Abstract
RRABIDS (Ruby on Rails Anomaly Based Intrusion Detection System) is an application level intrusion detection system (IDS) for applications implemented with the Ruby on Rails framework. The goal of this intrusion detection system is to detect attacks against data in the context of web applications. This anomaly based IDS focuses on the modelling of the normal application profile using invariants. These invariants are discovered during a learning phase. Then, they are used to instrument the web application at source code level, so that a deviation from the normal profile can be detected at run-time. This paper illustrates on simple examples how the approach detects well-known categories of web attacks that involve a state violation of the application, such as SQL injections. Finally, an assessment phase is performed to evaluate the accuracy of the detection provided by the proposed approach.
| Original language | English |
|---|---|
| Title of host publication | Application Development and Design |
| Subtitle of host publication | Concepts, Methodologies, Tools, and Applications |
| Publisher | IGI Global |
| Pages | 1073-1094 |
| Number of pages | 22 |
| ISBN (Electronic) | 9781522534235 |
| ISBN (Print) | 9781522536000 |
| DOIs | |
| Publication status | Published - 1 Jan 2017 |
| Externally published | Yes |