Development and Evaluation of a Secure Web Gateway Using Existing ICAP Open Source Tools

Authors

Michael Pearce, University of Canterbury
Ray Hunt, University of Canterbury

Document Type

Conference Proceeding

Publisher

School of Computer and Information Science, Edith Cowan University, Perth, Western Australia

Comments

8th Australian Information Security Mangement Conference, Edith Cowan University, Perth Western Australia, 30th November 2010

Abstract

This work in progress paper discusses the development and evaluation of an open source secure web gateway. The proof of concept system uses a combination of open source software (including the Greasyspoon ICAP Server, Squid HTTP proxy, and Clam Antivirus) to perform the various security tasks that range from simple (such as passive content insertion) to more advanced (such as active content alteration) by modules installed on the server. After discussing the makeup of the proof of concept system we discuss our evaluation methodology for both effectiveness and performance. The effectiveness was tested using comparative analysis of groups of self-browsing high interaction client honeypots (employing a variety of security measures) and recording different system alteration rates. Performance was tested across a wide range of variables to determine the failure conditions and optimal set up for the components used.

DOI

10.4225/75/57b675aa34785