Enhanced Intrusion Detection System for Input Validation Attacks in Web Application
Internet continues to expand exponentially and access to the Internet become more prevalent in our daily life but at the same time web application are becoming most attractive targets for hacker and cyber criminals. This paper presents an enhanced intrusion detection system approach for detecting input validation attacks in the web application. The existing IDS for Input validation attacks are language dependent. The proposed IDS is language independent i.e. it works for any web application developed with the aid of java, php, dot net etc. In addition the proposed system detects directory traversal attacks, command injection attacks, cross site scripting attacks and SQL injection attacks, those were not detected in the existing IDS. This is an automatic technique for detection vulnerabilities over the internet. Our technique is based on the web application parameter which is in form of POST and GET which has generalized structure and values. This technique reduces analysis time of input validation attacks.
Keywords: SQL Injection attacks, XSS attacks, directory traversal attacks, GET and POST data, Detection.
Download Full-Text
ABOUT THE AUTHORS
Puspendra Kumar
M.Tech Scholar, Computer Science & Engineering Department, Maulana Azad National Institute of Technology Bhopal, 462051, India
R. K. Pateriya
Dr. R. K. Pateriya working as Associate Professor in computer science and engineering deaprtment of Maulana Azad National Institute of Technology Bhopal,
Puspendra Kumar
M.Tech Scholar, Computer Science & Engineering Department, Maulana Azad National Institute of Technology Bhopal, 462051, India
R. K. Pateriya
Dr. R. K. Pateriya working as Associate Professor in computer science and engineering deaprtment of Maulana Azad National Institute of Technology Bhopal,
