DOUBLEGUARD: DETECTINGINTRUSIONS IN MULTITIER WEBAPPLICATIONS

Network attacks are increased in number and severity over the past few years, intrusion detection system (IDS) is increasingly becoming a critical component to secure the network. Intrusion detection is the process of monitoring and analyzing the events occurring in a computer system in order to detect signs of security problems. Intrusion Detection Systems has the additional job of triggering alarms toward this security problem and some of it automated in the role of triggering or doing an action on behalf of the network administrator. The goal of intrusion detection system (IDS) is to provide another layer of defense against malicious (or unauthorized) uses of computer systems by sensing a misuse or a breach of a security policy and alerting operators to an ongoing attack. In this paper, we have illustrated difficulties to implement IDS in multitier architecture. Since it is difficult to implement multiple IDS, We have introduced a new protocol-Double Guard. Double Guard, is an IDS system that models the network behavior of user sessions across both the front-end web server and the back-end database. It monitors both the web and database request and identifies the attacks like SQL injection attack which independent IDS cannot do.