首页    期刊浏览 2024年12月02日 星期一
登录注册

文章基本信息

  • 标题:Performance Analysis of Internal vs. External Security Mechanism in Web Applications
  • 本地全文:下载
  • 作者:Supriya Gupta ; Dr. Lalitsen Sharma
  • 期刊名称:International Journal of Advanced Networking and Applications
  • 电子版ISSN:0975-0290
  • 出版年度:2010
  • 卷号:1
  • 期号:5
  • 页码:315-318
  • 出版社:Eswar Publications
  • 摘要:Most of the applications now -a-days are developed web based. The applications of public access are highly exposed to security threats. The increasing number of web based attacks which result in loss of data and unauthorized access to application has drawn the attention of organizations toward web application security. The most commonly employed defense mechanism is to use solutions that rely on security service tools like firewalls, intrusion detection and prevention systems etc. Most of the com monly used tools such as SNORT are based upon the payload inspection that detects an attack by searching for the occurrence of known signature patterns in the packet. But using these devices for protecting web applications against common input based attacks is an inefficient process. It consumes a significant am ount of time, memory and CPU cycles for each packet while scanning through a list of rules. Implementing security features within applications' logic is an effective alternative. In this paper we analyz ed the performance of two experimental web applications, one with security implemented within the code and the other checked by external security system called SNORT using a web application testing tool (WAPT 3.0). Our experiment showed that the application with secure code showed better performance statistics in terms of response time. The paper also discusses various issues regarding the use of security devices as protection against application layer attacks
  • 关键词:web applications; security; intrusion detection and prevention; snort
国家哲学社会科学文献中心版权所有