Semantic Architecture for Web application Security
Growth of web applications has facilitated the humanity almost in all aspects of life especially e-health, e-business and e-communication but this application are exposed for web attacks, unauthorized access, evil intentions and treacherous engagements. Various strategies have been formulated over a period of time in the form of intrusion detection system, encryption devices, and firewalls but still proved to be ineffective. In this paper, we have proposed a system having semantic architecture that is capable of performing detection semantically in the context of HTTP protocol, the data, and the target application. The knowledgebase of the system is the ontological representation of communication protocol, attacks data and the application profile that can be refined and expanded over time. Unlike traditional signature base approach, the semantic architecture analysis the HTTP request with the help of semantic rules and inferred knowledge after reasoning of knowledgebase through Inference engine. Non signature based approach of the system enhance the capability of the system to detect the unknown attacks with low false positive rate. The system is evaluated by comparing with existing open source solutions and showing significant improvement in term of detection ability with low alarm rate
Keywords: Semantic architecture, Application security, Semantic security
Download Full-Text
ABOUT THE AUTHORS
Abdul Razzaq
PhD scholar at National university of Science and Technology (School of Electrical Engineering and Computer Science) Pakistan. MSc Mathematics (1992), Master in Information Technology (2004), Master of Science - IT (2009). The pioneer of Semantics base Web Application Firewall (SWAF). Presently Team Lead in the ICT R&D Project “Semantics based Web Application Security: Concept, Design and Implementation”. Various publications in the domain of semantic based web application security. Patent filed on Web Application Firewall. Current research interests include the formal modeling of Cyber Security, Semantic Systems and Vulnerability Analysis.
Ali Hur
Master of Science - IT (2009). The pioneer of Semantics base Web Application Firewall (SWAF). Patent filed on Web Application Firewall. Presently Team Lead/ System Architect in the ICT R&D Project “Semantics based Web Application Security: Concept, Design and Implementation”. Current research interests include Web Security, Semantic Systems and Architecture.
H Farooq Ahmad
PhD - Distributed Computing, Software Agents – Tokyo Institute of Technology, Tokyo, Japan, Japan (2002). Associate Professor - School of Electrical Engineering and Computer Science (NUST), Pakistan. Patent filed on Web Application Firewall. Project Director in the ICT R&D Project “Semantics based Web Application Security: Concept, Design and Implementation”. Expertise in Distributed Computing, Semantic Systems, Semantic Security, Semantic Health.
Muddassar Masood
Master of Science - IT candidate at School of Electrical Engineering and Computer Science, Pakistan. Senior researcher in the ICT R&D Project “Semantics based Web Application Security: Concept, Design and Implementation”. Current research interests include Web Security and System Architecture.
Abdul Razzaq
PhD scholar at National university of Science and Technology (School of Electrical Engineering and Computer Science) Pakistan. MSc Mathematics (1992), Master in Information Technology (2004), Master of Science - IT (2009). The pioneer of Semantics base Web Application Firewall (SWAF). Presently Team Lead in the ICT R&D Project “Semantics based Web Application Security: Concept, Design and Implementation”. Various publications in the domain of semantic based web application security. Patent filed on Web Application Firewall. Current research interests include the formal modeling of Cyber Security, Semantic Systems and Vulnerability Analysis.
Ali Hur
Master of Science - IT (2009). The pioneer of Semantics base Web Application Firewall (SWAF). Patent filed on Web Application Firewall. Presently Team Lead/ System Architect in the ICT R&D Project “Semantics based Web Application Security: Concept, Design and Implementation”. Current research interests include Web Security, Semantic Systems and Architecture.
H Farooq Ahmad
PhD - Distributed Computing, Software Agents – Tokyo Institute of Technology, Tokyo, Japan, Japan (2002). Associate Professor - School of Electrical Engineering and Computer Science (NUST), Pakistan. Patent filed on Web Application Firewall. Project Director in the ICT R&D Project “Semantics based Web Application Security: Concept, Design and Implementation”. Expertise in Distributed Computing, Semantic Systems, Semantic Security, Semantic Health.
Muddassar Masood
Master of Science - IT candidate at School of Electrical Engineering and Computer Science, Pakistan. Senior researcher in the ICT R&D Project “Semantics based Web Application Security: Concept, Design and Implementation”. Current research interests include Web Security and System Architecture.