The problem of zero-day attacks in web applications stands as one of the primary challenges against the development of the Internet technology. Solutions so far are not adequate at preventing attacks. The philosophical reasons behind this continuous failure are due to the reliance on out-dated methodologies that offer only signatures-based and anomaly detection solutions. In the last decade, a promising direction in security research utilises biologically inspired computing in which Artificial Immune Systems (AISs) were progressively investigated. Several AIS algorithms and frameworks were introduced in order to simulate the extraordinary capability of the human immune system in eliminating common and emerging pathogenic attacks. However, AISs have not yet provided an ultimate solution to the zero-day attacks problem in web applications. This thesis explores the state-of-the-art in the subject area and shows the limitations and weaknesses of the traditional security solutions as well as the current state of AIS application in security. A novel methodology to tackle the zero-day attacks in web applications is proposed in this thesis and referred to as the Damage Theory. The Damage Theory is derived from a deep understanding of the philosophy of web security as well as the philosophy that inspires the models of the human immune system. Specifically, two biologically inspired computing paradigms: artificial neural networks and artificial immune systems are adopted. The proposed solution is called the Neural Virtual Immune System (NVIS), and it consists of two layers. The first layer mimics the human innate immune system where artificial neural networks handle previously seen attacks. The second layer mimics the human adaptive immune system where data virtualisation and swarm intelligence handle non-previously seen attacks (zero-day). The implementation of NVIS introduces two novel algorithms; namely the Damage Theory Algorithm (DTA) and the Virtual Swarm Tissue Algorithm (VSTA). Both DTA and VSTA algorithms were experimentally tested on case studies where they proved to be effective at preventing SQL injection attacks. iii.
| Identifer | oai:union.ndltd.org:bl.uk/oai:ethos.bl.uk:559257 |
| Date | January 2010 |
| Creators | Moosa, Asaad |
| Publisher | University of Reading |
| Source Sets | Ethos UK |
| Detected Language | English |
| Type | Electronic Thesis or Dissertation |
Page generated in 0.0021 seconds