BlackWatch: increasing attack awareness within web applications

Research output: Contribution to journalArticlepeer-review

4 Citations (Scopus)
140 Downloads (Pure)


Web applications are relied upon by many for the services they provide. It is essential that applications implement appropriate security measures to prevent security incidents. Currently, web applications focus resources towards the preventative side of security. Whilst prevention is an essential part of the security process, developers must also implement a level of attack awareness into their web applications. Being able to detect when an attack is occurring provides applications with the ability to execute responses against malicious users in an attempt to slow down or deter their attacks. This research seeks to improve web application security by identifying malicious behaviour from within the context of web applications using our tool BlackWatch. The tool is a Python-based application which analyses suspicious events occurring within client web applications, with the objective of identifying malicious patterns of behaviour. This approach avoids issues typically encountered with traditional web application firewalls. Based on the results from a preliminary study, BlackWatch was effective at detecting attacks from both authenticated, and unauthenticated users. Furthermore, user tests with developers indicated BlackWatch was user friendly, and was easy to integrate into existing applications. Future work seeks to develop the BlackWatch solution further for public release.
Original languageEnglish
Article number44
Number of pages20
JournalFuture Internet
Issue number2
Early online date15 Feb 2019
Publication statusPublished - 15 Feb 2019


  • Web application firewall
  • Intrusion prevention
  • Software security
  • Web application security
  • Attack awareness
  • Cyber security


Dive into the research topics of 'BlackWatch: increasing attack awareness within web applications'. Together they form a unique fingerprint.

Cite this