學術產出-會議論文

文章檢視/開啟

書目匯出

Google ScholarTM

政大圖書館

引文資訊

TAIR相關學術產出

題名 WIPS A Practical Intrusion Prevention System for Web Applications
作者 Chen, Jui-Wen
Cheng, Bo-Chao
Chuang, Ming-Ni
關鍵詞 Web application secruity intrusion prevention system finite state machine network processor
日期 2005
上傳時間 17-十月-2017 17:03:32 (UTC+8)
摘要 近來Web應用的蓬勃發展,衍生出許多Web應用安全的問題。國際產業研究公司Gartner Group也提到在所有攻擊事件中,有百分之七十五是發生在應用層(OSI Application Iayer),並且四分之三的商業網站是有漏洞的,但是傳統的網路安全設備(例如入侵偵測系統以及防火牆)並不能有效的防止應用層的攻擊。有鑑於此,本論文延伸有限狀態機 (finite state machine)的原理及整合stateful session檢測機制,提出Web入侵防禦系統(WIPS)來解決Web應用所造成的安全問題。Web入侵防禦系統並結合正面表述(positive approach)與負面表述(negative approach)的優點防止Web攻擊的產生。本系統已完成設計且將其系統實現在Intel網路處理器搭配MontaVista Linux的開發平台上,透過功能性與效能性的實際量測可以證明Web入侵防禦系統可以有效且快速的阻擋Web攻擊,建立一個高安全性的Web應用環境來保障企業以及合法使用者的財產安全。
Web application portal with the single sign on (SSO) feature provides an integrated E-Business solution such that web application becomes an essential building block for business operations. Gartner Group report indicates that 75% of malicious attacks targeting the application layer and three out of four business Web sites are vulnerable to Applicationlevel attacks. Therefore, the traditional security devices (such as firewall and intrusion detection system) are not able to protect web-based applications any more. Implementing a solid web application security protection shield is top-of-mind of security researchers. Extending the finite state machine theory and coupling with stateful session inspection, we propose Web Intrusion Prevention System (WIPS) to solve web application security issues listed in the OWASP Top Ten project. WIPS works as the last defense line to separate web browsers and web servers by examining network traffic, maintaining every session’s state information and allowing only specific web behaviors defined by web finite state machine to pass through. With embedded Snort capability, WIPS also provides negative security models to resist the lower layer attacks. A WIPS prototype has been implemented on Intel Network Processor (IXP425) running with MontaVista Linux. In our study, the functionality and performance has been assessed to show WIPS providing a key answer for advancing the state-of-the-art in web application security in a realistic environment.
關聯 TANET 2005 台灣網際網路研討會論文集
資訊安全技術
資料類型 conference
dc.creator (作者) Chen, Jui-Wenen_US
dc.creator (作者) Cheng, Bo-Chaoen_US
dc.creator (作者) Chuang, Ming-Nien_US
dc.date (日期) 2005
dc.date.accessioned 17-十月-2017 17:03:32 (UTC+8)-
dc.date.available 17-十月-2017 17:03:32 (UTC+8)-
dc.date.issued (上傳時間) 17-十月-2017 17:03:32 (UTC+8)-
dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/113729-
dc.description.abstract (摘要) 近來Web應用的蓬勃發展,衍生出許多Web應用安全的問題。國際產業研究公司Gartner Group也提到在所有攻擊事件中,有百分之七十五是發生在應用層(OSI Application Iayer),並且四分之三的商業網站是有漏洞的,但是傳統的網路安全設備(例如入侵偵測系統以及防火牆)並不能有效的防止應用層的攻擊。有鑑於此,本論文延伸有限狀態機 (finite state machine)的原理及整合stateful session檢測機制,提出Web入侵防禦系統(WIPS)來解決Web應用所造成的安全問題。Web入侵防禦系統並結合正面表述(positive approach)與負面表述(negative approach)的優點防止Web攻擊的產生。本系統已完成設計且將其系統實現在Intel網路處理器搭配MontaVista Linux的開發平台上,透過功能性與效能性的實際量測可以證明Web入侵防禦系統可以有效且快速的阻擋Web攻擊,建立一個高安全性的Web應用環境來保障企業以及合法使用者的財產安全。
dc.description.abstract (摘要) Web application portal with the single sign on (SSO) feature provides an integrated E-Business solution such that web application becomes an essential building block for business operations. Gartner Group report indicates that 75% of malicious attacks targeting the application layer and three out of four business Web sites are vulnerable to Applicationlevel attacks. Therefore, the traditional security devices (such as firewall and intrusion detection system) are not able to protect web-based applications any more. Implementing a solid web application security protection shield is top-of-mind of security researchers. Extending the finite state machine theory and coupling with stateful session inspection, we propose Web Intrusion Prevention System (WIPS) to solve web application security issues listed in the OWASP Top Ten project. WIPS works as the last defense line to separate web browsers and web servers by examining network traffic, maintaining every session’s state information and allowing only specific web behaviors defined by web finite state machine to pass through. With embedded Snort capability, WIPS also provides negative security models to resist the lower layer attacks. A WIPS prototype has been implemented on Intel Network Processor (IXP425) running with MontaVista Linux. In our study, the functionality and performance has been assessed to show WIPS providing a key answer for advancing the state-of-the-art in web application security in a realistic environment.
dc.format.extent 657776 bytes-
dc.format.mimetype application/pdf-
dc.relation (關聯) TANET 2005 台灣網際網路研討會論文集zh_TW
dc.relation (關聯) 資訊安全技術zh_TW
dc.subject (關鍵詞) Web application secruity intrusion prevention system finite state machine network processoren_US
dc.title (題名) WIPS A Practical Intrusion Prevention System for Web Applicationsen_US
dc.type (資料類型) conference