I am investigating the possibility of developing something like a web-shield using boost::asio.

 

What I mean is this.  One vulnerability for ecommerce sites is that a session may be hijacked once a user has been validated.  Someone intent on fraud may then use that session for a variety of different kinds of fraud.  I expect that the lowest level IP address has to be the actual machine making each request (otherwise the attacker would not be able to get the responses to requests he's made), and that one of the things a fraudster may be doing is falsifying the IP addresses in HTTP headers.  I also expect some may be using proxy servers to hide their real identity or location.

 

The first thing I need to learn about is whether there are classes or structs defined within asio that facilitate getting packets in a form that would support the sort of packet analysis that may be useful.  I would suppose I would need to make a set of classes that collects HTTP headers, to ease examining them particularly for IP data.  Ideally, I'd like to be able to examine each major OSI layer (in part, just to learn how they work in real life).  And I' like to try to examine the route by which a given HTTP request as arrived at the server that is to handle it, if that is at all possible.  And, I'd like to investigate what sorts of patterns ought to be considered with a view toward detecting any form of misbehaviour a fraudster may resort to.

 

If any of this proves feasible, I'd like to create an intelligent 'shield' based on asio that receives incoming http traffic, examines it for misconduct, and if no such behaviour is found just forward the request on to the real server, and if there is evidence of misbehaviour, redirect the user to either static advertizing pages or whatever challenge-response system a merchant may want to try to use in order to reduce his vulnerability to online fraud.

 

I have yet to see any ecommerce software that tries to protect both consumers and merchants from online fraud in this manner, and have spent much of my time writing code that tries to detect fraud, among other problems, after the fact.  But it is such a costly process for some merchants, I would like to become more pro-active, to try to prevent it.  Alas, although I have written plenty of quantitative code, I have no experience with network programming in C++, so I don't really know what is feasible (but being an R&D kind of guy, I have no qualms about trying to learn stuff that is new to me ;-)

 

Any insights into what is available and what is possible (with URLs to useful resources) would be greatly appreciated.

 

Thanks

 

Ted