This Article 
 Bibliographic References 
 Add to: 
Integrated Access Control and Intrusion Detection for Web Servers
September 2003 (vol. 14 no. 9)
pp. 841-850

Abstract—Current intrusion detection systems work in isolation from access control for the application the systems aim to protect. The lack of coordination and interoperation between these components prevents detecting and responding to ongoing attacks in real-time before they cause damage. To address this, we apply dynamic authorization techniques to support fine-grained access control and application level intrusion detection and response capabilities. This paper describes our experience with integration of the Generic Authorization and Access Control API (GAA-API) to provide dynamic intrusion detection and response for the Apache Web server. The GAA-API is a generic interface which may be used to enable such dynamic authorization and intrusion response capabilities for many applications.

[1] M. Almgren, H. Debar, and M. Dacier, A Lightweight Tool for Detecting Web Server Attacks Proc. Network and Distributed System Security Symp., 2000.
[2] M. Almgren and U. Lindqvist, Application-Integrated Data Collection for Security Monitoring Proc. Fourth Int'l Symp. Recent Advances in Intrusion Detection, pp. 22-36, 2001.
[3] R. Bace and P. Mell, Intrusion Detection Systems NIST Special Publication on Intrusion Detection Systems, Nat'l Inst. of Standards and Tech nology, 2001.
[4] D.J. Burroughs, L.F. Wilson, and G.V. Cybenko, Analysis of Distributed Intrusion Detection Systems Using Bayesian Methods Proc. IEEE Int'l Performance Computing and Comm. Conf., Apr. 2002.
[5] T.V. Ryutov and B.C. Neuman, The Specification and Enforcement of Advanced Security Policies Proc. Conf. Policies for Distributed Systems and Networks, 2002.
[6] R. Thau, Design Considerations for the Apache Server API Proc. Fifth Int'l World Wide Web Conf., 1996.
[7] Sanctum, Inc.,http:/, 2003.

Index Terms:
Access control, authorization, security policy, intrusion detection, Apache Web server.
Tatyana Ryutov, Clifford Neuman, Dongho Kim, Li Zhou, "Integrated Access Control and Intrusion Detection for Web Servers," IEEE Transactions on Parallel and Distributed Systems, vol. 14, no. 9, pp. 841-850, Sept. 2003, doi:10.1109/TPDS.2003.1233707
Usage of this product signifies your acceptance of the Terms of Use.