Please use this identifier to cite or link to this item:
Scopus Web of Science® Altmetric
Type: Journal article
Title: Intent-based extensible real-time PHP supervision framework
Author: Prokhorenko, V.
Choo, K.
Ashman, H.
Citation: IEEE Transactions on Information Forensics and Security, 2016; 11(10):2215-2226
Publisher: IEEE
Issue Date: 2016
ISSN: 1556-6013
Statement of
Victor Prokhorenko, Kim-Kwang Raymond Choo and Helen Ashman
Abstract: Protecting Web applications is increasingly important due to their high popularity and wide adoption. Therefore, a multitude of protection techniques emerged in effort to secure Web applications, specifically considering valuable and private data commonly processed by such applications. Based on an overview of currently existing protection techniques, a generic and extensible PHP-oriented protection framework is proposed. The concept of application developer intent is introduced and compared with other concepts such as enforced security policies commonly used in existing protection approaches. The proposed framework is mainly focused on application developer intention understanding. Supervising the application execution in real-time makes it possible to detect deviations from the intended behavior and prevent potentially malicious activity. The additional aspects of application behavior, such as database-related communications or generated Web page structure, can be analyzed due to the extensible architecture of the framework.
Keywords: PHP; intent-based; real-time supervision; web application security
Rights: © 2016 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See for more information.
RMID: 0030086784
DOI: 10.1109/TIFS.2016.2569063
Appears in Collections:Computer Science publications

Files in This Item:
There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.