Web Application Attacks Detection: A Survey and Classification

The number of attacks is increasing day by day, especially the web attacks due to the shift of the majority of companies towards web applications. Therefore, the security of their sensitive data against attackers becomes a crucial matter for all organization and companies. Thus the necessity to use intrusion detection systems are required in order to increases the protection and prevent attackers from exploiting these data in illegal way. In this paper we begin by giving a survey of web application attacks and vulnerabilities, also approaches to improve the web application security using intrusion detection systems and scanners based on machine learning and artificial intelligence. When it comes to vulnerability, it is also an attack which exploits this vulnerability; therefore our paper presents web intrusion detection system based on detection of web vulnerabilities. Experimental results have been acquired from HTTP simulations in our network and from responses of HTTP requests sent to a bunch of websites and applications to test the efficiency of our intrusion detection system. This efficiency can be noticed from a High detection rate which is greater than 90%.