IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v11y2019i2p44-d206220.html
   My bibliography  Save this article

BlackWatch: Increasing Attack Awareness within Web Applications

Author

Listed:
  • Calum C. Hall

    (MWR InfoSecurity, London SE1 3RS, UK)

  • Lynsay A. Shepherd

    (School of Design and Informatics, Abertay University, Dundee DD1 1HG, UK)

  • Natalie Coull

    (School of Design and Informatics, Abertay University, Dundee DD1 1HG, UK)

Abstract

Web applications are relied upon by many for the services they provide. It is essential that applications implement appropriate security measures to prevent security incidents. Currently, web applications focus resources towards the preventative side of security. While prevention is an essential part of the security process, developers must also implement a level of attack awareness into their web applications. Being able to detect when an attack is occurring provides applications with the ability to execute responses against malicious users in an attempt to slow down or deter their attacks. This research seeks to improve web application security by identifying malicious behavior from within the context of web applications using our tool BlackWatch. The tool is a Python-based application which analyzes suspicious events occurring within client web applications, with the objective of identifying malicious patterns of behavior. This approach avoids issues typically encountered with traditional web application firewalls. Based on the results from a preliminary study, BlackWatch was effective at detecting attacks from both authenticated and unauthenticated users. Furthermore, user tests with developers indicated BlackWatch was user-friendly, and was easy to integrate into existing applications. Future work seeks to develop the BlackWatch solution further for public release.

Suggested Citation

  • Calum C. Hall & Lynsay A. Shepherd & Natalie Coull, 2019. "BlackWatch: Increasing Attack Awareness within Web Applications," Future Internet, MDPI, vol. 11(2), pages 1-20, February.
    • Handle: RePEc:gam:jftint:v:11:y:2019:i:2:p:44-:d:206220
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/11/2/44/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1999-5903/11/2/44/
    Download Restriction: no
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:11:y:2019:i:2:p:44-:d:206220. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.