Usability of software intrusion-detection system in web applications
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F70883521%3A28140%2F13%3A43868694" target="_blank" >RIV/70883521:28140/13:43868694 - isvavai.cz</a>
Result on the web
<a href="http://dx.doi.org/10.1007/978-3-642-33018-6_16" target="_blank" >http://dx.doi.org/10.1007/978-3-642-33018-6_16</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/978-3-642-33018-6_16" target="_blank" >10.1007/978-3-642-33018-6_16</a>
Alternative languages
Result language
angličtina
Original language name
Usability of software intrusion-detection system in web applications
Original language description
This article is focused on the security solution based on intrusion detection idea, which should be independent of the web server type or configuration and do not rely on the other network hardware components. Discussed intrusion detection system solution is connected directly with the web application and is based on the real-time request analysis. The main opportunities of proposed principle are very low cost and simple implementation. Proposal is based on implementation of LGPL library PHPIDS [https://phpids.org/] into the demo application which consists of simple web form for testing. Integration of PHPIDS library was tested against the main web security flaws - SQL Injection, Cross Site Scripting, and HTTP Parameter Pollution. On this demo application, simple stress tests were performed and also level of security was evaluated. Moreover, suggestions for future improvements of this security solution are discussed.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
IN - Informatics
OECD FORD branch
—
Result continuities
Project
—
Continuities
V - Vyzkumna aktivita podporovana z jinych verejnych zdroju
Others
Publication year
2013
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
International Joint Conference CISIS ´12-ICEUTE ´12-SOCO ´12
ISBN
978-3-642-33017-9
ISSN
2194-5357
e-ISSN
—
Number of pages
8
Pages from-to
159-166
Publisher name
Springer-Verlag Berlin
Place of publication
Heidelberg
Event location
Ostrava
Event date
Sep 5, 2012
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
—