Title: Policy-based intrusion detection in web applications by monitoring Java information flows

Authors: Guillaume Hiet, Valerie Viet Triem Tong, Ludovic Me, Benjamin Morin

Addresses: SUPELEC, Avenue de la Boulais, CS 47601, F-35576 Cesson-Sevigne Cedex, France. ' SUPELEC, Avenue de la Boulais, CS 47601, F-35576 Cesson-Sevigne Cedex, France. ' SUPELEC, Avenue de la Boulais, CS 47601, F-35576 Cesson-Sevigne Cedex, France. ' SUPELEC, Avenue de la Boulais, CS 47601, F-35576 Cesson-Sevigne Cedex, France

Abstract: This paper focuses on intrusion detection in systems using web applications and Commercial Off-The-Shelf (COTS). We present a solution that combines policy-based intrusion detection and information flow control. We describe JBlare, an inline Java monitor that tracks inter-method flows in Java applications. This monitor collaborates with Blare, a monitor that tracks information flow in the whole system at the OS-level. The combination of these two detectors constitutes a policy-based Intrusion Detection System (IDS) that can address a wide range of attacks.

Keywords: computer security; information flow control; policy-based intrusion detection; web applications security; IDS; intrusion detection systems; Java information flows; information flow monitoring.

DOI: 10.1504/IJICS.2009.031040

International Journal of Information and Computer Security, 2009 Vol.3 No.3/4, pp.265 - 279

Published online: 18 Jan 2010 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article