UQAM - Université du Québec à Montréal
Archive de publications électroniques
UQAM ›  Archive de publications électroniques ›  An intrusion detection system on network security for web application

An intrusion detection system on network security for web application

Yuan, Wei (2006). « An intrusion detection system on network security for web application » Mémoire. Montréal (Québec, Canada), Université du Québec à Montréal, Maîtrise en informatique.

Fichier(s) associé(s) à ce document :

[img]
Prévisualisation
PDF
8Mb

Résumé

For the last 15 years, significant amount of resources are invested to enhance the security at system and network level, such as firewalls, IDS, anti-virus, etc. IT infrastructure tends to be more and more secure than ever before. As an ever-increasing number of businesses move to take advantage of the Internet, web applications are becoming more prevalent and increasingly more sophisticated, and as such they are critical to almost all major online businesses. The very nature of web applications, their abilities to collect, process and disseminate information over the Internet, exposes thern to rnalicious hackers. However, the traditional security solutions such as firewall, network and host IDS, do not provide comprehensive protection against the attacks common in the web applications. The thesis concentrates on the research of an advanced intrusion detection framework. An intrusion detection framework was designed which works along with any custom web application to collect and analyze HTTP traffic with various advanced algorithms. Two intrusion detection algorithms are tested and adopted in the framework. Pattern Matching is the most popular intrusion detection technology adopted by most of the commercial intrusion detection system. Behavior Modeling is a new technology that can dynamically adapt the detection algorithms in accordance with the application behavior. The combination of the two intrusion technologies has dramatically reduced false positive and false negative alarms. Moreover, a Servlet filter-based Web Agent is used to capture HTTP request. An isolated Response Module is developed to execute pre-defined action according to the analysis result. A database is involved to provide persistence support for the framework. Also, several simulation experiments are developed for evaluating the efficiency of detecting capability. ______________________________________________________________________________

Type de document : Mémoire accepté
Directeur de thèse : Zuoliang, Cao et Girard, Paul
État du document : Non publié
Informations complémentaires : Le mémoire a été numérisé tel que transmis par l'auteur
Mots-clés : Détection d'intrusion, Sécurité des réseaux, Application Web
Unité d'appartenance : Faculté des sciences > Département d'informatique
Code ID : 4835
Déposé par : RB Service des bibliothèques
Déposé le : 24 sept. 2012 09:31
Dernière modification : 30 juin 2014 08:25

Modifier les métadonnées de ce document.

Voir les statistiques sur cinq ans...