Application Intrusion Detection
This repository is all about Application Intrusion Detection. Have a look at the presentations I've given on this topic or watch the recordings at W-JAX 2015 (German) or JavaZone 2016 (English) for more information.
Duke Encounters is a demo web application utilizing Application Intrusion Detection based on OWASP AppSensor. It is using Spring Boot with a h2 in-memory database and a Thymeleaf UI. Keep in mind that all entered information is only stored temporarily and will be reset when restarting the application.
Build and Run
No matter what type you choose, the web application should be available on http://localhost:8080. Any modern browser will work. Most parts of the application require a logged in user. You can either register a new one or use one of the available users listed in the src/main/resources/data.sql file. Username and password are always identical.
As an alternative, you can use Boxfuse to fuse and launch the app within an immutable image.
And you can use Docker. You can either build the image yourself or pull one from Docker Hub.
To build it yourself you have to set a new version for the application via
mvn versions:set in the repository root
directory (ApplicationIntrusionDetection). Enter (almost) any version number you like. Create the Docker image with
mvn package docker:build and launch the container via
docker container run -d -p 8080:8080 -t dschadow/duke-encounters.
To pull the latest existing image use
docker pull dschadow/duke-encounters. Other versions are available on