Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks

Yi Han, Akihiro Sakai, Yoshiaki Hori, Kouichi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

1 被引用数 (Scopus)

抄録

Nowadays, with over 70% of attacks carried out over the web application level, organizations need all the help they can get in making their system secure. Web Application Firewalls (WAFs) are among the tools that are commonly used for the prevention of Web attacks. However, the WAFs provide very little protection on their own. In order to become useful, they must be configured with rules. Unfortunately, the rule configuration process is not easy and error-prone, thus the quality of protection(QoP) of WAFs is still behind our expectations. In this paper, we investigate the current WAFs and point out some of their problems regarding about the poor QoP. We then analyze the origins of these problems and propose two decision modules, the attack-decision module and priority-decision module based on a proposed simplified taxonomy of web attacks which are helpful for improving the QoP of WAFs. Finally, we conclude our work and show future interests to extend our modules to IDS systems.

本文言語英語
ホスト出版物のタイトルAdvances in Information Security and Its Application
ホスト出版物のサブタイトルThird International Conference, ISA 2009, Proceedings
編集者Jong Hyuk Park, Justin Zhan, Changhoon Lee, Guilin Wang, Tai-hoon Kim, Sang-Soo Yeo
ページ105-110
ページ数6
DOI
出版ステータス出版済み - 7 13 2009

出版物シリーズ

名前Communications in Computer and Information Science
36
ISSN(印刷版)1865-0929

All Science Journal Classification (ASJC) codes

  • コンピュータ サイエンス(全般)
  • 数学 (全般)

フィンガープリント

「Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル