This paper proposes a secure, platform independent tool to detect intrusions and respond to intrusion attacks. Current web application intrusion systems function predominantly on the network layer and are web platform dependent. Our tool detects intrusion attacks on the client side (application layer) of the application and thus prevents any damage to the application such as the loss of confidential data. A major requirement is to create a tool that can be easily integrated into any web application, is easy to use and doesn't slow down the application's performance. This tool implements an intrusion system by matching behavior patterns with an attack rule library. This implementation improves existing systems by reducing the number of false alarms generated by traditional systems eg: similar username matching. A statistical model is used to validate the detection and take the necessary responsive action only if it is validated by the test.

Kanika Sharma, Naresh Kumar, “SWART : Secure Web Application Response Tool”, International Conference on Control, Computing, Communication and Materials (ICCCCM), pp.1-7, 2013.

Cenzic vulnerability report 2013 https://www.info.cenzic.com/rs/cenzic/images/Cenzi c-Application-Vulnerability-Trends-Report-2013.pdf [Last accessed on: 02/01/2014]

Imperva Web Application Report 2012 http://www.imperva.com

https://www.owasp.org/index.php/Category:OWASP _Top_Ten_ Project.[Last accessed on: 02/01/2014]

White hat report https://www.whitehatsec.com/assets/WPstats_winter 11_11th.pdf [Last accessed on: 02/01/2014]

https://www.owasp.org/index.php/Web_Application_ Firewall.

William G.J Halfond and Alessandro Orso, “Preventing SQL Injection Attacks using AMNESIA, ACM international Conference of Software engineering”, pp.795-798, 2006.

Xiang Fu, Xin Lu, “A Static Analysis Framework for Detecting SQL Injection Vulnerabilities”, IEEE 31stAnnual International Computer Software and Application conference, pp-87-96, 2007.

Intrusion Detection System For Input Validation Attack” , IEEE Third International Conference On Convergence And Hybrid Information Technology ,2008, PP 498-504

https://www.owasp.org/index.php/Web_Application_ Firewall

Jin-Cherng Lin , Jan-Min Chen , Cheng-Hsiung Liu, “An Automatic Mechanism For Sanitizing Malicious Injection”, IEEE The 9th International Conference For Young Computer Scientists 2008 , PP 1470-1475.

Anyi liu ,yi yuan , “SQLProb : A Proxy based Architecture towards preventing SQL injection attacks “ , ACM SAC’ March 2009, PP.2054-2061.

Abdul Razzaq ,Ali Hur , Nasir Haider , “Multi Layer Defense Against Web Application “ , IEEE Sixth International Conference On Information Technology :New Generations , 2009 , PP.492-497

Yang Haixia And Nan Zhihong , “A Database Security Testing Scheme Of Web Application”, IEEE 4th International Conference On Computer Science And Education,2009 PP .953-955.

Yang Haixia And Nan Zhihong , “A Database Security Testing Scheme Of Web Application” , , IEEE 4th International Conference On Computer Science And Education,2009 PP .953-955.