构：Department of Business Information Technology The University of Jordan Amman Jordan Department of Computer Science The University of Jordan Amman Jordan 

出 版 物：《Communications and Network》 (通讯与网络（英文）)

年 卷 期：2016年第8卷第3期

页      面：170-178页

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

主　　题：SQL Injection XSS DDoS Attack Suspicious User Behavior Web Applications 

摘      要：The rapid advancement in technology and the increased number of web applications with very short turnaround time caused an increased need for protection from vulnerabilities that grew due to decision makers overlooking the need to be protected from attackers or software developers lacking the skills and experience in writing secure code. Structured Query Language (SQL) Injection, cross-site scripting (XSS), Distributed Denial of service (DDos) and suspicious user behaviour are some of the common types of vulnerabilities in web applications by which the attacker can disclose the web application sensitive information such as credit card numbers and other confidential information. This paper proposes a framework for the detection and prevention of web threats (WTDPF) which is based on preventing the attacker from gaining access to confidential data by studying his behavior during the action of attack and taking preventive measures to reduce the risks of the attack and as well reduce the consequences of such malicious action. The framework consists of phases which begin with the input checking phase, signature based action component phase, alert and response phases. Additionally, the framework has a logging functionality to store and keep track of any action taking place and as well preserving information about the attacker IP address, date and time of the attack, type of the attack, and the mechanism the attacker used. Moreover, we provide experimental results for different kinds of attacks, and we illustrate the success of the proposed framework for dealing with and preventing malicious actions.