Bronjon Gogoi, Tasiruddin Ahmed, Hemanta Kumar Saikia,
... against XSS attacks include hardware and software-based web application firewalls, most of which are rule and signature-based.Rule-based and signature-based web application firewalls can be bypassed by obfuscating the attack payloads.As such, rule-based and signaturebased web application firewalls are not effective against detecting XSS attacks for payloads designed to bypass web application firewalls.This paper aims to use machine learning to ...
Tópico(s): Spam and Phishing Detection
2021 - | International Journal of Innovative Research in Computer Science & Technology
Egidijus Kazanavičius, Vygintas Kazanavicius, Algimantas Venčkauskas, R. Paskevicius,
... had been analyzed. The paper proposed an embedded web application firewall model based on a "black" and "white" lists ... vulnerabilities which allows flexible and efficient development of Web applications firewalls, to assess the specifics of each program. Developed ... a firewall, to show an advantage of embedded Web application firewall. Ill. 4, bibl. 21, tabl. 2 (in English; ...
Tópico(s): Embedded Systems and FPGA Design
2012 - Kaunas University of Technology | Elektronika ir Elektrotechnika
Helen Kapodistria, Sarandis Mitropoulos, Christos Douligeris,
... new tool was compared to dotDefender, a commercial web application firewall, and ModSecurity, a widely used open source application ... web server plug‐in, which has some advanced web application firewall features with a flexible attacks search engine which ... a feature that cannot be found on other web application firewalls.
Tópico(s): Advanced Malware Detection Techniques
2011 - Emerald Publishing Limited | Information Management & Computer Security
... related to the implementation and deployment of the Web Application Firewall that protects the target application by verifying the ... prevent unauthorized access to sensitive data. A Learning Web Application Firewall offers a flexible, application-tailored, yet easy to ...
Tópico(s): Network Packet Processing and Optimization
2011 - Springer Science+Business Media | Lecture notes in computer science
Simon Applebaum, Tarek Gaber, Ali Ahmed,
Web Application Firewalls (WAF) have evolved to protect web applications from attack. A signature-based WAF responds to threats through the implementation of application-specific rules which block ...
Tópico(s):
2021 - Elsevier BV | Procedia Computer Science
Babu R. Dawadi, Bibek Adhikari, Devesh Kumar Srivastava,
... and then passed to the second layer. The web application firewall (WAF) adds an extra layer of security to the web application by providing application-level filtering that cannot be achieved by the traditional network firewall system.
Tópico(s): Advanced Malware Detection Techniques
2023 - Multidisciplinary Digital Publishing Institute | Sensors
Hongliang Liang, Xiangyu Li, Da Xiao, Jie Liu, Yanjie Zhou, Aibo Wang, Jin Li,
Web Application Firewalls (WAFs) are widely deployed to protect key web applications against multiple security threats, so it is important to test WAFs regularly to prevent attackers from bypassing them ...
Tópico(s):
2023 - IEEE Computer Society | IEEE Transactions on Dependable and Secure Computing
... difficult.In this study, a hybrid learning-based web application firewall (WAF) model is proposed to prevent web-based attacks, by using signature-based detection (SBD) ...
Tópico(s): Digital and Cyber Forensics
2019 - Czech Technical University in Prague | Neural Network World
Stefan Prandl, Mihai Lazarescu, Duc-Son Pham,
Web application firewalls (WAFs) are the primary front-end protection mechanism for Internet-based infrastructure which is constantly under ...
Tópico(s): Security and Verification in Computing
2015 - Springer Science+Business Media | Lecture notes in computer science
Aref Shaheed, Mohamad-Bassam Kurdy,
... study, we present a proposed model for a web application firewall that used machine learning and features engineering to detect common web attacks. Our proposed model analyses incoming requests to ...
Tópico(s): Spam and Phishing Detection
2022 - Hindawi Publishing Corporation | Security and Communication Networks
Saher Manaseer, Ahmad K. Al Hwaitat,
In this paper we propose a centralized web firewall system for web application security which will provide a new type of ... has been implemented to protect a real web application. Experiments showed that the attacks has been successfully prevented on multiple hosts at the time. This paper came to provide a centralized web firewall system that connect different web firewalls in order ...
Tópico(s): Network Packet Processing and Optimization
2018 - Canadian Center of Science and Education | Modern Applied Science
Vassilios C. Moussas, Antonios Andreatos,
... it can be applied to antivirus software, smart firewalls, web applications, etc.
Tópico(s): Anomaly Detection Techniques and
2021 - Multidisciplinary Digital Publishing Institute | Information
Carmen Torrano‐Gimenez, Alejandro Pérez-Villegas, Gonzalo Álvarez,
A simple and effective web application firewall is presented. This system follows the anomalous approach, therefore it can detect both known and unknown web attacks. The system decides whether the incoming requests are attacks or not aided by an XML file. The XML file contains the normal behavior of the target web application statistically characterized and is built from a set of normal requests artificially generated. Any request which deviates from the normal behavior is ...
Tópico(s): Anomaly Detection Techniques and
2009 - Springer Science+Business Media | Advances in intelligent and soft computing
Mohammadhossein Amouei, Mohsen Rezvani, Mansoor Fateh,
Due to the increasing sophistication of web attacks, Web Application Firewalls (WAFs) have to be tested and updated regularly to resist the relentless flow of web attacks. In practice, using a brute-force attack ...
Tópico(s): Network Security and Intrusion Detection
2021 - IEEE Computer Society | IEEE Transactions on Dependable and Secure Computing
Fahad Alotaibi, Vassilios G. Vassilakis,
... reduce the severity of these threats, such as web application firewalls (WAFs). On the other hand, software-defined networking (SDN) technology has significantly improved network management and operation by providing centralized control for network administrators. In this work, we investigated the possibility of using SDN to implement a firewall capable of detecting and blocking web attacks. As a proof of concept, we designed ...
Tópico(s): Internet Traffic Analysis and Secure E-voting
2023 - Multidisciplinary Digital Publishing Institute | Future Internet
Hai Thanh Nguyen, Carmen Torrano‐Gimenez, Gonzalo Álvarez, Katrin Franke, Slobodan Petrović,
Feature selection for filtering HTTP-traffic in Web Application Firewalls (WAFs) is an important task. We focus on the generic-feature-selection (GeFS) measure, which was successfully tested on low-level package filters, ...
Tópico(s): Spam and Phishing Detection
2012 - Oxford University Press | Logic Journal of IGPL
... this paper is to estimate the effectiveness of web application firewalls (WAFs) at preventing injection attacks by professional penetration ...
Tópico(s): Information and Cyber Security
2013 - Emerald Publishing Limited | Information Management & Computer Security
Dennis Appelt, Cu Nguyen, Annibale Panichella, Lionel Briand,
Web application firewalls (WAFs) are an essential protection mechanism for online software systems. Because of the relentless flow of ...
Tópico(s): Advanced Malware Detection Techniques
2018 - Institute of Electrical and Electronics Engineers | IEEE Transactions on Reliability
... be seen when considering the protection provided by Web Application Firewalls (WAF). Namely, it is often enough to obfuscate ...
Tópico(s): Network Packet Processing and Optimization
2023 - Elsevier BV | Journal of Network and Computer Applications
Hui Yuan, Lei Zheng, Liang Dong, Xiangli Peng, Yan Zhuang, Guoru Deng,
... protocol and pattern matching, this paper proposes a Web application firewall system based on feature matching. Experiments show that the Web application firewall system can defend against various web application layer attacks and effectively solve the omission problem ...
Tópico(s): Internet Traffic Analysis and Secure E-voting
2019 - Springer Nature | Advances in intelligent systems and computing
Antonio Coscia, Vincenzo Dentamaro, Stefano Galantucci, Antonio Maci, Giuseppe Pirlo,
... that malicious actors use to compromise website security. Web application firewalls (WAFs) play a primary role in preventing such ... a framework that leverages PROxy Grammar to Enhance web application firewalls for SQL Injection prevention (PROGESI). The proposed solution can act as an intermediary layer between the targeted web server and the incoming application level requests. Specifically, PROGESI can be used individually ...
Tópico(s): Spam and Phishing Detection
2024 - Institute of Electrical and Electronics Engineers | IEEE Access
Jane Jaleel Stephan, Sahab Dheyaa Mohammed, Mohammed Khudhair Abbas,
... In this paper, we have developed a prototypic web application firewall to detect new types of attacks that do ... application and makes application-level control of the firewall in the framework of the scope of the WEB-application.The system is found to have good performance ...
Tópico(s): Spam and Phishing Detection
2014 - International Journal of Information and Education Technology | International Journal of Information and Education Technology
Javier Carrillo-Mondéjar, Hannu Turtiainen, Andrei Costin, José Luis Martínez, Guillermo Suárez‐Tangil,
... intrusion prevention system in the form of a Web Application Firewall (for prevention of web-attack vectors), and an HTTPS-proxy (for latest ...
Tópico(s):
2022 - Institute of Electrical and Electronics Engineers | IEEE Internet of Things Journal
Shashank Khandelwal, Parthiv Shah, Kaushal Bhavsar, Savita Gandhi,
... Using this research paper researcher can examine how web application firewall is better technique for preventing web application vulnerability. This approach allows us to secure our ...
Tópico(s): Advanced Malware Detection Techniques
2013 - | International journal of advanced research in computer science and electronics engineering
Dennis Appelt, Nadia Alshahwan, Lionel Briand,
... examines the effects and potential benefits of utilising Web Application Firewalls (WAFs) and database proxies in SQL injection testing of web applications and services. We propose testing the WAF itself ...
Tópico(s): Security and Verification in Computing
2014 - Springer Science+Business Media | Lecture notes in computer science
... products on the information security market - web application firewalls. Web applications are a very widely-used and convenient way ... class of information security solutions has been created. Web application firewalls function at the highest, seventh layer of the ... decent levels of traffic monitoring and intrusion prevention, web application firewalls are equipped with various mechanisms of data exchange ... has its own security policy and, therefore, the web application firewall should provide security engineers with ways to tweak ...
Tópico(s):
2015 - National Research University – Higher School of Economics | Business Informatics
Rashmi Welekar, Firdous Sadaf M. Ismail, Ayush Bhojwani, Shrenik Mehar, Prathamesh Tidke, Priyanshi Bopche,
Tópico(s): Network Security and Intrusion Detection
2024 - American Institute of Physics | AIP conference proceedings
Robinson Robinson, Memen Akbar, Muhammad Arif Fadhly Ridha,
Web Application or website are widely used to provide functionality that allows companies to build and maintain relationships with their customers. The Information stored by web applications is often confidential and, if obtained by malicious attackers. Its exposure could result in substantial losses for both consumers and companies. SQL Injection and Cross Site Scripting are attacks that aiming web application database vulnerabilities. Its can allow malicious attackers to manipulate web server ...
Tópico(s): Advanced Malware Detection Techniques
2018 - State Polytechnics of Andalas | JOIV International Journal on Informatics Visualization
Emmanuel Tuyishime, Titus Bălan, Petru Adrian Cotfas, Daniel Tudor Cotfas, Alexandre Rekeraho,
... and an application gateway that functions as a web application firewall (WAF). This WAF scans incoming Internet traffic and provides centralized protection against common exploits and vulnerabilities, securing web applications within the cloud environment. We deployed the SIEM ...
Tópico(s): Security and Verification in Computing
2023 - Multidisciplinary Digital Publishing Institute | Applied Sciences
Zhenqing Qu, Xiang Ling, Ting Wang, Xiang Chen, Shouling Ji, Chunming Wu,
... first defensive layer that attacks would hit, the web application firewall (WAF) plays an indispensable role in defending against malicious web attacks like SQL injection (SQLi). With the development ...
Tópico(s): Advanced Malware Detection Techniques
2024 - Institute of Electrical and Electronics Engineers | IEEE Transactions on Information Forensics and Security