Presentation is loading. Please wait.

Presentation is loading. Please wait.

 Abstract  Introduction  Literature Survey  Conclusion on Literature Survey  Threat model and system architecture  Proposed Work  Attack Scenarios.

Published byEsmond Fields Modified over 8 years ago

Similar presentations

Presentation on theme: " Abstract  Introduction  Literature Survey  Conclusion on Literature Survey  Threat model and system architecture  Proposed Work  Attack Scenarios."— Presentation transcript:

1

2  Abstract  Introduction  Literature Survey  Conclusion on Literature Survey  Threat model and system architecture  Proposed Work  Attack Scenarios  Experimental Setup  Advantages  Conclusion  References

3  Internet services and applications have becomean inextricable part of daily life, enabling communication and the management of personal information from anywhere.  In this paper, we present Double Guard, an IDS system that models the network behavior of user sessions across both the front-end webserver and back-end database.

4  Double Guard: Detecting intrusions in multitier web applications

5  DoubleGuard :Detecting Intrusions in Multitier Web Appliction.  Authors-: Meixing Le,Angelos Stavrou Brent ByungHoon Kang The paper suggests the model for the use of Double Guard Detecting intrusion in Multitier web Application is very more security.

6 Limitation of Security -: Low Secure Authentication Low User Identification mechanism Low computational power Low Content Security

7  Threat model to include our assumption & type of attacks we are aiming to protect against.  The attack are network borne & come from the web client, they can launch application layer attack to compromise the webserver they are connecting to.

8

9

10

11  Privilege Escalation attack  Hijack Future session Attack  Injection Attack  Direct DB Attack

12

13  More Secure Authentication  For Organization Security

14  Hardware Required: o System : Pentium IV 2.4 GHz o Hard Disk : 40 GB o RAM : 256 MB

15  Software Required:  O/S : Windows XP. Win 07.  Language : Asp.Net with c#,java,  Data Base : Sql Server 2005

16  We presented an intrusion detection system that builds models of normal behavior web appliction from both front end web request and back end database queries.  DoubleGurad forms a container based IDS with multiple input stream to produce alerts.

17  Google.com  Vidhata.com  Chennaisunday.com  SANS, “The Top Cyber Security Risks,” http://www.sans.org/ top-cyber-security-risks/, 2011.  National Vulnerability Database, “Vulnerability Summary for “CVE-2010-4332,” http://web.nvd.nist.gov/view/vuln/detail? vulnId= CVE-2010-4332, 2011.

18 Thank you

Download ppt " Abstract  Introduction  Literature Survey  Conclusion on Literature Survey  Threat model and system architecture  Proposed Work  Attack Scenarios."

Similar presentations

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.
Abstract There is significant need to improve existing techniques for clustering multivariate network traffic flow record and quickly infer underlying.

Abstract There is significant need to improve existing techniques for clustering multivariate network traffic flow record and quickly infer underlying.
Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar(96608205043) C.Karthik(96608205022) H.Sheik mohideen(96608205046) S.Lakshmi rajan(96608205023)

Secure Data Storage in Cloud Computing Submitted by A.Senthil Kumar( ) C.Karthik( ) H.Sheik mohideen( ) S.Lakshmi rajan( )
Abstract Shortest distance query is a fundamental operation in large-scale networks. Many existing methods in the literature take a landmark embedding.

Abstract Shortest distance query is a fundamental operation in large-scale networks. Many existing methods in the literature take a landmark embedding.
INTRUSION DETECTION SYSTEM

INTRUSION DETECTION SYSTEM
Optimizing Cloud Resources for Delivering IPTV Services Through Virtualization.

Optimizing Cloud Resources for Delivering IPTV Services Through Virtualization.
A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation.

A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation.
Personalized QoS-Aware Web Service Recommendation and Visualization.

Personalized QoS-Aware Web Service Recommendation and Visualization.
WARNINGBIRD: A Near Real-time Detection System for Suspicious URLs in Twitter Stream.

WARNINGBIRD: A Near Real-time Detection System for Suspicious URLs in Twitter Stream.
IP-Geolocation Mapping for Moderately Connected Internet Regions.

IP-Geolocation Mapping for Moderately Connected Internet Regions.
Secure Encounter-based Mobile Social Networks: Requirements, Designs, and Tradeoffs.

Secure Encounter-based Mobile Social Networks: Requirements, Designs, and Tradeoffs.
Cross-Domain Privacy-Preserving Cooperative Firewall Optimization.

Cross-Domain Privacy-Preserving Cooperative Firewall Optimization.
NICE :Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems.

NICE :Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems.
Security Evaluation of Pattern Classifiers under Attack.

Security Evaluation of Pattern Classifiers under Attack.
DATA DYNAMICS AND PUBLIC VERIFIABILITY CHECKING WITHOUT THIRD PARTY AUDITOR GUIDED BY PROJECT MEMBERS: Ms. V.JAYANTHI M.E Assistant Professor V.KARTHIKEYAN.

DATA DYNAMICS AND PUBLIC VERIFIABILITY CHECKING WITHOUT THIRD PARTY AUDITOR GUIDED BY PROJECT MEMBERS: Ms. V.JAYANTHI M.E Assistant Professor V.KARTHIKEYAN.
Privacy-Preserving Public Auditing for Secure Cloud Storage

Privacy-Preserving Public Auditing for Secure Cloud Storage
Team Members ? ? Chintan Goswami Nirav Tank Project Guide ? ? Mrs. Darshana H. Patel [Internal] Mr. Manish I. Vora [External]

Team Members ? ? Chintan Goswami Nirav Tank Project Guide ? ? Mrs. Darshana H. Patel [Internal] Mr. Manish I. Vora [External]
BestPeer++: A Peer-to-Peer Based Large-Scale Data Processing Platform.

BestPeer++: A Peer-to-Peer Based Large-Scale Data Processing Platform.
Improving Network I/O Virtualization for Cloud Computing.

Improving Network I/O Virtualization for Cloud Computing.
Privacy Preserving Data Sharing With Anonymous ID Assignment

Privacy Preserving Data Sharing With Anonymous ID Assignment

Similar presentations

Ads by Google