Log visualization of intrusion and prevention reverse proxy server against web attacks

SQL Injection Attack (SQLIA) has made to the top of the OWASP, Top 10 Web Application Security Risks in 2013 and in 2010. The explosive use of web application with very little emphasis lay on securing it make this attack becoming more popular. Various methods have been discussed and propos...

Full description

Bibliographic Details
Main Authors: Mantoro, Teddy, Abdul Aziz, Normaziah, Meor Yusof, Nur Dalilah, Abu Talib, Nor Aishah
Format: Conference or Workshop Item
Language:English
Published: IEEE 2013
Subjects:
Online Access:http://irep.iium.edu.my/35416/
http://irep.iium.edu.my/35416/
http://irep.iium.edu.my/35416/1/06702833.pdf
Description
Summary:SQL Injection Attack (SQLIA) has made to the top of the OWASP, Top 10 Web Application Security Risks in 2013 and in 2010. The explosive use of web application with very little emphasis lay on securing it make this attack becoming more popular. Various methods have been discussed and proposed as countermeasure to the attack. Unfortunately, most of them are seen to be not comprehensive enough to address any kind of issues an organization might have when it comes to hardening the web security such as technical and financial matter for instance. This study presents a way to prevent and detect intrusion through the deployment of reverse proxy with an intrusion and prevention mechanism built in against web attacks especially SQLIA. With the flexibility offered in server logging process, we obtain and analyse preferred data to visualize the type of attack based on logs information. Our graph visualization development monitors three web security aspects, i.e. the top traffic blocked attempted by IP address, number of regular expression rules violated and detect the rules of intrusion detection.