IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

An Invariant-Based Approach for Detecting Attacks Against Data in Web Applications

An Invariant-Based Approach for Detecting Attacks Against Data in Web Applications
View Sample PDF
Author(s): Romaric Ludinard (Supélec, France), Éric Totel (Supélec, France), Frédéric Tronel (Supélec, France), Vincent Nicomette (CNRS, LAAS, France & INSA, LAAS, Université de Toulouse, France), Mohamed Kaâniche (CNRS, LAAS, France & Université de Toulouse, France), Éric Alata (CNRS, LAAS, France & INSA, LAAS, Université de Toulouse, France), Rim Akrout (CNRS, LAAS, France & LAAS, Université de Toulouse, France)and Yann Bachy (CNRS, LAAS, France & LAAS, Université de Toulouse, France)
 Copyright: 2018
 Pages: 22
 Source title: Application Development and Design: Concepts, Methodologies, Tools, and Applications
Source Author(s)/Editor(s): Information Resources Management Association (USA)
 DOI: 10.4018/978-1-5225-3422-8.ch045

Purchase

View An Invariant-Based Approach for Detecting Attacks Against Data in Web Applications on the publisher's website for pricing and purchasing information.

Abstract

RRABIDS (Ruby on Rails Anomaly Based Intrusion Detection System) is an application level intrusion detection system (IDS) for applications implemented with the Ruby on Rails framework. The goal of this intrusion detection system is to detect attacks against data in the context of web applications. This anomaly based IDS focuses on the modelling of the normal application profile using invariants. These invariants are discovered during a learning phase. Then, they are used to instrument the web application at source code level, so that a deviation from the normal profile can be detected at run-time. This paper illustrates on simple examples how the approach detects well-known categories of web attacks that involve a state violation of the application, such as SQL injections. Finally, an assessment phase is performed to evaluate the accuracy of the detection provided by the proposed approach.

Related Content

Subhadip Kowar, Sneha Mukherjee, Shramana Ghosh. © 2025. 26 pages.
C. V. Suresh Babu, Mala Raja Sekhar, A. Sachin, Bala Brindha. © 2025. 26 pages.
A. D. N. Sarma. © 2025. 32 pages.
Muhammad Usman Tariq. © 2025. 26 pages.
Maaike Stoops, Pablo Alfonso Aguilar Calderón, Óscar Manuel Peña Bañuelos. © 2025. 30 pages.
Pablo Alfonso Aguilar Calderón, José Alfonso Aguilar-Calderón, Dominik Morales-Silva, Carolina Tripp-Barba, Pedro Alfonso Aguilar-Calderón, Aníbal Zaldívar-Colado, Oscar Manuel Peña-Bañuelos. © 2025. 30 pages.
Carlos Villarrubia, David Granada, Juan Manuel Vara. © 2025. 34 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2025, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.