E-shield: Detection and prevention of website attacks

As Internet usage is growing daily the world is coming closer making it a smaller place to live for its users. However, it has also managed to create problems for people because of the increase in cyber-crimes. So there is a need for monitoring and analyzing both user and system activities and thus tracking as well as blocking the malware is a must. This is where intrusion detection system (IDS) and intrusion prevention system (IPS) comes into the picture. IDS and IPS have a substantial societal impact on reducing the number of cyber-crimes and providing a platform to facilitate basic security amenities for small scale firms and budding entrepreneurs. The majority of intrusion prevention systems use the detection methods which include Signature-based, Statistical anomaly-based and Honeypot-based. Using these detection methods, the malware is detected, and then further actions are taken to block the malware. IPS techniques differ in how they scan the data streams to detect a threat or intrusion. Data capture and data control are used by the research community to study issues in network security, such as Internet worms, spam control, and Denial of Service (DoS) attacks. In this paper, we will be focusing on prevention from the attacks.

[1]  Puja Padiya,et al.  Survey of different IDS using honeytoken based techniques to mitigate cyber threats , 2016, 2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT).

[2]  Liu Dongxia,et al.  An Intrusion Detection System Based on Honeypot Technology , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[3]  A. B. Robert Petrunic,et al.  Honeytokens as active defense , 2015, 2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO).

[4]  Arun Mishra,et al.  Prevention of information leakages in a web browser by monitoring system calls , 2014, 2014 IEEE International Advance Computing Conference (IACC).

[5]  Mohammad Alshraideh,et al.  Detecting and Preventing SQL Injection Attacks: A Formal Approach , 2016, 2016 Cybersecurity and Cyberforensics Conference (CCC).

[6]  Melody Moh,et al.  Detecting Web Attacks Using Multi-stage Log Analysis , 2016, 2016 IEEE 6th International Conference on Advanced Computing (IACC).

[7]  Prathamesh Churi,et al.  Honey-patterns: Recognizing Pattern based Attacks on Websites , 2017 .

[8]  Yun Yang,et al.  Design and implementation of distributed intrusion detection system based on honeypot , 2010, 2010 2nd International Conference on Computer Engineering and Technology.

[9]  Naresh Kumar,et al.  Comparative Study of Intrusion Detection Systems in Cloud Computing , 2013 .

[10]  Yong Tang,et al.  HonIDS: enhancing honeypot system with intrusion detection models , 2006, Fourth IEEE International Workshop on Information Assurance (IWIA'06).

[11]  A. Pomsathit Effective of Unicast and Multicast IP Address Attack over Intrusion Detection System with Honeypot , 2012, 2012 Spring Congress on Engineering and Technology.

[12]  Xue Han,et al.  Research on the application of honeypot technology in intrusion detection system , 2014, 2014 IEEE Workshop on Advanced Research and Technology in Industry Applications (WARTIA).

[13]  Christopher Krügel,et al.  A Practical Attack to De-anonymize Social Network Users , 2010, 2010 IEEE Symposium on Security and Privacy.