AppSensor ResponseActions

=About This Document= These response actions are part of the OWASP AppSensor project which advocates bringing intelligent intrusion detection inside the application. These responses can be used to counter a malicious user that has been detected probing for vulnerabilities or weaknesses within your application.

THIS PAGE IS STILL IN PROGRESS

=Overview=

The following table lists possible AppSensor Responses (ASRs). The application response actions are categorized here from the user's perspective (not from the application/server's perspective):


 * Silent: User(s) unaware of any application change
 * Passive: Process altered, but user(s) may still continue to process completion
 * Active: Functionality reduced or disabled
 * Intrusive: Non-malicious action on user's system

A text version of the table, with some examples and alternative classifications, is described in (64 KB PDF). The information on the page below is likely to be more up-to-date.



=Detailed Listing=

Classifications are:


 * Purposes: Logging, Notifying, Disrupting and Blocking
 * Target: One, Some or All users
 * Response duration: Instantaneous (e.g. just for the request), Period (e.g. time period or session duration), Permanent