Please use this identifier to cite or link to this item:
|Scopus||Web of Science®||Altmetric|
|Title:||Intent-based extensible real-time PHP supervision framework|
|Citation:||IEEE Transactions on Information Forensics and Security, 2016; 11(10):2215-2226|
|Victor Prokhorenko, Kim-Kwang Raymond Choo and Helen Ashman|
|Abstract:||Protecting Web applications is increasingly important due to their high popularity and wide adoption. Therefore, a multitude of protection techniques emerged in effort to secure Web applications, specifically considering valuable and private data commonly processed by such applications. Based on an overview of currently existing protection techniques, a generic and extensible PHP-oriented protection framework is proposed. The concept of application developer intent is introduced and compared with other concepts such as enforced security policies commonly used in existing protection approaches. The proposed framework is mainly focused on application developer intention understanding. Supervising the application execution in real-time makes it possible to detect deviations from the intended behavior and prevent potentially malicious activity. The additional aspects of application behavior, such as database-related communications or generated Web page structure, can be analyzed due to the extensible architecture of the framework.|
|Keywords:||PHP; intent-based; real-time supervision; web application security|
|Rights:||© 2016 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.|
|Appears in Collections:||Computer Science publications|
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.