A Novel Hybrid Approach for Detection of Web- Based Attacks in Intrusion Detection Systems

Importance of information security systems is increasing in parallel with the rapid developments in information technology. The development of new technologies brings new security weaknesses in corporate and personal meaning can lead to unavoidable losses. For this reason, many researches have been performed in order to ensure the security of information systems. In today's world, the concept of information has been moved to the digital size from conventional size. Protection of the data stored in the digital archive and is easily accessibility at any time have become a quite important phenomenon. In this concept, intrusion detection and prevention systems as security tools are widely used today. In this paper, a hybrid real time intrusion and prevention system approach has been proposed for web applications security. The proposed system uses rule-based misuse detection and anomaly detection as intrusion detection method and uses network packets as data source. The system is real-timed with accordance to data process time, centralized with accordance to architecture, and server-based with accordance to system it protects. The developed system has been tested on the current web attacks determined by OWASP (The Open Web Application Security Project) and provides a very high success rate. Index Terms – Web Attacks, Intrusion Detection and Prevention Systems, Information Security, Network Analysis.