Open AccessWeb Intrusion Detection Systems Comparison: Techniques and usage
Author(s) -
ABDULLAH HAMAD ALQAHTANI
Publication year - 2022
Publication title -
journal of computer and information technology
Language(s) - English
Resource type - Journals
eISSN - 2319-8842
pISSN - 2229-3531
DOI - 10.22147/jucit/130101
Subject(s) - firewall (physics) , computer science , intrusion detection system , computer security , open source , web application , world wide web , intrusion prevention system , web traffic , application firewall , the internet , stateful firewall , operating system , software , physics , schwarzschild radius , classical mechanics , network packet , gravitation , charged black hole
Web attacks are one of the most concern these days. Vulnerable applications require protection, which can be provided through web application firewalls (WAF) and web intrusion detection systems (WIDS). Some of them are signature based and some detect / protect through anomaly detection. Various commercial solutions have been offered by vendors like CISCO ACE application firewall, Barracuda application firewall etc. Open source community has also contributed some formidable solutions like ModSecurity, PHPIDS, Ironbee, WebKnight and Snort etc. No solution has yet proven to be the silver bullet and this area is still a subject of active research. Inability to detect any novel attack has been the common weakness and has lead to various techniques being proposed for identifying zero-day attacks. In this paper, we analyze various commercial and open source web application protection solutions and make comparative analyses of their strengths andweaknesses, identifying any areas that still need attention of the research community.