Intrusion Detection System based on Ontology for Web Applications

Web application security is the major security concern for e-business and information sharing community. The use of e-business and information sharing community are exponentially increased and due to this cyber threats also increased. Current research shows that more than 75% attacks are being deployed at application layer and that of 90% applications are vulnerable to these attacks. Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. So Intrusion Detection Systems have become a needful component in terms of computer and network security. Intrusion Detection Systems (IDSs) are one of the most useful tools to identifying malicious attempts over the network and protecting the systems without modifying the end-user software. In our propose system we are using novel approach for effective defense against the application level attacks. We discuss about utilizing methods and techniques of semantic web in the Intrusion Detection Systems based on ontology. Which specify the different categories of attacks? The system semantically analyzes the specific field of payload and headers where attack is possible. Inference ability of the system provides the capability for detecting the zero day and complex web application attacks that easily eludes packet level inspection. The propose system is time efficient by analyzing the specified field of protocol, and able to provide significant search space reduction as well as low false positive rate and high detection rate. To implement and measure the performance of our system we used the KDD99 benchmark dataset and obtained reasonable detection rate. Protégé is an open source tool used to develop our System.