Dynamic Web Application Firewall detection supported by Cyber Mimic Defense approach

被引:10
|
作者
Sepczuk, Mariusz [1 ]
机构
[1] Warsaw Univ Technol, Fac Elect & Informat Technol, Warsaw, Poland
关键词
Web Application Firewall; Mimic defense; DHR; Dynamic security; Web application security;
D O I
10.1016/j.jnca.2023.103596
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
With the increase of publicly available applications on the Internet, the number of new vulnerabilities increases. The currently used security methods are static and predictable and therefore have problems detecting unknown vulnerabilities. This issue creates an advantage for attackers - more attacks are carried out successfully than existing countermeasures that protect against them. It can especially be seen when considering the protection provided by Web Application Firewalls (WAF). Namely, it is often enough to obfuscate an attacker's payload to bypass security mechanisms successfully. Of course, many approaches are used to improve the protection provided by WAF, but this is associated with many problems, and a high level of security is expected almost from the moment such a device is deployed. One such approach may be the use of mimic defense, which is a proactive method of detecting unknown attacks. This paper presents the results of experiments in the network with web servers secured by WAF with additional protection provided by the mimic defense idea. The conducted research shows that the usage of mimic defense increases the number of detected and blocked attack attempts. It also introduces the unpredictability that an attacker has to confront when trying to carry out an attack. Moreover, the proposed concept allows for creating new temporary rules that supply the WAF while increasing the chances of detecting previously undiscovered attacks.
引用
收藏
页数:17
相关论文
共 43 条
  • [31] Performance Anomaly Detection in Web Services: An RNN-Based Approach Using Dynamic Quality of Service Features
    Hasnain, Muhammad
    Jeong, Seung Ryul
    Pasha, Muhammad Fermi
    Ghani, Imran
    CMC-COMPUTERS MATERIALS & CONTINUA, 2020, 64 (02): : 729 - 752
  • [32] Performance anomaly detection in web services: An RNN-based approach using dynamic quality of service features
    Hasnain M.
    Jeong S.R.
    Pasha M.F.
    Ghani I.
    Computers, Materials and Continua, 2020, 64 (02): : 729 - 752
  • [33] A stacked deep learning approach to cyber-attacks detection in industrial systems: application to power system and gas pipeline systems
    Wu Wang
    Fouzi Harrou
    Benamar Bouyeddou
    Sidi-Mohammed Senouci
    Ying Sun
    Cluster Computing, 2022, 25 : 561 - 578
  • [34] A stacked deep learning approach to cyber-attacks detection in industrial systems: application to power system and gas pipeline systems
    Wang, Wu
    Harrou, Fouzi
    Bouyeddou, Benamar
    Senouci, Sidi-Mohammed
    Sun, Ying
    CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2022, 25 (01): : 561 - 578
  • [35] Dynamic bayesian approach to gross error detection and compensation with application toward an oil sands process
    Gonzalez, Ruben
    Huang, Biao
    Xu, Fangwei
    Espejo, Aris
    CHEMICAL ENGINEERING SCIENCE, 2012, 67 (01) : 44 - 56
  • [36] Unraveling the Deception of Web3 Phishing Scams: Dynamic Multiperspective Cascade Graph Approach for Ethereum Phishing Detection
    Zhang, Lejun
    Zhang, Xucan
    Xiao, Siyi
    Li, Zexin
    Su, Shen
    Qiu, Jing
    Tian, Zhihong
    IEEE TRANSACTIONS ON COMPUTATIONAL SOCIAL SYSTEMS, 2024,
  • [37] Online change-point detection: a weighted sum approach with constraint and application to dynamic network observation
    Qiao, Lei
    Han, Dong
    COMMUNICATIONS IN STATISTICS-SIMULATION AND COMPUTATION, 2024, 53 (10) : 4621 - 4635
  • [38] Temporal window system: A new approach for dynamic detection - Application to surface acoustic wave gas sensors
    Bordieu, C
    Rebiere, D
    Pistre, J
    Planade, R
    SENSORS AND ACTUATORS B-CHEMICAL, 1996, 35 (1-3) : 52 - 59
  • [39] Temporal window system: A new approach for dynamic detection - application to surface acoustic wave gas sensors
    Bordieu, Christophe
    Rebiere, Dominique
    Pistre, Jacques
    Planade, Roger
    Sensors and Actuators, B: Chemical, 1996, B35 (1 -3 pt 1) : 52 - 59
  • [40] ML-based failure detection approach for predictive maintenance in an industry 4.0 oriented web manufacturing control application
    Smaoui, Sirine
    Baklouti, Mouna
    2024 IEEE 7TH INTERNATIONAL CONFERENCE ON ADVANCED TECHNOLOGIES, SIGNAL AND IMAGE PROCESSING, ATSIP 2024, 2024, : 426 - 431