Intrusion detection and prevention framework for Java web applications using aspects and autonomic elements




Lin, Lei

Journal Title

Journal ISSN

Volume Title



Web applications have become increasingly popular in recent years. They are widely used in security-critical areas, such as financial, medical, and military systems. Meanwhile, the number and sophistication of attacks against web applications have increased rapidly. It is important for organizations and companies to add security functions to existing web application servers in order to maintain the confidentiality of critical information. One common approach to protect web systems is to build an Intrusion Detection and Prevention System (IDPS). In this thesis, we propose an IDPS framework to detect and prevent web attacks by employing Aspect-Oriented Programming (AOP) and Autonomic Computing (AC) technologies. This framework can also be used to discover whether a web application under protection has abilities to prevent certain web attacks itself. We developed a prototyping tool to implement the functionality of this framework partially. We evaluated this tool on two Java web applications to detect and prevent Cross Scripting Site (XSS) and Structured Query Language (SQL) Injection, which are two of the most common web attacks. The experimental results show that the prototyping tool based on AOP and AC technologies can be applied to detect and prevent the two common web attacks effectively.



intrusion detection, autonomic computing