WEB MISUSE DETECTION THROUGH TEXT CATEGORISATION OF APPLICATION SERVER LOGS

JUAN JOSÉ GARCÍA ADEVA; JUAN MANUEL PIKATZA ATXA

doi:10.1142/s0218213006002989

WEB MISUSE DETECTION THROUGH TEXT CATEGORISATION OF APPLICATION SERVER LOGS

International Journal of Artificial Intelligence Tools ◽

10.1142/s0218213006002989 ◽

2006 ◽

Vol 15 (05) ◽

pp. 849-854 ◽

Cited By ~ 2

Author(s):

JUAN JOSÉ GARCÍA ADEVA ◽

JUAN MANUEL PIKATZA ATXA

Keyword(s):

Access Control ◽

Intrusion Detection ◽

Web Application ◽

Application Server ◽

Confidential Information ◽

Telemedicine System ◽

Web Based ◽

Restricted Access ◽

High Level ◽

The Web

Security in web-based systems that handle confidential information can be considered a particularly sensitive subject that requires assuming some responsibilities about security. Achieving a secure web application involves tackling several issues such encryption of traffic and certain database information, strictly restricted access control, etc. In this work we focus on detecting misuse of the web application in order to gain unauthorised access. We introduce an Intrusion Detection component that by applying Text Categorisation is capable of learning the characteristics of both normal and malicious user behaviour from the regular, high-level log entries generated by web application through its application server. Therefore, the detection of misuse in the web application is achieved without the need of explicit programming or modification of the existing web application. We applied our Intrusion Detection component to a real web-based telemedicine system in order to offer some evaluation measurements. This articles offers an overview of the model, our experiences, and observations.

Software Architectures and Requirements for a Web-Based Survey System

Modelling and Analysis of Enterprise Information Systems ◽

10.4018/978-1-59904-477-4.ch004 ◽

2011 ◽

pp. 87-109

Author(s):

Dirk Baldwin ◽

Suresh Chalasani

Keyword(s):

Web Application ◽

Application Server ◽

Web Based ◽

Server Side ◽

Business Partners ◽

University Of Wisconsin ◽

Survey System ◽

Survey Responses ◽

The University ◽

The Web

Many businesses obtain feedback by surveying customers and business partners. Increasingly, these surveys are conducted via the Web. This chapter reviews briefly literature regarding Web-based surveys and describes a software architecture for a Web-based survey system. The architecture for the survey system is based on three-tiers comprised of a Web server, Web application server, and database server. The Web application server hosts the application modules that display and process the surveys. The application software consists of packages for establishing connections to the database and for reading static and dynamic data from the database. The processed surveys are written to the database with the survey responses. This system allows for anonymous survey responses and maintains user confidentiality. At the University of Wisconsin-Parkside, we have implemented this Web-based survey system, and used it to conduct three different surveys. This survey system is easily extensible to new surveys, and is used for instructional purposes to teach server-side programming. In this chapter, we discuss the key ideas behind the design and implementation of the extensible survey system, and provide results on its application.

An Improved Method for Multi-Lingual News Feed Application

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.a2973.109119 ◽

2019 ◽

Vol 9 (1) ◽

pp. 6758-6760

Keyword(s):

User Interface ◽

Web Application ◽

New Technologies ◽

National Language ◽

The Internet ◽

Improved Method ◽

Daily News ◽

Web Based ◽

Local Newspaper ◽

The Web

In the present era, the internet and new technologies are changing the information behavior of news reader .Instead of reading a copy of the local newspaper or watching the scheduledevening news, people increasingly turn to the internet for daily news updates. A Multi-Lingual news feed application is aimed at developing a web based application named multilingual news feed app. This Application deals with the user who wants to read news from the web application. User can select different countries in which a user is interested, the latest news will be fetched from the selected country. The news will be fetched and displayed based on the country selected in its own national language & the news is categorized into 7 different categories. A user can select any category which they are looking for. When you are done selecting the country & category, then the page will automatically refresh and the news will be displayed on MultiLingual news feed application. This application also supports translation and the news can be translated into any language. This application is fully responsive and has a good-looking user interface. The users will find this application much interesting for reading the news articles.

SQL Injection Attacks Countermeasures

Threats, Countermeasures, and Advances in Applied Information Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-0978-5.ch010 ◽

2012 ◽

pp. 194-213

Author(s):

Kasra Amirtahmasebi ◽

Seyed Reza Jalalinia

Keyword(s):

Web Application ◽

Web Applications ◽

Confidential Information ◽

Sql Injection ◽

Unauthorized Access ◽

Injection Attacks ◽

Prevention Techniques ◽

Sql Injection Attack ◽

Sql Injection Attacks ◽

The Web

Due to the huge growth in the need for using Web applications worldwide, there have been huge efforts from programmers to develop and implement new Web applications to be used by companies. Since a number of these applications lack proper security considerations, malicious users will be able to gain unauthorized access to confidential information of organizations. A concept called SQL Injection Attack (SQLIA) is a prevalent method used by attackers to extract the confidential information from organizations’ databases. They work by injecting malicious SQL codes through the web application, and they cause unexpected behavior from the database. There are a number of SQL Injection detection/prevention techniques that must be used in order to prevent unauthorized access to databases.

Use of Web-Based Portfolios as Tools for Reflection in Preservice Teacher Education

Journal of Teacher Education ◽

10.1177/0022487111416123 ◽

2011 ◽

Vol 62 (5) ◽

pp. 477-492 ◽

Cited By ~ 39

Author(s):

Diler Oner ◽

Emine Adadan

Keyword(s):

Preservice Teachers ◽

Reflective Thinking ◽

Preservice Teacher Education ◽

Mixed Methods Study ◽

Easy Access ◽

Web Based ◽

High Level ◽

Reflective Skills ◽

The Web

This mixed-methods study examined the use of web-based portfolios for developing preservice teachers’ reflective skills. Building on the work of previous research, the authors proposed a set of reflection-based tasks to enrich preservice teachers’ internship experiences. Their purpose was to identify (a) whether preservice teachers demonstrated evidence of reflective thinking throughout a semester and, if so, the types of reflective thinking indicators; (b) whether there was an increase in the number of high-level reflective indicators over time; and (c) the role of the web-based portfolio construction, as perceived by the participants, in developing reflective skills. The findings suggested that preservice teachers demonstrated high- and low-level reflective skills throughout a semester. There was a statistically significant improvement in the number of high-level reflective indicators in the second reflection task compared with the first. In addition, the web-based platform was perceived by participants as a medium that enabled easy access and the development of better portfolio artifacts.

Cross Site Scripting Attacks in Web-Based Applications

Journal of Advances in Science and Engineering ◽

10.37121/jase.v1i2.19 ◽

2018 ◽

Vol 1 (2) ◽

pp. 25-35

Author(s):

Aliga Paul Aliga ◽

Adetokunbo MacGregor John-Otumu ◽

Rebecca E Imhanhahimi ◽

Atuegbelo Confidence Akpe

Keyword(s):

Web Application ◽

Web Applications ◽

Learning Ability ◽

Security Risk ◽

Web Application Security ◽

Web Based ◽

Architectural Framework ◽

Self Learning ◽

Cross Site ◽

The Web

Web-based applications has turn out to be very prevalent due to the ubiquity of web browsers to deliver service oriented application on-demand to diverse client over the Internet and cross site scripting (XSS) attack is a foremost security risk that has continuously ravage the web applications over the years. This paper critically examines the concept of XSS and some recent approaches for detecting and preventing XSS attacks in terms of architectural framework, algorithm used, solution location, and so on. The techniques were analysed and results showed that most of the available recognition and avoidance solutions to XSS attacks are more on the client end than the server end because of the peculiar nature of web application vulnerability and they also lack support for self-learning ability in order to detect new XSS attacks. Few researchers as cited in this paper inculcated the self-learning ability to detect and prevent XSS attacks in their design architecture using artificial neural networks and soft computing approach; a lot of improvement is still needed to effectively and efficiently handle the web application security menace as recommended.

An Invariant-Based Approach for Detecting Attacks Against Data in Web Applications

International Journal of Secure Software Engineering ◽

10.4018/ijsse.2014010102 ◽

2014 ◽

Vol 5 (1) ◽

pp. 19-38

Author(s):

Romaric Ludinard ◽

Éric Totel ◽

Frédéric Tronel ◽

Vincent Nicomette ◽

Mohamed Kaâniche ◽

...

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Web Application ◽

Web Applications ◽

Detection System ◽

Source Code ◽

Web Attacks ◽

Application Profile ◽

The Web ◽

Ruby On Rails

RRABIDS (Ruby on Rails Anomaly Based Intrusion Detection System) is an application level intrusion detection system (IDS) for applications implemented with the Ruby on Rails framework. The goal of this intrusion detection system is to detect attacks against data in the context of web applications. This anomaly based IDS focuses on the modelling of the normal application profile using invariants. These invariants are discovered during a learning phase. Then, they are used to instrument the web application at source code level, so that a deviation from the normal profile can be detected at run-time. This paper illustrates on simple examples how the approach detects well-known categories of web attacks that involve a state violation of the application, such as SQL injections. Finally, an assessment phase is performed to evaluate the accuracy of the detection provided by the proposed approach.

Prosedur efektif pengembangan aplikasi basis data

JSAI (Journal Scientific and Applied Informatics) ◽

10.36085/jsai.v2i1.104 ◽

2019 ◽

Vol 2 (1) ◽

Author(s):

Zulkarnaen Hatala

Keyword(s):

Web Application ◽

Specific Requirement ◽

Application System ◽

Web Based ◽

Database Application ◽

Server Side ◽

The Right ◽

Client Side ◽

The Web

Abstract—Efficient and quick procedure to build a web application is presented. The steps are intended to build a database application system with hundreds of tables. The procedure can minimize tasks needed to write code and doing manual programming line by line. The intention also to build rapidly web-based database application. In this method security concerning authentification and authorization already built in ensuring the right and eligible access of the user to the system. The end result is ready to use the web-based 3-tier application. Moreover, the application is still flexible to be customized and to be enhanced to suit more specific requirement in part of each module of the software both the server-side and client-side programming codes. Abstrak—Pada penelitian kali ini diusulkan prosedur cepat dan efisien pengembangan aplikasi basis data menggunakan generator aplikasi. Bertujuan untuk meminimalisir penulisan bahasa pemograman. Keuntungan dari prosedur ini adalah bisa digunakan untuk mengembangkan aplikasi basis data secara cepat terutama dengan sistem basis data yang terdiri dari banyak tabel. Hak akses dan prosedur keamanan standar telah disediakan sehingga setiap user terjamin haknya terhadap entitas tertentu di basis data. Hasil generasi adalah aplikasi basis data berbasis web yang siap pakai. Sistem aplikasi yang terbentuk masih sangat lentur untuk untuk dilakukan penyesuaian setiap komponen aplikasi baik di sisi server maupun di sisi client.

A Declarative Fine-grained Role-based Access Control Model and Mechanism for the Web Application Domain

Proceedings of the 7th International Conference on Software Paradigm Trends ◽

10.5220/0004083400800091 ◽

2012 ◽

Keyword(s):

Access Control ◽

Web Application ◽

Control Model ◽

Role Based Access Control ◽

Application Domain ◽

Access Control Model ◽

Fine Grained ◽

Role Based ◽

The Web

Xeno-miRNet: a comprehensive database and analytics platform to explore xeno-miRNAs and their potential targets

PeerJ ◽

10.7717/peerj.5650 ◽

2018 ◽

Vol 6 ◽

pp. e5650 ◽

Cited By ~ 12

Author(s):

Yannan Fan ◽

Maria Habib ◽

Jianguo Xia

Keyword(s):

Host Species ◽

Species Interactions ◽

Web Application ◽

Potential Functions ◽

Circulation System ◽

Multiple Sources ◽

Web Based ◽

User Friendly ◽

The Web ◽

Computational Predictions

Xeno-miRNAs are microRNAs originating from exogenous species detected in host biofluids. A growing number of studies have suggested that many of these xeno-miRNAs may be involved in cross-species interactions and manipulations. To date, hundreds of xeno-miRNAs have been reported in different hosts at various abundance levels. Based on computational predictions, many more miRNAs could be potentially transferred to human circulation system. There is a clear need for bioinformatics resources and tools dedicated to xeno-miRNA annotations and their potential functions. To address this need, we have systematically curated xeno-miRNAs from multiple sources, performed target predictions using well-established algorithms, and developed a user-friendly web-based tool—Xeno-miRNet—to allow researchers to search and explore xeno-miRNAs and their potential targets within different host species. Xeno-miRNet currently contains 1,702 (including both detected and predicted) xeno-miRNAs from 54 species and 98,053 potential gene targets in six hosts. The web application is freely available at http://xeno.mirnet.ca.

Building a New Semantic Social Network Using Semantic Web-Based Techniques

10.54216/fpa.030201 ◽

2021 ◽

pp. 54-65

Author(s):

admin admin ◽

◽

Khlid M. .. ◽

...

Keyword(s):

Semantic Web ◽

Social Networking ◽

Web Application ◽

Web Search ◽

Public Information ◽

Social Networking Site ◽

Semantic Search ◽

Web Based ◽

Social Community ◽

The Web

Most people are more or less related to the web by participating in a kind of social networking site. Semantic Web technology plays a crucial role in these sites as they contain an enormous amount of data about ‎persons, pages, events, places, corporations, etc. This research is a Semantic Web application designed to create a new ‎semantic social community called Socialpedia. It links the already existing social public information to the newly ‎public ones. This information is linked with different information on the web to construct a new immense ‎data container. The resulting data container can be processed using a variety of Semantic Web techniques to produce ‎machine-understandable content. This content shows the promise of using integrated data to improve Web search and ‎Web-scale data analysis, unlike conventional search engines or social ones. This community involves obtaining data ‎from traditional users known as contributors or participants, linking data from existing social networks, extracting ‎structured data in triples using predefined ontologies, and finally querying and inferring such data to obtain ‎meaningful pieces of information. Socailpedia supports all popular functionalities of social networking websites ‎besides the enhanced features of the Semantic Web, providing advanced semantic search that acts as a semantic ‎search engine.