A Defensive Application to Identify the Web Attacks Using Hadoop

Web applications these days have increased dependency extending from people to large organizations. Along with the web-based application market growing fast, the data that is being communicated through the network is not secure. Attackers aim to attack a website or internet server by means of web application queries. Queries are created with the help of properly defined strings and parameters. These are registered in the web server log file. The proposed methodology identifies the basic web application security faults by investigating log records from the web server on Hadoop system. By investigating each record of server log file, the proposed technique recognizes the SQL Injection and Cross Site Scripting (XSS) attacks using Regular Expressions and Pattern Matching algorithms. The Regular Expressions are formed for each pattern of attacks using corresponding string characteristics of the attack. The Pattern list consists of an Anomaly Pattern list that is preserved for each attack. Then Pattern matcher matches, the server log entries to the Anomaly Pattern List. If the server logs pattern is accurately matched with any of the saved patterns in the Anomaly Pattern List then it is said that the Query gets affected by either SQL Injection or Cross Site Scripting attacks.