AppSensor: Attack-aware applications compared against a web application firewall and an intrusion detection system

Thomassen, Pål
Master thesis
Thumbnail
View/Open
URI
http://hdl.handle.net/11250/252956
Date
2012
Metadata
Show full item record
Collections
Abstract
The thesis takes a look at the OWASP AppSensor project. The OWASP AppSensor project is about the idea of detecting attacks inside the applicaiton. The thesis compares OWASP AppSensor against both a web application firewall and an intrusion detection system. The comparison is based both on a short litterature study and an experiment performed. The experiment was a set of attacks based on OWASP top ten list which were executed against a simple bank web application. In the experiment the intrusion detection systems, web application firewall and the AppSensor detection points inside the application was tested to see which attacks they where able to detect. The results were quite satisfying for both the web application firewall and AppSensor meanin that they detected many attacks but AppSensors detection was slightly better.
Publisher
Institutt for datateknikk og informasjonsvitenskap