Prevention Techniques in Web Service Application

Web security is an extremely important issue that continues to grow every single day. Everything we do from using our phones to listen to music to paying bills online is based on the internet. Our everyday lives are affected by the internet and can easily be distraught by web attacks. This paper will discuss authors Gajanan P. Bherde and M.A. Punds paper on some basic exploits of attacks such as “cross Scripting attack, cross site request forgery, SQL Injection Attack, Server Misconfiguration and Predictable Page, Breaking Authentication Schemes, Logic attacks and Web of Distrust.” They discuss different types of attack usually attacks internal systems of both regular people using the internet for random uses to corporations  that use the internet and web applications to do business day to day. What those internal attacks do can be anything from slowing the performance of a system to crashing the entire system, making any service unavailable to users. After the attacks is when companies and users can detect any attack and prevent it from happening again.

 There are several attacks that authors discuss the first attack that they mention is Cross site Scripting XSS. Gajanan P. Bherde and M.A. Punds, explain that Cross Site Scripting is when “an attacker can inject viral client side script into the web pages or server and plugins of the web applications.” An attacker would put damaging content on the desired site of there choosing which with then be given to the users. By doing this type of attack, an attacker can access information suck as cookies any other important information pertinent to the browser.  Another attack that the authors discuss is the Cross-Site Request Forgery(CSRF).  Gajanan P. Bhered and M.A. Punds explains that Cross-Site Request Forgery is, “also known as one-click attack or session riding. In this attack, unapproved malicious commands are transmitted from attacker.” Along with this an attacker will make links with viruses on them and email spam to users that they often want to make there victims.

 Another attack that both authors discuss is Structured Query Language Injection(SQL Injection). According to Gajanan P. Bherde and M.A. Punds, “SQL injection is a method utilized by attacker to insert a corrupted code that is queries in database layer of applications.” This attack allows attacker access to places that wouldn’t normally be allowed to have access to with data . According to the authors, “An attacker can modify the identity, modify the existing data in web database, causes validity issues, disclosure of whole data, damage the data, etc”. The Attack is extremely dangerous and cause harm to both the creators of the web application and the users that are using that particular web application. When making an application unavailable to users companies could lose millions of dollars within hours or days. Another attacked discussed the Server Misconfiguration and Predictable Page which in this attack, it more related to the vulnerability of a site because if weak security. This attack usually target a servers settings.

Other attacks that are discussed by the authors are Breaking Authnetication Schemes, Logic Attacks and Web of Distrust. Breaking Authentication schemes according to Gajanan P. Bherde and M.A. Punds means  “Basic authentication, digest authentication, forms-based authentication, and single sign-on (SSO) authentication and shared authentication, are some important techniques to authenticate the web application users.” This allows to attackers to gain access to usually unauthorized places. When attackers do break into the web application they are open to changing or reducing the security so that its easier to get into. Gajanan P. Bherde and M.A. Punds discuss that logic attacks are,  “Logic of application is developed by developer to complete any action.” This attack is usually undetectable because it due the bad validation of an application, but it is dangerous. This attack is especially dangerous because an attacker according to the authors, “can modify the sequence of application execution.  Web distrust according to the authors, “This type of attack is related to browser.” This is caused my harmful software and viruses that is developed as a threat. There are other Xpath Injection, Xquery Injection and Xss Injection. With these attacks, attacker can attack by either adding harmful data to code for the web application, or by an attacker giving commands that not approved by those controlling the web application.

Companies and individuals alike can prevent attacks from happening. There are 5 basic approaches that detecting attacks and preventing those attacks from affecting web applications. One of those prevention techniques is Signature Based Detection, which detects attacks that have already been detected. According to Gajanan P. Bherde and M.A. Punds, “These techniques validate each newly arrived packet with list of already detected known attacks.” Usually though when attacks first happen also known as the zero day attacks is when this method of prevention doesn’t work. This method does with lower end detection. Another prevention technique that the authors talk about is knowledge- based detection.  According to the to Gajanan P. Bherde and M.A. Punds knowledge- based detection is the,  “type of attack detection system knows the information about system vulnerabilities and previous attack description and also able to detect the suspicious behavior of users”. What this detection system will be to identify is the different behavioral patterns between an normal user and an attacker. Usually the attackers pattern is abnormal to the normal to user.

Another way to detect attack is Stastical Based Detection. According to Gajanan P. Bherde and M.A. Punds , “This technique determines normal activities of network”. This technique when it finds activity that it doesn’t find normal it labels it as harmful. This technique also goes in network patterns and using algorithms its detects malicious activity. Another prevention method this technique uses according to the authors is, “This technique uses one threshold value and generates the anomaly score for each packet. If the anomaly score of packet is greater than threshold, then the packet is treated as malicious event and produce alert message”. Another technique the authors speak about is Behavior-Based Detection which based on the coding of a web application the detection system will label it was either normal or abnormal. This technique Also  characterizes various attacks and the aim is be able to identify future behavior of the attack so that it doesn’t happen again.

A method to detect an attack is called Hybird-Based Detection, according to to Gajanan P. Bherde and M.A. Punds, “Hybrid-based techniques combine statistical-based, Knowledge-based signature-based, and behavior based methods”. This method of detection has all the advantages of all the methods of  all the detection methods while also taking away all the disadvantages. There are methods that the authors identified for future directions such as “designing a software system to detect the malware more efficiently without skipping security warnings”. All these methods prevent or detect incoming attacks from damaging both users and a big companies alike. 

Bibliography

• Bherde, Gajanan P., and M. A. Pund. “Recent Attack Prevention Techniques in Web Service Applications.” Pace University Library Remote Database Authentication, 16 Mar. 2016, ieeexplore-ieorg.rlib.pace.edu/document/7877771/authors#authors.