WEB APPLICATION SECURITY USING HYBRID TECHNIQUES OF ADAPTIVE CAPTCHA SYSTEM AND HONEYPOT

IGBEKELE, EMMANUEL OLUFEMI (2021) WEB APPLICATION SECURITY USING HYBRID TECHNIQUES OF ADAPTIVE CAPTCHA SYSTEM AND HONEYPOT. Other thesis, Landmark University, Omu Aran, Kwara State.

[img] Text
IGBEKELE EMMANUEL.pdf - Submitted Version

Download (12MB)

Abstract

Web Services have become a trend in providing solutions to mundane and recurrent tasks. This development, however comes with the bottleneck of authenticity and intent of users of such services bringing about the advent of several Intrusion Detection Systems (IDS) as well as Intrusion Prevention Systems (IPS). Individually, these mechanisms have been found to be porous in its defense mechanism. Some of these IDS/IPS have at one time or the other been layered to further strengthen the grip of security against bot and spam attacks, yet, the problem lingers. Hence, this study seeks to harness the strength of two distinct IDS/IPS in a hybridized solution to reduce the menace of web application security. The objectives of this work are to identify the various compatible IDS/IPS that can be hybridized, design an improved hybridized web application security framework, implement the hybridized adaptive model in a web application by computer simulation and then evaluate the framework based on selected performance metrics of accuracy and usability. The method engaged are SSH protocol, Diffie-Hellman key-exchange algorithm, Hidden Markov Models and Jess rules for integrating adaptive CAPTCHA and Honeypot to solidify the security of an internally developed web application after which Think-Aloud activity alongside Thematic Analysis were used for system evaluation. Experimental results showed that both CAPTCHA and Honeypot can be layered over each other to produce a very high performance in terms of execution time, resulting in a robust and secure web application. The hybrid model was also found to scale linearly with increase in number of service alternatives. In performing the computer simulation experiment, Themes were formed and established which helped in determining the usability and accuracy component of the hybrid solution. Most prominent amongst the hemes was found to be the issue of CAPTCHA puzzle solving where most experimental users would rather not have their details incorporated into CAPTCHAs. Also, the hybrid defense technique outperformed some of the other existing individual and hybrid techniques with a 93% accuracy thereby significantly improving web application security. The improved hybridized model for web application security provided in this study is capable of enhancing security when deployed. It is therefore recommended for deployment in the industry.

Item Type: Thesis (Other)
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Q Science > QA Mathematics > QA76 Computer software
Divisions: Faculty of Engineering, Science and Mathematics > School of Electronics and Computer Science
Depositing User: Mr DIGITAL CONTENT CREATOR LMU
Date Deposited: 31 May 2024 10:24
Last Modified: 31 May 2024 10:24
URI: https://eprints.lmu.edu.ng/id/eprint/5552

Actions (login required)

View Item View Item