Improving Web Application Firewalls through Anomaly Detection

Gustavo Betarte, Eduardo Gimenez, Rodrigo Martinez, Alvaro Pardo

Producción científica: Capítulo del libro/informe/acta de congresoContribución a la conferenciarevisión exhaustiva

23 Citas (Scopus)

Resumen

Web applications are permanently being exposed to attacks that exploit their vulnerabilities. In this work we investigate the application of machine learning techniques to leverage Web Application Firewalls (WAF)s, a technology that is used to detect and prevent attacks. We put forward an approach of complementary machine learning models, based on one-class classification and n-gram analysis, to enhance the detection and accuracy capabilities of MODSECURITY, an open source and widely used WAF. The results are promising and outperform MODSECURITY when configured with the OWASP Core Rule Set, the baseline configuration setting of a widely deployed, rule-based WAF technology.

Idioma originalInglés
Título de la publicación alojadaProceedings - 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018
EditoresM. Arif Wani, Mehmed Kantardzic, Moamar Sayed-Mouchaweh, Joao Gama, Edwin Lughofer
EditorialInstitute of Electrical and Electronics Engineers Inc.
Páginas779-784
Número de páginas6
ISBN (versión digital)9781538668047
DOI
EstadoPublicada - 2 jul. 2018
Evento17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018 - Orlando
Duración: 17 dic. 201820 dic. 2018

Serie de la publicación

NombreProceedings - 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018

Conferencia

Conferencia17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018
País/TerritorioUnited States
CiudadOrlando
Período17/12/1820/12/18

Huella

Profundice en los temas de investigación de 'Improving Web Application Firewalls through Anomaly Detection'. En conjunto forman una huella única.

Citar esto