SlideShare a Scribd company logo

Table of contents

Venkatesan Sathish
Venkatesan Sathish

sd

1 of 8
Download to read offline
i ANNA UNIVERSITY: CHENNAI 600 025 BONAFIDE CERTIFICATE Certified that this project report titled “DoubleGuard detection in Multitier Architecture” is the bonafide work of A.VENKATESAN (REG.NO:912011405017), who carried out the Project Phase I under my supervision during June 2012 to December 2012. SIGNATURE SIGNATURE Prof. U. NIRAICHANDRAN, M.Tech., Mr.S.ATHIRAYAN, M.E., Professor & Head, SUPERVISOR/Asst.Professor Computer Science and Engineering Computer Science and Engineering Pandian Saraswathi Yadav Engineering Pandian Saraswathi Yadav Engineering College, Sivagangai- 630 561. College, Sivagangai- 630 561. Submitted for the Viva-Voce examination held at “Pandian Saraswathi Yadav Engineering college Sivagangai” on…………………. Internal Examiner External Examiner
ii ACKNOWLEDGEMENT First of all, I thank god almighty for his wisdom and his substantial blessings by which I have been able to complete my phase 1 of this project successfully. I would like to express my sincere thanks and gratitude to our beloved Founder “Hindu Rattan” Mr. Malaysia S.Pandian, of our college, for his support. I express my thanks to our Managing Director Mr.S.P.VaradhaRajan B.E., of our college, for his support. My special thanks to our Principal Dr.K.Kannan for permitting me to undertake this project. No word of gratitude will be sufficient to pay our heartfelt thanks to Prof. U. Nirai Chandran M.Tech., HOD (CSE) for his valuable suggestion and kind cooperation, and I would also like to extend my thanks to the other staffs of CSE & IT department. I sincerely thank my Internal Guide, Mr.S.Athirayan M.E., Assistant Professor (CSE) for having confidence in me and supporting me in all stages to complete the phase 1 of this project. I am grateful to express my gratitude to my parents and friends for their prayers, cooperation and efforts in encouraging me, which boosted me to finish my first phase of this project efficiently.
iii ABSTRACT In this project, we propose an efficient IDS system called as Double Guard system that models the network behavior for multilayered web applications of user sessions across both front-end web (HTTP) requests and back-end database (SQL) queries. In this system, Double Guard forms container-based IDS with multiple input streams to produce alerts. In typical three-tiered web server architecture, the web server receives HTTP requests from user clients and then issues SQL queries to the database server to retrieve and update data. This proposed container-based and session-separated web server architecture enhances the security performances and also provides the isolation between the information flows that are separated in each container session. In order to detect the abnormal behaviors on a session/client level, Casual Mapping profile model is newly developed to map between the web server requests and the subsequent DB queries. An intrusion detection system (IDS) is used to detect potential violations in database security. In every database, some of the attributes are considered more sensitive to malicious modifications compared to others . This project consider also product the sensitivity information.
iv TABLE OF CONTENTS CHAPTER NO. TITLE PAGE NO. ABSTRACT III LIST OF FIGURES VII LIST OF ABBREVIATION VIII 1 INTRODUCTION 1.1 THREE TIER ARCHITECTURE 1 1.1.1 FIRST TIER 1 1.1.2 SECOND TIER 1 1.1.3 THIRD TIER 2 1.2 INTRODUCTION ABOUT THE SYSTEM 2 1.3 DOUBLE GUARD DETECTION 3 1.4 CONTAINERS AND LIGHT WEIGHT VIRTUALIZATION 4 1.5 OBJECTIVE 5 1.6 EXISTING SYSTEM 5 1.6.1 CLASSIC 3 TIER MODEL 5 1.6.2 LIMITATION OF EXISTING SYSTEM 6 1.7 PROPOSED SYSTEM 7 1.7.1 ADVANTAGES 8 2 LITERATURE SURVEY 2.1TOWARD AUTOMATION DETECTION OF LOGIC VULNARABILITES SYSTEM 9 2.2 ANOMALY DETECTION OF WEB BASED ATTACKS 10 2.3 DATABASE INTRUSIONDETECTION USING
v WEIGHT SEQUENCE MINING 11 2.4 EFFICIENTLY TRACKING APPLICATION INTRACTIONS USING LIGHTWEIGHT VIRTUALIZATION 13 2.5 FAST AND AUTOMATED GENERATION OF ATTACK SIGNATURES 14 2.6 POLYGRAPH AUTOMATICALLY GENERATING SIGNATURES FOR POLYMORPHIC WORMS 16 2.7 A STATEFUL INTRUSION DETECTION SYSTEM FOR WORLD WIDE WEB SERVERS 17 2.8 AN EFFICIENT BLACK BOX TECHNIQUE FOR DEFEATING WEB APPLICATION ATTACKS 18 2.9 INTRUSION DETECTION VIA STATIC ANALYSIS 20 2.10 CLAMP PRACTIVAL PREVENTION OF LARGE SCALE DATA LEAKS 21 3 REQUIREMENT SPECIFICATION 3.1 HARDWARE SPECIFICATION 23 3.2 SOFTWARE SPECIFICATION 23 3.2.1 JAVA 23 3.2.2 NETBEANS 27 4 METHODOLOGY 4.1 CREATE CONTAINER MODEL 28 4.2 BUILDING NORMALITY MODEL 29
vi 5 SYSTEM DESIGN 5.1 STATIC MODEL 32 5.2 MAPPING RELATIONS 33 5.2.1 DETERMINISTIC MAPPING 33 5.2.2 EMPTY QUERY SET 34 5.2.3 NO MATCHED REQUEST 34 5.2.4 NONDETERMINISTIC MAPPING 34 5.3 STATIC MODEL BUILDING ALGORITHM 35 5.4 TESTING FOR STATIC WEBSITES 37 5.5 MODELING OF DYNAMIC PATTERNS 37 6 RESULTS AND DISCUSSION 6.1 SCREEN SHOTS 39 7 CONCLUSION AND FUTURE WORK 7.1 CONCLUSION 43 7.2 FUTURE ENHANCEMENT 44 8 REFERENCES 45
vii LIST OF FIGURES FIGURE NO. FIGURE TITLE PAGE NO. 1.6.2 Classic 3 tier architecture 6 4.2 webserver instances running in containers 30 5.2.1 Deterministic mapping using session ID of the container (VE) 33 6.1 Home page 39 6.2 Login page 39 6.3 Allocating containters 40 6.4 User login status 40 6.5 User register informations 41 6.6 Status of the model 41 6.7 Logout session 42
viii LIST OF ABBREVIATION HTML Hyper Text Markup Language HTTP Hyper Text Markup Language JSP Java Server page IDS Intrusion Detection System CMS Content management system SQL Structured Query Language

Recommended

Cldc Hotspot Architecture
Cldc Hotspot ArchitectureCldc Hotspot Architecture
Cldc Hotspot Architecturezdmilan
 
Finjan Vital Security For eMail Technical White Paper
Finjan Vital Security For eMail Technical White PaperFinjan Vital Security For eMail Technical White Paper
Finjan Vital Security For eMail Technical White PaperElliott Lowe
 
IRJET - A Comprehensive Review on Security Issues and Challenges in Lightweig...
IRJET - A Comprehensive Review on Security Issues and Challenges in Lightweig...IRJET - A Comprehensive Review on Security Issues and Challenges in Lightweig...
IRJET - A Comprehensive Review on Security Issues and Challenges in Lightweig...IRJET Journal
 
1771 1775
1771 17751771 1775
1771 1775Editor IJARCET
 
Volume 2-issue-6-2186-2189
Volume 2-issue-6-2186-2189Volume 2-issue-6-2186-2189
Volume 2-issue-6-2186-2189Editor IJARCET
 
1738 1742
1738 17421738 1742
1738 1742Editor IJARCET
 
Front page (1)
Front page (1)Front page (1)
Front page (1)Venkatesan Sathish
 
Double guard: Detecting Interruptions in N- Tier Web Applications
Double guard: Detecting Interruptions in N- Tier Web ApplicationsDouble guard: Detecting Interruptions in N- Tier Web Applications
Double guard: Detecting Interruptions in N- Tier Web ApplicationsIJMER
 

Recommended

Cldc Hotspot Architecture
Cldc Hotspot ArchitectureCldc Hotspot Architecture
Cldc Hotspot Architecturezdmilan
 
Finjan Vital Security For eMail Technical White Paper
Finjan Vital Security For eMail Technical White PaperFinjan Vital Security For eMail Technical White Paper
Finjan Vital Security For eMail Technical White PaperElliott Lowe
 
IRJET - A Comprehensive Review on Security Issues and Challenges in Lightweig...
IRJET - A Comprehensive Review on Security Issues and Challenges in Lightweig...IRJET - A Comprehensive Review on Security Issues and Challenges in Lightweig...
IRJET - A Comprehensive Review on Security Issues and Challenges in Lightweig...IRJET Journal
 
1771 1775
1771 17751771 1775
1771 1775Editor IJARCET
 
Volume 2-issue-6-2186-2189
Volume 2-issue-6-2186-2189Volume 2-issue-6-2186-2189
Volume 2-issue-6-2186-2189Editor IJARCET
 
1738 1742
1738 17421738 1742
1738 1742Editor IJARCET
 
Front page (1)
Front page (1)Front page (1)
Front page (1)Venkatesan Sathish
 
Double guard: Detecting Interruptions in N- Tier Web Applications
Double guard: Detecting Interruptions in N- Tier Web ApplicationsDouble guard: Detecting Interruptions in N- Tier Web Applications
Double guard: Detecting Interruptions in N- Tier Web ApplicationsIJMER
 
Chani index
Chani indexChani index
Chani indexAnang Sunny
 
070105618001 070105618006-070105618015-070105618021
070105618001 070105618006-070105618015-070105618021070105618001 070105618006-070105618015-070105618021
070105618001 070105618006-070105618015-070105618021sanaskumar008
 
129 sample 1_st few pages for final doc
129 sample 1_st few pages for final doc129 sample 1_st few pages for final doc
129 sample 1_st few pages for final docsshaili
 
msword
mswordmsword
mswordbutest
 
Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)Amin Bandeali
 
Online examination system
Online examination systemOnline examination system
Online examination systemMr. Vikram Singh Slathia
 
student mangement
student mangementstudent mangement
student mangementAditya Gaud
 
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0AFYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0ATianwei_liu
 
Cad_cam_cim___3rd_edition
Cad_cam_cim___3rd_edition Cad_cam_cim___3rd_edition
Cad_cam_cim___3rd_editionBrijeshkumar Tilva
 
Advanced SQL injection to operating system full control (whitepaper)
Advanced SQL injection to operating system full control (whitepaper)Advanced SQL injection to operating system full control (whitepaper)
Advanced SQL injection to operating system full control (whitepaper)Bernardo Damele A. G.
 
Semantic Web Services for Computational Mechanics : A Literature Survey and R...
Semantic Web Services for Computational Mechanics : A Literature Survey and R...Semantic Web Services for Computational Mechanics : A Literature Survey and R...
Semantic Web Services for Computational Mechanics : A Literature Survey and R...Dr. Thiti Vacharasintopchai, ATSI-DX, CISA
 
Real Time Image Processing
Real Time Image Processing Real Time Image Processing
Real Time Image Processing Sanjeev Kumar Jaiswal
 
A Restful Architecture For Web-Based Smart Homes Using Request Queues
A Restful Architecture For Web-Based Smart Homes Using Request QueuesA Restful Architecture For Web-Based Smart Homes Using Request Queues
A Restful Architecture For Web-Based Smart Homes Using Request QueuesBryce Nelson
 
ENGS4851_Final_Certified_Report
ENGS4851_Final_Certified_ReportENGS4851_Final_Certified_Report
ENGS4851_Final_Certified_ReportNagendra Posani
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityDhaval Dave
 
Vol1
Vol1Vol1
Vol1ashish kumar
 
Performance Analysis of Routing Protocols of Wireless Sensor Networks
Performance Analysis of Routing Protocols of Wireless Sensor NetworksPerformance Analysis of Routing Protocols of Wireless Sensor Networks
Performance Analysis of Routing Protocols of Wireless Sensor NetworksDarpan Dekivadiya
 
VxWorks - Holistic Security (Art of Testing)
VxWorks - Holistic Security (Art of Testing)VxWorks - Holistic Security (Art of Testing)
VxWorks - Holistic Security (Art of Testing)Aditya K Sood
 
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...Pietro Liguori
 
Detecting co residency with active traffic analysis techniques
Detecting co residency with active traffic analysis techniquesDetecting co residency with active traffic analysis techniques
Detecting co residency with active traffic analysis techniquesYama Haku
 

More Related Content

Similar to Table of contents

070105618001 070105618006-070105618015-070105618021
070105618001 070105618006-070105618015-070105618021070105618001 070105618006-070105618015-070105618021
070105618001 070105618006-070105618015-070105618021sanaskumar008
 
129 sample 1_st few pages for final doc
129 sample 1_st few pages for final doc129 sample 1_st few pages for final doc
129 sample 1_st few pages for final docsshaili
 
msword
mswordmsword
mswordbutest
 
Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)Amin Bandeali
 
student mangement
student mangementstudent mangement
student mangementAditya Gaud
 
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0AFYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0ATianwei_liu
 
Advanced SQL injection to operating system full control (whitepaper)
Advanced SQL injection to operating system full control (whitepaper)Advanced SQL injection to operating system full control (whitepaper)
Advanced SQL injection to operating system full control (whitepaper)Bernardo Damele A. G.
 
Semantic Web Services for Computational Mechanics : A Literature Survey and R...
Semantic Web Services for Computational Mechanics : A Literature Survey and R...Semantic Web Services for Computational Mechanics : A Literature Survey and R...
Semantic Web Services for Computational Mechanics : A Literature Survey and R...Dr. Thiti Vacharasintopchai, ATSI-DX, CISA
 
A Restful Architecture For Web-Based Smart Homes Using Request Queues
A Restful Architecture For Web-Based Smart Homes Using Request QueuesA Restful Architecture For Web-Based Smart Homes Using Request Queues
A Restful Architecture For Web-Based Smart Homes Using Request QueuesBryce Nelson
 
ENGS4851_Final_Certified_Report
ENGS4851_Final_Certified_ReportENGS4851_Final_Certified_Report
ENGS4851_Final_Certified_ReportNagendra Posani
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityDhaval Dave
 
Performance Analysis of Routing Protocols of Wireless Sensor Networks
Performance Analysis of Routing Protocols of Wireless Sensor NetworksPerformance Analysis of Routing Protocols of Wireless Sensor Networks
Performance Analysis of Routing Protocols of Wireless Sensor NetworksDarpan Dekivadiya
 
VxWorks - Holistic Security (Art of Testing)
VxWorks - Holistic Security (Art of Testing)VxWorks - Holistic Security (Art of Testing)
VxWorks - Holistic Security (Art of Testing)Aditya K Sood
 
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...Pietro Liguori
 
Detecting co residency with active traffic analysis techniques
Detecting co residency with active traffic analysis techniquesDetecting co residency with active traffic analysis techniques
Detecting co residency with active traffic analysis techniquesYama Haku
 

Similar to Table of contents (20)

Chani index
Chani indexChani index
Chani index
 
070105618001 070105618006-070105618015-070105618021
070105618001 070105618006-070105618015-070105618021070105618001 070105618006-070105618015-070105618021
070105618001 070105618006-070105618015-070105618021
 
129 sample 1_st few pages for final doc
129 sample 1_st few pages for final doc129 sample 1_st few pages for final doc
129 sample 1_st few pages for final doc
 
msword
mswordmsword
msword
 
Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)Lead Allocation System's Attribute Driven Design (ADD)
Lead Allocation System's Attribute Driven Design (ADD)
 
Online examination system
Online examination systemOnline examination system
Online examination system
 
student mangement
student mangementstudent mangement
student mangement
 
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0AFYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
FYP%3A+P2P+Bluetooth+Communication+Framework+on+Android%0A
 
Cad_cam_cim___3rd_edition
Cad_cam_cim___3rd_edition Cad_cam_cim___3rd_edition
Cad_cam_cim___3rd_edition
 
Advanced SQL injection to operating system full control (whitepaper)
Advanced SQL injection to operating system full control (whitepaper)Advanced SQL injection to operating system full control (whitepaper)
Advanced SQL injection to operating system full control (whitepaper)
 
Semantic Web Services for Computational Mechanics : A Literature Survey and R...
Semantic Web Services for Computational Mechanics : A Literature Survey and R...Semantic Web Services for Computational Mechanics : A Literature Survey and R...
Semantic Web Services for Computational Mechanics : A Literature Survey and R...
 
Real Time Image Processing
Real Time Image Processing Real Time Image Processing
Real Time Image Processing
 
A Restful Architecture For Web-Based Smart Homes Using Request Queues
A Restful Architecture For Web-Based Smart Homes Using Request QueuesA Restful Architecture For Web-Based Smart Homes Using Request Queues
A Restful Architecture For Web-Based Smart Homes Using Request Queues
 
ENGS4851_Final_Certified_Report
ENGS4851_Final_Certified_ReportENGS4851_Final_Certified_Report
ENGS4851_Final_Certified_Report
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Vol1
Vol1Vol1
Vol1
 
Performance Analysis of Routing Protocols of Wireless Sensor Networks
Performance Analysis of Routing Protocols of Wireless Sensor NetworksPerformance Analysis of Routing Protocols of Wireless Sensor Networks
Performance Analysis of Routing Protocols of Wireless Sensor Networks
 
VxWorks - Holistic Security (Art of Testing)
VxWorks - Holistic Security (Art of Testing)VxWorks - Holistic Security (Art of Testing)
VxWorks - Holistic Security (Art of Testing)
 
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
 
Detecting co residency with active traffic analysis techniques
Detecting co residency with active traffic analysis techniquesDetecting co residency with active traffic analysis techniques
Detecting co residency with active traffic analysis techniques
 

Table of contents

  • 1. i ANNA UNIVERSITY: CHENNAI 600 025 BONAFIDE CERTIFICATE Certified that this project report titled “DoubleGuard detection in Multitier Architecture” is the bonafide work of A.VENKATESAN (REG.NO:912011405017), who carried out the Project Phase I under my supervision during June 2012 to December 2012. SIGNATURE SIGNATURE Prof. U. NIRAICHANDRAN, M.Tech., Mr.S.ATHIRAYAN, M.E., Professor & Head, SUPERVISOR/Asst.Professor Computer Science and Engineering Computer Science and Engineering Pandian Saraswathi Yadav Engineering Pandian Saraswathi Yadav Engineering College, Sivagangai- 630 561. College, Sivagangai- 630 561. Submitted for the Viva-Voce examination held at “Pandian Saraswathi Yadav Engineering college Sivagangai” on…………………. Internal Examiner External Examiner
  • 2. ii ACKNOWLEDGEMENT First of all, I thank god almighty for his wisdom and his substantial blessings by which I have been able to complete my phase 1 of this project successfully. I would like to express my sincere thanks and gratitude to our beloved Founder “Hindu Rattan” Mr. Malaysia S.Pandian, of our college, for his support. I express my thanks to our Managing Director Mr.S.P.VaradhaRajan B.E., of our college, for his support. My special thanks to our Principal Dr.K.Kannan for permitting me to undertake this project. No word of gratitude will be sufficient to pay our heartfelt thanks to Prof. U. Nirai Chandran M.Tech., HOD (CSE) for his valuable suggestion and kind cooperation, and I would also like to extend my thanks to the other staffs of CSE & IT department. I sincerely thank my Internal Guide, Mr.S.Athirayan M.E., Assistant Professor (CSE) for having confidence in me and supporting me in all stages to complete the phase 1 of this project. I am grateful to express my gratitude to my parents and friends for their prayers, cooperation and efforts in encouraging me, which boosted me to finish my first phase of this project efficiently.
  • 3. iii ABSTRACT In this project, we propose an efficient IDS system called as Double Guard system that models the network behavior for multilayered web applications of user sessions across both front-end web (HTTP) requests and back-end database (SQL) queries. In this system, Double Guard forms container-based IDS with multiple input streams to produce alerts. In typical three-tiered web server architecture, the web server receives HTTP requests from user clients and then issues SQL queries to the database server to retrieve and update data. This proposed container-based and session-separated web server architecture enhances the security performances and also provides the isolation between the information flows that are separated in each container session. In order to detect the abnormal behaviors on a session/client level, Casual Mapping profile model is newly developed to map between the web server requests and the subsequent DB queries. An intrusion detection system (IDS) is used to detect potential violations in database security. In every database, some of the attributes are considered more sensitive to malicious modifications compared to others . This project consider also product the sensitivity information.
  • 4. iv TABLE OF CONTENTS CHAPTER NO. TITLE PAGE NO. ABSTRACT III LIST OF FIGURES VII LIST OF ABBREVIATION VIII 1 INTRODUCTION 1.1 THREE TIER ARCHITECTURE 1 1.1.1 FIRST TIER 1 1.1.2 SECOND TIER 1 1.1.3 THIRD TIER 2 1.2 INTRODUCTION ABOUT THE SYSTEM 2 1.3 DOUBLE GUARD DETECTION 3 1.4 CONTAINERS AND LIGHT WEIGHT VIRTUALIZATION 4 1.5 OBJECTIVE 5 1.6 EXISTING SYSTEM 5 1.6.1 CLASSIC 3 TIER MODEL 5 1.6.2 LIMITATION OF EXISTING SYSTEM 6 1.7 PROPOSED SYSTEM 7 1.7.1 ADVANTAGES 8 2 LITERATURE SURVEY 2.1TOWARD AUTOMATION DETECTION OF LOGIC VULNARABILITES SYSTEM 9 2.2 ANOMALY DETECTION OF WEB BASED ATTACKS 10 2.3 DATABASE INTRUSIONDETECTION USING
  • 5. v WEIGHT SEQUENCE MINING 11 2.4 EFFICIENTLY TRACKING APPLICATION INTRACTIONS USING LIGHTWEIGHT VIRTUALIZATION 13 2.5 FAST AND AUTOMATED GENERATION OF ATTACK SIGNATURES 14 2.6 POLYGRAPH AUTOMATICALLY GENERATING SIGNATURES FOR POLYMORPHIC WORMS 16 2.7 A STATEFUL INTRUSION DETECTION SYSTEM FOR WORLD WIDE WEB SERVERS 17 2.8 AN EFFICIENT BLACK BOX TECHNIQUE FOR DEFEATING WEB APPLICATION ATTACKS 18 2.9 INTRUSION DETECTION VIA STATIC ANALYSIS 20 2.10 CLAMP PRACTIVAL PREVENTION OF LARGE SCALE DATA LEAKS 21 3 REQUIREMENT SPECIFICATION 3.1 HARDWARE SPECIFICATION 23 3.2 SOFTWARE SPECIFICATION 23 3.2.1 JAVA 23 3.2.2 NETBEANS 27 4 METHODOLOGY 4.1 CREATE CONTAINER MODEL 28 4.2 BUILDING NORMALITY MODEL 29
  • 6. vi 5 SYSTEM DESIGN 5.1 STATIC MODEL 32 5.2 MAPPING RELATIONS 33 5.2.1 DETERMINISTIC MAPPING 33 5.2.2 EMPTY QUERY SET 34 5.2.3 NO MATCHED REQUEST 34 5.2.4 NONDETERMINISTIC MAPPING 34 5.3 STATIC MODEL BUILDING ALGORITHM 35 5.4 TESTING FOR STATIC WEBSITES 37 5.5 MODELING OF DYNAMIC PATTERNS 37 6 RESULTS AND DISCUSSION 6.1 SCREEN SHOTS 39 7 CONCLUSION AND FUTURE WORK 7.1 CONCLUSION 43 7.2 FUTURE ENHANCEMENT 44 8 REFERENCES 45
  • 7. vii LIST OF FIGURES FIGURE NO. FIGURE TITLE PAGE NO. 1.6.2 Classic 3 tier architecture 6 4.2 webserver instances running in containers 30 5.2.1 Deterministic mapping using session ID of the container (VE) 33 6.1 Home page 39 6.2 Login page 39 6.3 Allocating containters 40 6.4 User login status 40 6.5 User register informations 41 6.6 Status of the model 41 6.7 Logout session 42
  • 8. viii LIST OF ABBREVIATION HTML Hyper Text Markup Language HTTP Hyper Text Markup Language JSP Java Server page IDS Intrusion Detection System CMS Content management system SQL Structured Query Language