Next Article in Journal
Tooth-Marked Tongue Recognition Using Gradient-Weighted Class Activation Maps
Previous Article in Journal
Consistency Models of NoSQL Databases
Article Menu
Issue 2 (February) cover image

Export Article

Open AccessArticle
Future Internet 2019, 11(2), 44; https://doi.org/10.3390/fi11020044

BlackWatch: Increasing Attack Awareness within Web Applications

1
MWR InfoSecurity, London SE1 3RS, UK
2
School of Design and Informatics, Abertay University, Dundee DD1 1HG, UK
*
Author to whom correspondence should be addressed.
Received: 15 January 2019 / Revised: 10 February 2019 / Accepted: 11 February 2019 / Published: 15 February 2019
(This article belongs to the Section Smart System infrastructures and Cybersecurity)
Full-Text   |   PDF [1421 KB, uploaded 15 February 2019]   |  

Abstract

Web applications are relied upon by many for the services they provide. It is essential that applications implement appropriate security measures to prevent security incidents. Currently, web applications focus resources towards the preventative side of security. While prevention is an essential part of the security process, developers must also implement a level of attack awareness into their web applications. Being able to detect when an attack is occurring provides applications with the ability to execute responses against malicious users in an attempt to slow down or deter their attacks. This research seeks to improve web application security by identifying malicious behavior from within the context of web applications using our tool BlackWatch. The tool is a Python-based application which analyzes suspicious events occurring within client web applications, with the objective of identifying malicious patterns of behavior. This approach avoids issues typically encountered with traditional web application firewalls. Based on the results from a preliminary study, BlackWatch was effective at detecting attacks from both authenticated and unauthenticated users. Furthermore, user tests with developers indicated BlackWatch was user-friendly, and was easy to integrate into existing applications. Future work seeks to develop the BlackWatch solution further for public release. View Full-Text
Keywords: web application firewall; intrusion prevention; software security; web application security; attack awareness; cyber security web application firewall; intrusion prevention; software security; web application security; attack awareness; cyber security
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Hall, C.C.; Shepherd, L.A.; Coull, N. BlackWatch: Increasing Attack Awareness within Web Applications. Future Internet 2019, 11, 44.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Future Internet EISSN 1999-5903 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top