Web Threats Detection and Prevention Framework

Abstract

The rapid advancement in technology and the increased number of web applications with very short turnaround time caused an increased need for protection from vulnerabilities that grew due to decision makers overlooking the need to be protected from attackers or software developers lacking the skills and experience in writing secure code. Structured Query Language (SQL) Injection, cross-site scripting (XSS), Distributed Denial of service (DDos) and suspicious user behaviour are some of the common types of vulnerabilities in web applications by which the attacker can disclose the web application sensitive information such as credit card numbers and other confidential information. This paper proposes a framework for the detection and prevention of web threats (WTDPF) which is based on preventing the attacker from gaining access to confidential data by studying his behavior during the action of attack and taking preventive measures to reduce the risks of the attack and as well reduce the consequences of such malicious action. The framework consists of phases which begin with the input checking phase, signature based action component phase, alert and response phases. Additionally, the framework has a logging functionality to store and keep track of any action taking place and as well preserving information about the attacker IP address, date and time of the attack, type of the attack, and the mechanism the attacker used. Moreover, we provide experimental results for different kinds of attacks, and we illustrate the success of the proposed framework for dealing with and preventing malicious actions.