Secured N-Tier Attack Detection and Prevention Mechanism

  IJCOT-book-cover
 
International Journal of Computer Trends and Technology (IJCTT)          
 
© - August Issue 2013 by IJCTT Journal
Volume-4 Issue-8                           
Year of Publication : 2013
Authors :R.Anusha, Ch.Sivaramamohana Rao

MLA

R.Anusha, Ch.Sivaramamohana Rao "Secured N-Tier Attack Detection and Prevention Mechanism"International Journal of Computer Trends and Technology (IJCTT),V4(8):2850-2857 August Issue 2013 .ISSN 2231-2803.www.ijcttjournal.org. Published by Seventh Sense Research Group.

Abstract:-  Over the past few years Web services and applications have increased both popularity and complexity. Due to the lots of data, web services have moved to multitier design where files are uploaded to usually the internet server server run as begining and the data is outsourced onto the database server run as backend. Due to their high levels of presence, web services were always the target of attacks. To overcome this increase in application and data complexity, web services web services have moved to multitiered. The front end include web server which can certainly responsible for your application and offers that output to back end i.e. file or database server. This strategy is beneficial to obtain the intrusion at both beginning and back end of web application.[1] This system has been utilized to monitor the behavior across beginning web server and back end database server or file server using IDS. This system is able to detect intrusion in static and dynamic web application.IDS have maximum accuracy that is mainly responsible to recognize intrusion. In Existing approach, Multi Tier Security System, an IDS system that models the network behavior of user sessions across both the front-end web server and the back-end database. Proposed work analyze the owner sessions hijacking and db request monitoring .We implemented Multi Tier Security Guard using an Apache server with Oracle Database and lightweight virtualization.

 

References-

[1] DoubleGuard: Detecting Intrusions in Multitier Web Applications Meixing Le, Angelos Stavrou, Member, IEEE, and Brent ByungHoon Kang, Member, IEEE , IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 9, NO. 4, JULY/AUGUST 2012
[2] http://www.tutorialspoint.com/struts_2/basic_mvc_ar hitecture.htm
[3] Intrusions Detection in Threetier Web Applications using DoubleGuard System Binal M. Patel, International Journal of Computer Science and Management Research
[4] Cross site script “http:// www. ibm. com/developerworks/tivoli/library/s-csscript”
[5] H. Debar, M. Dacier, and A. Wespi. Towards a taxonomy of intrusiondetection systems.Computer Networks, 31(8), 1999.
[6] XSS flaws” https:// www.owasp.org /index.php/Cross_Site_Scripting_Flaw
[7]“Five Common Web Application Vulnerabilities,”http://www.symantec.com/connect/articl es /five-common-web-application vulnerabilities,2011.
[8] Snort—The Open Source Network Intrusion Detection System, http://www.snort.org, 2004.
[9] S.J.Templeton and K. Levitt, “A Requires/Provides Model for Computer Attacks,” Proc. New Security Paradigms Workshop, pp. 31-38, Sept. 2000.

Keywords : —  Two-Tie Architecture, HTTPS,Business Logic And Client Tier,SQL Injection