Abstract
Malware authors are continuously developing crime toolkits. This has led to the situation of zero-day attacks, where malware harm computer systems despite the protection from existing Intrusion Detection Systems (IDSs). We propose an Intelligent Intrusion Detection and Prevention System (IIDPS) approach that combines the Signature based Intrusion Detection system (SIDS), Anomaly based Intrusion Detection System (AIDS) and Response Intrusion Detection System (RIDS). We used a risk assessment approach to determine an appropriate response action against each attack event. We also demonstrated the IIDPS make the detection and prevention of malware more effective.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
References
Alazab, A., Abawajy, J., Hobbs, M.: Web Malware That Target Web Application. In: Caviglione, L., Coccoli, M., Merlo, A. (eds.) Social Network Engineering for Secure Web Data and Services. IGI Global, USA (2013)
Alazab, A., Alazab, M., Abawajy, J., Hobbs, M.: Web Application Protection against SQL injection Attack. In: Proceedings of the 7th International Conference on Information Technology and Applications, pp. 1–7. IEEE (2011)
Alazab, M., Ventatraman, S., Watters, P., Alazab, M., Alazab, A.: Cybercrime: The Case of Obuscated Malware. In: 7th International Conference on Global Security, Safety & Sustainability (2011)
Alazab, M., Venkatraman, S., Watters, P., Alazab, M.: Zero-day Malware Detection based on Supervised Learning Algorithms of API call Signatures. In: Australasian Data Mining Conference (AusDM 2011), pp. 171–182. ACS (2011)
Shameli-Sendi, A., Ezzati-Jivan, N., Jabbarifar, M., Dagenais, M.: Intrusion response systems: survey and taxonomy. Int. J. Comput. Sci. Network Secur (IJCSNS) 12(1), 1–14 (2012)
Alazab, A., Hobbs, M., Abawajy, J., Alazab, M.: Using feature selection for intrusion detection system. In: International Symposium on Communications and Information Technologies (ISCIT), pp. 296–301. IEEE (2012)
Vigna, G., Valeur, F., Balzarotti, D., Robertson, W., Kruegel, C., Kirda, E.: Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries. Journal of Computer Security 17, 305–329 (2009)
Robertson, W., Maggi, F., Kruegel, C., Vigna, G.: Effective anomaly detection with scarce training data. In: Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA (2010)
Kruegel, C., Vigna, G.: Anomaly detection of web-based attacks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 251–261. ACM (2003)
Robertson, W.K., Adviser-Kemmerer, R.A., Adviser-Vigna, G.: Detecting and preventing attacks against web applications. University of California at Santa Barbara (2009)
Cova, M., Balzarotti, D., Felmetsger, V., Vigna, G.: Swaddler: An approach for the anomaly-based detection of state violations in web applications. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 63–86. Springer, Heidelberg (2007)
Dagorn, N.: WebIDS: A Cooperative Bayesian Anomaly-Based Intrusion Detection System for Web Applications (Extended Abstract). In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 392–393. Springer, Heidelberg (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Alazab, A., Hobbs, M., Abawajy, J., Khraisat, A. (2013). Developing an Intelligent Intrusion Detection and Prevention System against Web Application Malware. In: Awad, A.I., Hassanien, A.E., Baba, K. (eds) Advances in Security of Information and Communication Networks. SecNet 2013. Communications in Computer and Information Science, vol 381. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40597-6_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-40597-6_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40596-9
Online ISBN: 978-3-642-40597-6
eBook Packages: Computer ScienceComputer Science (R0)