An adaptive intrusion detection and prevention (ID/IP) framework for web services

2007 International Conference on Convergence Information Technology, ICCIT 2007

Volumn , Issue , 2007, Pages 528-534

  Yee, Chan Gaik ^a   Shin, Wong Hui ^a   Rao, G S V R K ^b  

^a MULTIMEDIA UNIVERSITY   (Malaysia)

^b Life Sciences Digital Business Operations   (India)

Author keywords

[No Author keywords available]

Indexed keywords

ALARM SYSTEMS; DATA MINING; DECISION SUPPORT SYSTEMS; FINANCIAL DATA PROCESSING; FUZZY CLUSTERING; FUZZY INFERENCE; FUZZY LOGIC; INFORMATION MANAGEMENT; INFORMATION SERVICES; INFORMATION TECHNOLOGY; SEARCH ENGINES; TECHNOLOGY; WEB SERVICES; WEIGHT CONTROL; WORLD WIDE WEB;

DATA MINING TECHNIQUES; FALSE ALARMS; FUZZY LOGICS; INTERNATIONAL CONFERENCES; SECURITY THREATS; WEB TECHNOLOGIES;

INTRUSION DETECTION;

EID: 49049101669     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICCIT.2007.4420313     Document Type: Conference Paper

References (29)

1. C. Anley, "Advance SQL Injection In SQL Server Applications", An NGSSoftware Insight Security Research (NISR) Publication, Next Generation Security Software Ltd. 2002.
2. C. Anley "(more) Advance SQL Injection", An NGSSoftware Insight Security Research (NISR) Publication, Next Generation Security Software Ltd. 2002.
3. G. Antoniou, and F. V. Harmelen, "The Semantic Web Vision" in A Semantic Web Primer, The MIT Press, April 2004. http://mitpress.mit. edu/books/chapters/0262012103chap1.pdf Retrieved July 27, 2007.
4. G. Y. Chan and G.S.V.R.K. Rao, "A Hybrid Approach to Intrusion Detection and Prevention for Business Intelligence Applications", Proceedings of the 2006 IEEE International Symposium on Communications and Information Technologies (ISCIT 2006), Bangkok, Thailand.
5. th International Conference of the North American Fuzzy Information Processing Society, 2000. Page(s):301-306.
6. A. El-Semary, J. Edmonds, J. Gonzalez-Pino, and M. Papa, "Applying Data Mining of Fuzzy Association Rules to Network Intrusion Detection", Proceedings of the 2006 IEEE Workshop on Information Assurance United States Military Academy, West Point, NY.
7. S. Faust,"SOAP Web Services Attacks:Are your web applications vulnerable?", SPI Dynamics, 2003.
8. D. Fensel, J. A. Hendler, H. Lieberman, and W. Wahlster, "Introduction" in Spinning the Semantic Web, The MIT Press, March 2005. http://mitpress.mit.edu/books/chapters/0262062321intro1.pdf Retrieved July 27, 2007.
9. H. Han, X. L. Lu, and L. Y. Ren, "Using Data Mining To Discover Signatures In Network-Based Intrusion Detection", Proceedings of the First International Conference on Machine Learning and Cybernetics, Beijing, 4-5 November, 2002.
10. M. Hossain, S. M. Bridges, and R. B. Vaughn, Jr, "Adaptive Intrusion Detection with Data Mining", Proceedings of the IEEE International Conference on Systems, Man and Cybernatics, 2003. Page(s):3097 - 3103 vol.4.
11. P. Lindstrom, "Attacking and Defending Web Services", A Spire Research Report, January 2004.
12. Y. S. Loh, W. C. Yau, C. T. Wong and W. C. Ho, "Design and Implementation of an XML Firewall", Proceedings of the 2006 International Conference on Computational Intelligence and Security (CIS2006), Guangzhou, China, Nov. 3-6, 2006, pp. 1147-1150.
13. C.L. Lui, T.C. Fu, and T.Y. Cheung,"Agent-based Network Intrusion Detection System Using Data Mining Approaches", Proceedings of the Third International Conference on Information Technology and Applications(ICITA'05), IEEE.
14. J. Luo, S. M. Bridges, and R. B. Vaughn, Jr., "Fuizzy Frequent Episodes for Real-Time Intrusion Detection", Preceedings of 2001 IEEE International Fuzzy Systems Conference.
15. O. Maor and A. Shulman, "SQL Injection Signatures Evasion", Imperva, Inc. April 2004.
16. K. K. Mookhev and Nilesh Burghate, "Detection of SQL Injection and Cross-site Scripting Attacks", Network Intelligence India Pvt. Ltd. 2004.
17. M. Muthuprasanna, Ke Wei, Suraj Kothari, "Eliminating SQL Injection Attacks - A Transparent Defense Mechanism", Proceedings of the Eighth IEEE International Symposium on Web Site Evolution (WSE'06).
18. A. Orfial, J. Carbo, and A. Ribagorda, "Fuzzy logic on decision model for IDS", Proceedings of the IEEE International Conference on Furzy Systems, 2003.
19. S. Petrovic, G. A. Ivarez, A. Orfila, and J. Carbo, "Labelling Clusters in an Intrusion Detection System Using a Combination of Clustering Evaluation Techniques", Proceedings of the 39th Hawaii International Conference on System Sciences, 2006.
20. M. Qin, and K. Hwang, "Frequent Episode Rules for Internet Anamoly Detection", Preceedings of the Third IEEE International Symposium on Network Computing and Applications (IEEE-NCA-04), Cambridge, MA, Aug.30-Sept.1, 2004.
21. A Murali M Rao, "A Survey on Intrusion Detection Approaches", Proceedings of the First International Conference on Information and Communication Technologies, ICICT 2005 IEEE, 27-28 August 2005 Pages(s):233-240.
22. N. Reed, "Security Guards for the Future Web", The MITRE Corporation, 2004. http://www.mitre.org/news/events/tech04/briefings/726.pdf . Retrieved August 1, 2007.
23. M. Silva, D. Lopez and Z. Abdelouahab, "A Remote IDS based on Multi-agent Systems, Web Services and MDA", Proceedings of the international Conference on Software Engineering Advances (ICSEA'06) IEEE.
24. K. Spett, "Blind SQL Injection:Are Your Web Applications Vulnerable?". SPI Dynamics, 2005.
25. A. Stamos and S. Stender, "Attacking Web Services: The Next Generation of Vulnerable Enterprise Apps", BlackHat2005, USA, 2005.
26. B. Thuraisingham, "Security Issues for the Semantic Web", Proceedings of the 27th Annual International Computer Software and Applications Conference (COMPSAC'03), 2003.
27. A. Vorobier and J. Han, "Security Attack Ontology for Web Services", Proceedings of the Second International Conference on Semantics, Knowledge, and Grid (SKG'06) IEEE.
28. J. Zhang and M. Zulkernine, "A Hybrid Network Intrusion Detection Technique Using Random Forests", Proceedings of the First International Conference on Availability, Reliability and Security (ARES'06) IEEE.
29. Y. F. Zhang, Z. Y. Xiong, and X. Q. Wang, "Distributed Intrusion Detection Based On Clustering", Proceedings of the Fourth International Conference on Machine Learning and Cybernetics, Guangzhou, 18-21 August 2005.