Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks

Yi Han, Akihiro Sakai, Yoshiaki Hori, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Nowadays, with over 70% of attacks carried out over the web application level, organizations need all the help they can get in making their system secure. Web Application Firewalls (WAFs) are among the tools that are commonly used for the prevention of Web attacks. However, the WAFs provide very little protection on their own. In order to become useful, they must be configured with rules. Unfortunately, the rule configuration process is not easy and error-prone, thus the quality of protection(QoP) of WAFs is still behind our expectations. In this paper, we investigate the current WAFs and point out some of their problems regarding about the poor QoP. We then analyze the origins of these problems and propose two decision modules, the attack-decision module and priority-decision module based on a proposed simplified taxonomy of web attacks which are helpful for improving the QoP of WAFs. Finally, we conclude our work and show future interests to extend our modules to IDS systems.

Original languageEnglish
Title of host publicationAdvances in Information Security and Its Application
Subtitle of host publicationThird International Conference, ISA 2009, Proceedings
EditorsJong Hyuk Park, Justin Zhan, Changhoon Lee, Guilin Wang, Tai-hoon Kim, Sang-Soo Yeo
Pages105-110
Number of pages6
DOIs
Publication statusPublished - Jul 13 2009

Publication series

NameCommunications in Computer and Information Science
Volume36
ISSN (Print)1865-0929

Fingerprint

Firewall
Taxonomies
Taxonomy
Web Application
Attack
Module
Configuration

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Mathematics(all)

Cite this

Han, Y., Sakai, A., Hori, Y., & Sakurai, K. (2009). Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks. In J. H. Park, J. Zhan, C. Lee, G. Wang, T. Kim, & S-S. Yeo (Eds.), Advances in Information Security and Its Application: Third International Conference, ISA 2009, Proceedings (pp. 105-110). (Communications in Computer and Information Science; Vol. 36). https://doi.org/10.1007/978-3-642-02633-1_14

Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks. / Han, Yi; Sakai, Akihiro; Hori, Yoshiaki; Sakurai, Kouichi.

Advances in Information Security and Its Application: Third International Conference, ISA 2009, Proceedings. ed. / Jong Hyuk Park; Justin Zhan; Changhoon Lee; Guilin Wang; Tai-hoon Kim; Sang-Soo Yeo. 2009. p. 105-110 (Communications in Computer and Information Science; Vol. 36).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Han, Y, Sakai, A, Hori, Y & Sakurai, K 2009, Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks. in JH Park, J Zhan, C Lee, G Wang, T Kim & S-S Yeo (eds), Advances in Information Security and Its Application: Third International Conference, ISA 2009, Proceedings. Communications in Computer and Information Science, vol. 36, pp. 105-110. https://doi.org/10.1007/978-3-642-02633-1_14
Han Y, Sakai A, Hori Y, Sakurai K. Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks. In Park JH, Zhan J, Lee C, Wang G, Kim T, Yeo S-S, editors, Advances in Information Security and Its Application: Third International Conference, ISA 2009, Proceedings. 2009. p. 105-110. (Communications in Computer and Information Science). https://doi.org/10.1007/978-3-642-02633-1_14
Han, Yi ; Sakai, Akihiro ; Hori, Yoshiaki ; Sakurai, Kouichi. / Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks. Advances in Information Security and Its Application: Third International Conference, ISA 2009, Proceedings. editor / Jong Hyuk Park ; Justin Zhan ; Changhoon Lee ; Guilin Wang ; Tai-hoon Kim ; Sang-Soo Yeo. 2009. pp. 105-110 (Communications in Computer and Information Science).
@inproceedings{3ee9e12e4d2b4a53887069e91bf2bee5,
title = "Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks",
abstract = "Nowadays, with over 70{\%} of attacks carried out over the web application level, organizations need all the help they can get in making their system secure. Web Application Firewalls (WAFs) are among the tools that are commonly used for the prevention of Web attacks. However, the WAFs provide very little protection on their own. In order to become useful, they must be configured with rules. Unfortunately, the rule configuration process is not easy and error-prone, thus the quality of protection(QoP) of WAFs is still behind our expectations. In this paper, we investigate the current WAFs and point out some of their problems regarding about the poor QoP. We then analyze the origins of these problems and propose two decision modules, the attack-decision module and priority-decision module based on a proposed simplified taxonomy of web attacks which are helpful for improving the QoP of WAFs. Finally, we conclude our work and show future interests to extend our modules to IDS systems.",
author = "Yi Han and Akihiro Sakai and Yoshiaki Hori and Kouichi Sakurai",
year = "2009",
month = "7",
day = "13",
doi = "10.1007/978-3-642-02633-1_14",
language = "English",
isbn = "9783642026324",
series = "Communications in Computer and Information Science",
pages = "105--110",
editor = "Park, {Jong Hyuk} and Justin Zhan and Changhoon Lee and Guilin Wang and Tai-hoon Kim and Sang-Soo Yeo",
booktitle = "Advances in Information Security and Its Application",

}

TY - GEN

T1 - Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks

AU - Han, Yi

AU - Sakai, Akihiro

AU - Hori, Yoshiaki

AU - Sakurai, Kouichi

PY - 2009/7/13

Y1 - 2009/7/13

N2 - Nowadays, with over 70% of attacks carried out over the web application level, organizations need all the help they can get in making their system secure. Web Application Firewalls (WAFs) are among the tools that are commonly used for the prevention of Web attacks. However, the WAFs provide very little protection on their own. In order to become useful, they must be configured with rules. Unfortunately, the rule configuration process is not easy and error-prone, thus the quality of protection(QoP) of WAFs is still behind our expectations. In this paper, we investigate the current WAFs and point out some of their problems regarding about the poor QoP. We then analyze the origins of these problems and propose two decision modules, the attack-decision module and priority-decision module based on a proposed simplified taxonomy of web attacks which are helpful for improving the QoP of WAFs. Finally, we conclude our work and show future interests to extend our modules to IDS systems.

AB - Nowadays, with over 70% of attacks carried out over the web application level, organizations need all the help they can get in making their system secure. Web Application Firewalls (WAFs) are among the tools that are commonly used for the prevention of Web attacks. However, the WAFs provide very little protection on their own. In order to become useful, they must be configured with rules. Unfortunately, the rule configuration process is not easy and error-prone, thus the quality of protection(QoP) of WAFs is still behind our expectations. In this paper, we investigate the current WAFs and point out some of their problems regarding about the poor QoP. We then analyze the origins of these problems and propose two decision modules, the attack-decision module and priority-decision module based on a proposed simplified taxonomy of web attacks which are helpful for improving the QoP of WAFs. Finally, we conclude our work and show future interests to extend our modules to IDS systems.

UR - http://www.scopus.com/inward/record.url?scp=67649958689&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=67649958689&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-02633-1_14

DO - 10.1007/978-3-642-02633-1_14

M3 - Conference contribution

AN - SCOPUS:67649958689

SN - 9783642026324

T3 - Communications in Computer and Information Science

SP - 105

EP - 110

BT - Advances in Information Security and Its Application

A2 - Park, Jong Hyuk

A2 - Zhan, Justin

A2 - Lee, Changhoon

A2 - Wang, Guilin

A2 - Kim, Tai-hoon

A2 - Yeo, Sang-Soo

ER -