期刊名称:International Journal of Advanced Research in Computer Engineering & Technology (IJARCET)
印刷版ISSN:2278-1323
出版年度:2012
卷号:1
期号:4
页码:375-378
出版社:Shri Pannalal Research Institute of Technolgy
摘要:A Web Application Firewall (WAF) is a security tool that protects the web application and web application server from various attacks. Application protection is a valuable security layer to add because it can protect against a number of application layer security threats which is usually not protected by a typical network layer intrusion detection system. The Web Application can easily be attacked by the hackers even though with the existence of the normal firewall in the system. This is due to the limitation that the normal firewall does not work in the application layer. The hackers will attack the Web Application using the methods like structured Query Language (SQL) Injection, Cross Site Scripting (XSS), Command Injection, or Session Manipulation, cookie poisoning, Directory traversal, Forceful browsing. This paper addresses these problems by presenting a methodology for the automatic detection of vulnerabilities in web application and preventing web application from various attacks. The proposed methodology, implemented in this paper monitors all the incoming and outgoing data in the web application and block s web related attacks like SQL injection attacks, Cross Site Scripting attacks, Buffer Overflow attacks, Cookie poisoning ,Forceful browsing and Directory traversal attacks.
关键词:Application Firewall; SQL injection; Cross ; Site Scripting; WAF
