Kontaktujte nás | Jazyk: čeština English
dc.title | Usability of software intrusion-detection system in web applications | en |
dc.contributor.author | Vala, Radek | |
dc.contributor.author | Malaník, David | |
dc.contributor.author | Jašek, Roman | |
dc.relation.ispartof | International Joint Conference Cisis'12 - Iceute'12 - Soco'12 Special Sessions | |
dc.identifier.issn | 2194-5357 Scopus Sources, Sherpa/RoMEO, JCR | |
dc.identifier.isbn | 978-3-642-33017-9 | |
dc.identifier.isbn | 978-3-642-33018-6 | |
dc.date.issued | 2013 | |
utb.relation.volume | 189 | |
dc.citation.spage | 159 | |
dc.citation.epage | 166 | |
dc.event.title | 7th Int Conf on Soft Comp Models in Industrial and Environm Applications/5th Computational Intelligence in Security for Information Syst/3rd Int Conf on EUropean Transnational Educ | |
dc.event.location | Ostrava | |
utb.event.state-en | Czech Republic | |
utb.event.state-cs | Česká republika | |
dc.event.sdate | 2012-09-05 | |
dc.event.edate | 2012-09-07 | |
dc.type | conferenceObject | |
dc.language.iso | en | |
dc.publisher | Springer-Verlag Berlin | en |
dc.identifier.doi | 10.1007/978-3-642-33018-6_16 | |
dc.relation.uri | https://link.springer.com/chapter/10.1007/978-3-642-33018-6_16 | |
dc.subject | Security | en |
dc.subject | Web Application | en |
dc.subject | Web Attack | en |
dc.subject | Intrusion-Detection | en |
dc.subject | IDS | en |
dc.subject | PHPIDS | en |
dc.subject | SQL Injection | en |
dc.subject | CSS | en |
dc.subject | HPP | en |
dc.description.abstract | This article is focused on the security solution based on intrusion detection idea, which should be independent of the web server type or configuration and do not rely on the other network hardware components. Discussed intrusion detection system solution is connected directly with the web application and is based on the real-time request analysis. The main opportunities of proposed principle are very low cost and simple implementation. Proposal is based on implementation of LGPL library PHPIDS [https://phpids.org/] into the demo application which consists of simple web form for testing. Integration of PHPIDS library was tested against the main web security flaws - SQL Injection, Cross Site Scripting, and HTTP Parameter Pollution. On this demo application, simple stress tests were performed and also level of security was evaluated. Moreover, suggestions for future improvements of this security solution are discussed. | en |
utb.faculty | Faculty of Applied Informatics | |
dc.identifier.uri | http://hdl.handle.net/10563/1003125 | |
utb.identifier.obdid | 43868861 | |
utb.identifier.scopus | 2-s2.0-84868131865 | |
utb.identifier.wok | 000312969500016 | |
utb.source | d-wok | |
dc.date.accessioned | 2013-02-19T08:53:39Z | |
dc.date.available | 2013-02-19T08:53:39Z | |
utb.contributor.internalauthor | Vala, Radek | |
utb.contributor.internalauthor | Malaník, David | |
utb.contributor.internalauthor | Jašek, Roman |