This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP AppSensor Project

From OWASP
Revision as of 13:55, 27 July 2015 by Clerkendweller (talk | contribs) (In Print: Lulu link for Guide)

Jump to: navigation, search
Appsensor-header.jpg
Flagship big.jpg

OWASP AppSensor

The AppSensor project defines a conceptual framework and methodology that offers prescriptive guidance to implement intrusion detection and automated response into applications.

The project offers a comprehensive guide and a reference implementation. These resources can be used by architects, developers, security analyst and system administrators to plan, implement and monitor an AppSensor system.

Introduction

If you walk into a bank and try opening random doors, you will be identified, led out of the building and possibly arrested. However, if you log into an online banking application and start looking for vulnerabilities no one will say anything. This needs to change! As critical applications continue to become more accessible and inter-connected, it is paramount that critical information is sufficiently protected. We must also realize that our defenses may not be perfect. Given enough time, attackers can identify security flaws in the design or implementation of an application.

In addition to implementing layers of defense within an application, we must identify malicious individuals before they are able to identify any gaps in our defenses. The best place to identify malicious activity against the application is within the application itself. Network based intrusion detection systems are not appropriate to handle the custom and intricate workings of an enterprise application and are ill-suited to detect attacks focusing on application logic such as authentication, access control, etc. This project delivers a framework which can be used to build a robust system of attack detection, analysis, and response within an enterprise application.


Detect and Respond to Attacks from Within the Application

Detection

AppSensor defines over 50 different detection points which can be used to identify a malicious attacker.

Response

AppSensor provides guidance on how to respond once a malicious attacker has been identified. Possible actions include: logging out the user, locking the account or notifying an administrator. More than a dozen response actions are described.

Defending the Application

An attacker often requires numerous probes and attack attempts in order to locate an exploitable vulnerability within the application. By using AppSensor it is possible to identify and eliminate the threat of an attacker before they are able to successfully identify an exploitable flaw.


Citations

  • CrossTalk, The Journal of Defense Software Engineering
    • Creating Attack-Aware Software Applications with Real Time Defenses, Vol. 24, No. 5, Sep/Oct 2011


Licensing

OWASP AppSensor is free to use.

Guide

The guide is licensed under the Creative Commons Attribution-ShareAlike 3.0 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

Reference Implementation

The reference implementation is licensed under the MIT License, which is a permissive (commercial-friendly) license only requiring you to include a copy of the license upon distribution or copying.

© OWASP Foundation


What is AppSensor?

Detect and respond to attacks from within the application. This project includes both a well documented idea (the Guide) and a reference implementation (the Code).


Intro for Developers

Appsensor-developer-small.jpg

Two-sided US Letter or A4


AppSensor Website

Appsensor-website-small.jpg

See the AppSensor website for an introduction and quick start instructions.

Overview

Appsensor-cisobriefing-small.jpg

12-page US Letter booklet


Project Founder


Project Leaders


Related Projects


Quick Download


News and Events

Code Repository

In Print

AppSensor2 small.jpg

The AppSensor Guide and CISO Briefing can be purchased at cost as print on demand books.

Classifications

Mature projects.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files DOC.jpg
Project Type Files CODE.jpg