TY - GEN
T1 - Improving Web Application Firewalls through Anomaly Detection
AU - Betarte, Gustavo
AU - Gimenez, Eduardo
AU - Martinez, Rodrigo
AU - Pardo, Alvaro
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/7/2
Y1 - 2018/7/2
N2 - Web applications are permanently being exposed to attacks that exploit their vulnerabilities. In this work we investigate the application of machine learning techniques to leverage Web Application Firewalls (WAF)s, a technology that is used to detect and prevent attacks. We put forward an approach of complementary machine learning models, based on one-class classification and n-gram analysis, to enhance the detection and accuracy capabilities of MODSECURITY, an open source and widely used WAF. The results are promising and outperform MODSECURITY when configured with the OWASP Core Rule Set, the baseline configuration setting of a widely deployed, rule-based WAF technology.
AB - Web applications are permanently being exposed to attacks that exploit their vulnerabilities. In this work we investigate the application of machine learning techniques to leverage Web Application Firewalls (WAF)s, a technology that is used to detect and prevent attacks. We put forward an approach of complementary machine learning models, based on one-class classification and n-gram analysis, to enhance the detection and accuracy capabilities of MODSECURITY, an open source and widely used WAF. The results are promising and outperform MODSECURITY when configured with the OWASP Core Rule Set, the baseline configuration setting of a widely deployed, rule-based WAF technology.
KW - Anomaly Detection
KW - Machine Learning
KW - N-gram Analysis
KW - One-class Classification
KW - Web Application Firewalls
UR - http://www.scopus.com/inward/record.url?scp=85062209887&partnerID=8YFLogxK
U2 - 10.1109/ICMLA.2018.00124
DO - 10.1109/ICMLA.2018.00124
M3 - Contribución a la conferencia
AN - SCOPUS:85062209887
T3 - Proceedings - 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018
SP - 779
EP - 784
BT - Proceedings - 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018
A2 - Wani, M. Arif
A2 - Kantardzic, Mehmed
A2 - Sayed-Mouchaweh, Moamar
A2 - Gama, Joao
A2 - Lughofer, Edwin
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018
Y2 - 17 December 2018 through 20 December 2018
ER -