H. Farooq Ahmad

Semantic security against web application attacks

In this paper, we propose a method of detecting and classifying web application attacks. In contrast to current signature-based security methods, our solution is an ontology based technique. It specifies web application attacks by using semantic rules, the context of consequence and the specifications of application protocols. The system is capable of detecting sophisticated attacks effectively and efficiently by analyzing the specified portion of a user request where attacks are possible. Semantic rules help to capture the context of the application, possible attacks and the protocol that was used. These rules also allow inference to run over the ontological models in order to detect, the often complex polymorphic variations of web application attacks. The ontological model was developed using Description Logic that was based on the Web Ontology Language (OWL). The inference rules are Horn Logic statements and are implemented using the Apache JENA framework. The system is therefore platform and technology independent. Prior to the evaluation of the system the knowledge model was validated by using OntoClean to remove inconsistency, incompleteness and redundancy in the specification of ontological concepts. The experimental results show that the detection capability and performance of our system is significantly better than existing state of the art solutions. The system successfully detects web application attacks whilst generating few false positives. The examples that are presented demonstrate that a semantic approach can be used to effectively detect zero day and more sophisticated attacks in a real-world environment.

AgentWeb Gateway - a middleware for dynamic integration of multi agent system and Web services framework

Web services framework has been evolved in context of convergence of Web and service oriented computing and then to Web services resource framework acting as basis for grid computing. It provides a loose coupled and implementation neutral infrastructure for distributed applications. On the other hand, multi agent systems has evolved as distributed system in context of autonomic computing having ultimate aim of self-managing systems to overcome their rapidly growing complexity and to enable their further growth. In this paper, we present our solution for dynamic and seamless integration of type the distributed systems. It would help in facilitating the requirements of next generation distributed applications requiring higher demands and complexity. The AgentWeb Gateway acts as middleware between both the technologies for dynamic integration and provides protocol transformations including service discovery, service description and service invocation.

Scalable fault tolerant Agent Grooming Environment: SAGE

Scalable fault tolerant Agent Grooming Environment (SAGE) is first open source initiative in South-Asia. It is a multi-agent system which has been developed according to FIPA (Foundation for Intelligent Physical Agents) 2002 specifications. SAGE has been designed with a distributed and decentralized architecture to achieve fault tolerance and scalability as its key features. Due to these characteristics, SAGE is not only regarded as 2nd generation Multi Agent System but also provides a competitive edge over other platforms.

Foundation of Semantic Rule Engine to Protect Web Application Attacks

The exponentially increasing cyber threats with the expansion of web applications have become the biggest security concern for e-business and information sharing communities. Current survey shows that application layer is more prone to web attacks. Recent survey carried out by Nation Vulnerability Database shows that, on average 15 new vulnerabilities are released per day, thus proved that existing application security mechanisms are ineffective to provide complete security solution. We have proposed an intelligent intrusion detection system (IDS) base on ontology that specifying the different categories of attacks, different encoding schemes used by the hacker, location of attack, system component affected by attack, specification of protocols used and policies/rules for mitigating these attacks. The proposed ontology base system can be refined and expanded over time. The system semantically analyzes the specific field of payload and headers where attack is possible. Inference ability of the system provide the capability for detecting the zero day and complex web application attacks that easily eludes packet level inspection. Proposed system is time efficient by analyzing the specified field of protocol, would be able to provide significant search space reduction as well as low false positive rate. For describing the semantic concepts, Prottege tool is used. OWL-DL used for describing logical class with restrictions. For consistency and inference purpose, Pallet tool is used as inference engine and rules are specified by using Jena API which also provide the reasoning ability.

Healthcare Applications Interoperability through Implementation of HL7 Web Service Basic Profile

Information sharing within or cross enterprise is the core need of each enterprise to fully benefit from the state of the art technologies. On one hand, it allows utilizing the resources efficiently, and on the other hand, it expedites the processes of enterprise. Healthcare information is more complex and has diverse dimensions. Sharing this information by integrating various healthcare information systems is a great challenge. HL7 is renowned healthcare standard that provides specification for standardization of information exchanged among healthcare applications. To make these systems truly interoperable, it provides transportation specification for message exchanges named as web service profiles. This paper discusses the technical details including architecture, design and implementation of web service component that implement HL7 Web Service Basic Profile (HL7 WS-BP). This component is part of the transportation subsystem of the HLH project recently in progress at NUST School of Electrical Engineering and Computer Science (NUST SEECS), Pakistan.

Critical analysis on web application firewall solutions

Web Applications security has become progressively more important these days. Enormous numbers of attacks are being deployed on the web application layer. Due to dramatic increase in Web applications, security gets vulnerable to variety of threats. Most of these attacks are targeted towards the web application layer and network firewall alone cannot prevent these kinds of attacks. The basic reason behind success of these attacks is the ignorance of application developers while writing the web applications and the vulnerabilities in the existing technologies. Web application attacks are the latest trend and hackers are trying to exploit the web application using different techniques. Various solutions are available as open source and in commercial market. But the selection of suitable solution for the security of the organizational systems is a major issue. This survey paper compared the Web Application Firewall (WAF) solutions with important features necessary for the security at application layer. Critical analysis on WAF solutions is helpful for the users to select the most suitable solution to their environments.

Cyber security: Threats, reasons, challenges, methodologies and state of the art solutions for industrial applications

Cyber Civilization has become an important source of information sharing and professional activities like business, banking transactions, shopping, services and advertisement. With the exponentially increase in usage of cyberspace, cybercriminal actives are also increase exponentially. The basic reasons is that with the inception of world wide web, the web applications were also getting popularity for data storing and data sharing, irrespective of the user. With the passage of time web applications were getting more complex with rapid increase in their design faults, creating the surfing of internet totally unsafe. More than 90 percent web applications have some kind of design or development fault which can be easily exploited by the cyber criminals. These faults in web application can help criminals in getting the illegal access to trade secrets of any business. Sometime the web application may not be posing threat but the technology used in these applications become the root cause and put the application to the risk of illegal access. Presently the social networks, Internet connected mobile devices, individual privacy, and the online connectivity of entities such as banks are the most enticing targets for cyber criminals. In this survey we highlight the common cyber threats and detailed analysis of existing system and methodology used for its industrial solutions. Some important some industrial application also analyzed this paper.

Modeling high assurance agent-based Earthquake Management System using formal techniques

Disaster management systems are complex applications due to their distributed and decentralized nature. Various components execute in parallel with high need of coordination with each other. In such applications, interaction and communication issues are difficult to model and implement. In this paper, we have proposed agent-based Earthquake Management System (EMS) which is modeled and analyzed using formal approach. Traditionally, such systems undergo through various transformations starting from requirement models and specification to analysis, design and implementation. A variety of formal approaches are available to specify systems for analyzing their structure and behavior; however, there are certain limitations in using these techniques due to their expressiveness and behavior requirements. We have adopted combination of Pi-calculus and Pi-ADL formal languages to model EMS from analysis to design. The formal approach helps to enhance reliability and flexibility of the system by reducing the redundant information. It reduces chances of errors by explicitly mentioning working flow of information. Additionally, a prototype application is presented as proof of concept in EMS context. We have also evaluated our formal specification by using ArchWare and ABC tools; also, comparison of prototype application with major existing techniques is highlighted.

SOA compliant FIPA agent communication language

Agents and grid computing are distinct standards each defined by its own specifications. Semantic grid aims at providing semantic annotations for grid entities, WSMO is a language for semantic markup of grid services and provide semantic layer over grid resources. On the other hand, agents are intelligent software entities that can act semantically for interoperation with other agents in MAS. FIPA provides standard for MAS where agents speak FIPA ACL as the communication language while FIPA SL is the semantic language. Both FIPA SL and WSMO differ in terms of syntax, semantics and implementation constraints, which prevents interoperability between agents and grid services. This research addresses the issue of interoperability between FIPA agents and grid services by proposing a communication framework for interoperation; SOA compliant FIPA ACL ontology is developed; that provides the necessary vocabulary that not only adheres to the FIPA specifications but is also used by grid services.

Autonomous Distributed Service System: Basic Concepts and Evaluation

In both e-business and e-science, we often need to integrate services across distributed, heterogeneous, dynamic “virtual organizations” formed from the disparate resources within a single enterprise and/or from external resource sharing and service provider relationships. This integration is technically challenging because of the need to achieve various levels of quality of service (QoS) when running on top of different native platforms and under dynamic workload conditions. We present an Autonomous Distributed Service System Architecture that addresses these challenges. Building on concepts and technologies from the Semantic Web, Multi-Agent Systems, Grid and Web services communities, this architecture put together a proposition made to cope with heterogeneous and continuously changing needs of information processing, service provision and utilization in dynamically evolving environment to meet these requirements. Autonomous Distributed Services Architecture also define agents’ capabilities in terms of Web services Description Language (WSDL), so that agents can describe and advertise themselves in UDDI (Universal Description Discovery & Integration) as and when required.