Web based applications are very common nowadays where almost every software can be accessible through a web browser in one form or the other. This paper proposes techniques to detect different threats related to web applications by using a hypervisor- based security architecture. The proposed architecture leverages the hypervisor's visibility of the virtual machines' runtime state and traffic flows for securing the web application. The unique feature of the proposed architecture is that it is capable of doing fine granular detection of web application attacks, i.e. to the specific web page level, and protecting the application against zero-day attacks.
|Cite as: Jayarathna, D., Tupakula, U. and Varadharajan, V. (2015). Hypervisor-based Security Architecture to Protect Web Applications. In Proc. 13th Australasian Information Security Conference (AISC 2015) Sydney, Australia. CRPIT, 161. Welch, I. and Yi, X. Eds., ACS. 15-24 |
(local if available)