Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks

Yi Han, Akihiro Sakai, Yoshiaki Hori, Kouichi Sakurai

研究成果: 書籍/レポート タイプへの寄稿会議への寄与

1 被引用数 (Scopus)


Nowadays, with over 70% of attacks carried out over the web application level, organizations need all the help they can get in making their system secure. Web Application Firewalls (WAFs) are among the tools that are commonly used for the prevention of Web attacks. However, the WAFs provide very little protection on their own. In order to become useful, they must be configured with rules. Unfortunately, the rule configuration process is not easy and error-prone, thus the quality of protection(QoP) of WAFs is still behind our expectations. In this paper, we investigate the current WAFs and point out some of their problems regarding about the poor QoP. We then analyze the origins of these problems and propose two decision modules, the attack-decision module and priority-decision module based on a proposed simplified taxonomy of web attacks which are helpful for improving the QoP of WAFs. Finally, we conclude our work and show future interests to extend our modules to IDS systems.

ホスト出版物のタイトルAdvances in Information Security and Its Application
ホスト出版物のサブタイトルThird International Conference, ISA 2009, Proceedings
編集者Jong Hyuk Park, Justin Zhan, Changhoon Lee, Guilin Wang, Tai-hoon Kim, Sang-Soo Yeo
出版ステータス出版済み - 7月 13 2009


名前Communications in Computer and Information Science

!!!All Science Journal Classification (ASJC) codes

  • コンピュータ サイエンス(全般)
  • 数学 (全般)


「Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。