TITLE:
Web Threats Detection and Prevention Framework
AUTHORS:
Osama M. Rababah, Ahmad K. Al Hwaitat, Saher Al Manaseer, Hussam N. Fakhouri, Rula Halaseh
KEYWORDS:
SQL Injection, XSS, DDoS Attack, Suspicious User Behavior, Web Applications
JOURNAL NAME:
Communications and Network,
Vol.8 No.3,
August
4,
2016
ABSTRACT: The rapid advancement in technology and the increased number of web applications with very
short turnaround time caused an increased need for protection from vulnerabilities that grew due
to decision makers overlooking the need to be protected from attackers or software developers
lacking the skills and experience in writing secure code. Structured Query Language (SQL) Injection,
cross-site scripting (XSS), Distributed Denial of service (DDos) and suspicious user behaviour
are some of the common types of vulnerabilities in web applications by which the attacker can
disclose the web application sensitive information such as credit card numbers and other confidential
information. This paper proposes a framework for the detection and prevention of web
threats (WTDPF) which is based on preventing the attacker from gaining access to confidential
data by studying his behavior during the action of attack and taking preventive measures to reduce
the risks of the attack and as well reduce the consequences of such malicious action. The
framework consists of phases which begin with the input checking phase, signature based action
component phase, alert and response phases. Additionally, the framework has a logging functionality
to store and keep track of any action taking place and as well preserving information about
the attacker IP address, date and time of the attack, type of the attack, and the mechanism the attacker
used. Moreover, we provide experimental results for different kinds of attacks, and we illustrate
the success of the proposed framework for dealing with and preventing malicious actions.