Integrated Simple Intrusion Detection and Prevention System for Nginx Web Server

Abstract

Web applications have been developed in a greater extent with the advancement and enhancement of information and communication technologies. As they handle corporate information and financial information, security has become an important part with every system deployed on anywhere in the world. For this matter many security tools have been implemented and deployed along with the systems.As the Internet Protocol version 6 (IPv6) implementation becomes more widespread, the IP Security (IPSec) features embedded into the next-generation protocol will become more accessible than ever. Though the network-layer encryption provided by IPSec is a boon to data security, the use of IPSec will not be effective on the standard Network Intrusion Detection Systems (NIDS) on IPv6. The problem of performing intrusion detection on encrypted traffic has been addressed by differing means with each technique requiring one or more static secret keys to be shared with the NIDS beforehand.Instead of sharing secret keys, doing intrusion detection at a higher level such as application level will be a good solution as it has many other benefits regarding web application security at the moment. With the help of scripting languages and lightweight storage solutions, a module for Nginx web server has been developed as a simple solution to this newly found problem.