Paper Title
Dual Safeguard: IDS To Enhance Security Of Multitier Web Applications
Abstract
Internet services and applications are very important part of daily life.Due to there increasing use and
complexity they move to multitier architecture. Most of intrusion Detection Systems (IDSs) observes the network packets
individually within both the web server and the database system. multitier Anomaly Detection (AD) systems generate
models of network behavior for both web and database network interactions. In such architectures, the back-end database
server is often protected behind a firewall while the web servers are remotely accessible over the Internet. Unfortunately,
though they are protected from direct remote attacks, the back-end systems are susceptible to attacks that use web requests as
a means to exploit the back end. we propose IDS called as Dual safeguard system that models the network behavior of user
sessions across both front-end web (HTTP) requests and back-end database (SQL) queries. This container-based and session-
separateed architecture enhances the security and also provides the isolation between the information flows that are
separated in each container session. To detect the abnormal behaviors on a session/client level, Casual Mapping profile
model is developed to map between the web server requests and the subsequent DB queries. Using Dual safeguard we will
able to detect intrusion with 100%accuracy and 0%false positive for static web applications and0.4%false positive for
dynamic web application.
Keywords— Container Architecture, Mapping model, Web services, Multi-Tier web application, Virtualization.