Http Rule Base Intrusion Detection and Prevention System
D. Sathya1, S. Sangeetha2
1D. Sathya, Assistant Professor II, Deptmant of CSE, Kumaraguru College of Technology, Coimbatore, T.N, India.
2S. Sangeetha, Assistant Professor, Deptmant of CSE, SNS College of Technology, Coimbatore, T. N, India.
Manuscript received on 20 August 2019 | Revised Manuscript received on 27 August 2019 | Manuscript Published on 31 August 2019 | PP: 438-441 | Volume-8 Issue-9S2 August 2019 | Retrieval Number: I10930789S219/19©BEIESP DOI: 10.35940/ijitee.I1093.0789S219
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open-access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: The objective of HTTP Rule Base Intrusion Detection and Prevention System (IDPS) is to provide security for one of the application layer protocols namely HTTP (Hyper-Text Transfer Protocol). Such an HTTP based Intrusion Detection System (IDS) detects header attacks and attacks in payload (includes HTML and scripting). Misuse detection uses signature based approach where predefined patterns are defined. The input text or pattern is compared with the predefined signatures to detect malicious activity. Furthermore new types of attacks are continuously created. The new attacks created by attacker are also detected by these IDS, only if attacks are in the form of signatures. Signatures are defined either in a single-line or by complex script languages and are used in rule base to detect attacks. These signatures and rules have to be updated periodically as the attacks are continuously changing its nature of attacks.
Keywords: IDS, HTTP, Rule Base
Scope of the Article: Distributed Mobile Applications Utilizing IoT