AppSensor Cheat Sheet

= Introduction =

= Purpose =

= Pre-requisities =

= What to detect =

The most commonly implemented detection points are:



= How to respond =

Thresholds:



Typical responses, that the application may already support in some manner, are:


 * Change monitoring of the user (e.g. increase logging level)
 * Raise an alert
 * Add time delays
 * Log a user out (and possibly lock the account)

More advanced responses could include


 * Changing a function (adding a CAPTCHA, ??? )
 * Disabling a function (for the user, for a group of users, for all users)
 * Affecting behaviour of another systems (e.g. goods despatch held, firewall blocks IP address)
 * Altering user properties (changing their credit level)
 * Altering user properties (changing their credit level)

= How to =

No code available
= Related articles =

Other Year of Security for Java Week 18 - Perform Application Layer Intrusion Detection

= Authors and primary contributors =

Colin Watson - colin.watson[at]owasp.org