Authors: Ouissem Ben Fredj
Addresses: College of Computers and Information Technology, Taif University, P.O. Box 888, Hawiyah, Taif, 21974, Kingdom of Saudi Arabia
Abstract: While the web attacks grow in number and manner, the current web protection methods fail to follow this evolution. This paper introduces a new design of a web application protection method called SPHERES. The main idea behind SPHERES is that it is placed in the application server; it intercepts the decrypted traffic, and checks it against a set of filtering rules specific to the requests. This design allows SPHERES to have the most accurate picture of the exchanged traffic, the websites structures and workflows, the user sessions and their states, and the system states. This accurate picture of the total system allows SPHERES to build a protection sphere around the website and checks several types and levels of protections efficiently. In addition to the detection of known attacks, SPHERES is able to detect zero-day attacks at runtime. The performance study of SPHERES shows that it is much better than two famous existing web protection tools.
Keywords: web application firewall; WAF; web protection methods; cross-site scripting; XSS; cross-site request forgery; CSRF; SQL injection; web security; open web application security project; OWASP; reverse proxy.
International Journal of Information and Computer Security, 2019 Vol.11 No.1, pp.33 - 60
Accepted: 09 May 2017
Published online: 19 Nov 2018 *