To see the other types of publications on this topic, follow the link: Web Application Firewall (WAFW).
Journal articles on the topic 'Web Application Firewall (WAFW)'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Web Application Firewall (WAFW).'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Dr., A.SHAJI GEORGE, and GEORGE A.S.HOVAN. "A Brief Study on The Evolution of Next Generation Firewall and Web Application Firewall." IJARCCE:International Journal of Advanced Research in Computer and Communication Engineering 10, no. 5 (2021): 31–37. https://doi.org/10.5281/zenodo.7027397.
Full textAbstract:
The rapid development of Information Technology (IT) has altered the appearance of the network perimeter. Data is all around, with users who access it from around the world and from all types of devices. At the same moment, Information Technology (IT) teams are implementing analytics, cloud, as well as automation to quicken the delivery of innovative applications and drive business development. These essential changes have created a threat environment that reveals weaknesses in legacy security technologies, for example, the port-based network security, as well as the different tools and technologies which are not natively incorporated. This concern has driven many enterprises to look for more sophisticated capabilities to improve their cybersecurity. Traditionally, a normal firewall follows preset Web protocols. It does not have the capability to differentiate between different types of Web traffic. This restriction forces the system in order to only permit or prohibit traffic, depending upon a specific set of built-in standards. Therefore, the protection it offers for particular protocols, ports, and IP addresses is no longer sufficient. Businesses need tougher security that is not tied down to preset settings. Modern-day firewalls need more advanced rules to control website access as well as app usage inside the enterprise networks thus the advancement of next-generation firewalls (NGFWs) and Web Application Firewall (WAFW). The main objective of this research paper is to analyze the evolution of next-generation firewalls (NGFWs) and Web Application Firewalls (WAFW) and their characteristics. Also, what it is going to take to safeguard the enterprise's environment for the foreseeable future.
2
A. Zaki, Aya, and Saja J. Mohammed. "Artificial Intelligence for Web Application Firewall (WAF): A Comprehensive Review." International Research Journal of Innovations in Engineering and Technology 08, no. 11 (2024): 219–24. https://doi.org/10.47001/irjiet/2024.811027.
Full textAbstract:
The increasing prevalence of cyberattacks that bypass traditional defenses necessitates prioritizing web application security .So, that create an urgent need to use “firewalls”, especially with web applications. The paper submitted a summary of the search and analysis of the scientific literature on web applications, in addition to the studies that have been suggested model for a “web application firewall (WAF)” that employed features engineering and machine learning to identify frequent online threats. The existing research examined WAFs and test their effectiveness in identifying fraudulent requests using "machine learning algorithms" like "Naive Bayes", "k-Nearest Neighbors", "Support Vector Machines", and linear regression. The studies integration of AI algorithms with existing WAF has shown achieved accuracy rates ranging from 92% to 99% to be highly effective in mitigating attacks.
3
Rizal, Randi, and Yusuf Sumaryana. "Peningkatan Keamanan Aplikasi Web Menggunakan Web Application Firewall (WAF) Pada Sistem Informasi Manajemen Kampus Terintegrasi." Jurnal ICT : Information Communication & Technology 20, no. 2 (2021): 323–30. http://dx.doi.org/10.36054/jict-ikmi.v20i2.416.
Full textAbstract:
Increasing the security of web applications on the integrated campus management information system needs to be done because the application is accessed by public networks so that there are many attacks and attempts to prevent threats from attackers. This study applies a Web Application Firewall (WAF)-based application security using ModeSecurity and Core Rules Set from Owasp which aims to improve the security system of the web application by using a firewall. This study uses an experimental method by implementing a Web Application Firewall (WAF) as a web-based protection system, then the process of analysis and testing to obtain accurate advice on firewall implementation. The results of this study indicate that the firewall used with Web Application Firewall (WAF)-based ModeSecurity has succeeded in stopping attacks from attackers using Cross Site Scripting (XSS) and SQL Injection methods.
4
Riska, Riska, and Hendri Alamsyah. "Penerapan Sistem Keamanan Web Menggunakan Metode Web Aplication Firewall." JURNAL AMPLIFIER : JURNAL ILMIAH BIDANG TEKNIK ELEKTRO DAN KOMPUTER 11, no. 1 (2021): 37–42. http://dx.doi.org/10.33369/jamplifier.v11i1.16683.
Full textAbstract:
The application of a security system on the web needs to be done considering that the web itself can be accessed through a public network. In this study, a Web Application Firewall (WAF)-based security system will be implemented using modsecurity, in which the purpose of implementing this web security system is to understand the concept of a security system on the web and pay attention to the results before the application of the firewall and after the application of the firewall on the web. This research uses experimental research methods, in this study the implementation of a web application firewall (WAF) using modsecurity as a web security system is carried out, then an analysis is carried out to get the right recommendations for a firewall as a web security system. The results of this study indicate that a firewall using the modSecurity module and rule based on the Web Application Firewall (WAF) on a web security system can block SQL Injection, Cross Site Scripting (XSS), and Command Execution by displaying an error message to the user who performs the command.
5
Alotaibi, Fahad M., and Vassilios G. Vassilakis. "Toward an SDN-Based Web Application Firewall: Defending against SQL Injection Attacks." Future Internet 15, no. 5 (2023): 170. http://dx.doi.org/10.3390/fi15050170.
Full textAbstract:
Web attacks pose a significant threat to enterprises, as attackers often target web applications first. Various solutions have been proposed to mitigate and reduce the severity of these threats, such as web application firewalls (WAFs). On the other hand, software-defined networking (SDN) technology has significantly improved network management and operation by providing centralized control for network administrators. In this work, we investigated the possibility of using SDN to implement a firewall capable of detecting and blocking web attacks. As a proof of concept, we designed and implemented a WAF to detect a known web attack, specifically SQL injection. Our design utilized two detection methods: signatures and regular expressions. The experimental results demonstrate that the SDN controller can successfully function as a WAF and detect SQL injection attacks. Furthermore, we implemented and compared ModSecurity, a traditional WAF, with our proposed SDN-based WAF. The results reveal that our system is more efficient in terms of TCP ACK latency, while ModSecurity exhibits a slightly lower overhead on the controller.
6
Surekha, M., K. Kiran Kumar, M. V.S.Prasanth, and P. S.G.Aruna Sri. "Web application firewall using XSS." International Journal of Engineering & Technology 7, no. 2.7 (2018): 941. http://dx.doi.org/10.14419/ijet.v7i2.7.11429.
Full textAbstract:
Web Applications security has turned out to be logically more essential nowadays. Tremendous quantities of assaults are being sent on the web application layer. Because of emotional increment in Web applications, security gets helpless against assortment of dangers. The ma-jority of these assaults are focused towards the web application layer and system firewall alone can't keep these sorts of assaults. The essen-tial explanation for achievement of these assaults is the numbness of utilization designers while composing the web applications and the vulnerabilities in the current advancements. Web application assaults are the most recent pattern and programmers are attempting to abuse the web application utilizing diverse strategies. Different arrangements are accessible as open source and in business showcase. Be that as it may, the choice of appropriate answer for the security of the authoritative frameworks is a noteworthy issue. This overview paper looked at the Web Application Firewall (WAF) arrangements with critical highlights essential for the security at application layer. Basic examination on WAF arrangements is useful for the clients to choose the most appropriate answer for their surroundings.
7
Rizqi, Muhamad Fahrizal, Rohmat Tulloh, and Nazel Djibran. "Implementasi Web Application Firewall untuk Melindungi Aplikasi Web dari Serangan Malware." Jurnal Informatika Universitas Pamulang 8, no. 2 (2023): 341–48. http://dx.doi.org/10.32493/informatika.v8i2.33691.
Full textAbstract:
At this time Internet services have become a necessity no longer to provide information services, but have become important so there are many cases of websites being hacked by attackers, for that network security is very important to avoid theft of important data Security in a web application is a important aspect to have. Securing a web application can be done by installing a firewall that is connected directly to the server network. Security for a web application usually uses a web application firewall installed on a web server. To overcome a security problem in Web Applications and minimize losses caused by SQL Injection and XSS attacks, we need a way to overcome these attacks. Several security measures have been used, such as the use of fortiweb to set the traffic destination for a web application. In this study, we will use a Web Application Firewall (WAF) device. Because it can protect Web applications from existing malware attacks and zero day malware. This final project will implement a Web Application Firewall (WAF). By way of device configuration and will use DVWA for malware testing. The technology that will be used to monitor malware logs will use VMware. From the results of testing a web application firewall, it is hoped that it can implement and prevent various malware attacks that attack web applications and can monitor the logs of an attacking malware.
8
Annas, Muhammad, Rizal Tjut Adek, and Yesy Afrillia. "Web Application Firewall (WAF) Design to Detect and Anticipate Hacking in Web-Based Applications." Journal of Advanced Computer Knowledge and Algorithms 1, no. 3 (2024): 52. http://dx.doi.org/10.29103/jacka.v1i3.16315.
Full textAbstract:
Data leakage cases have recently been rampant in Indonesia. One of the biggest is the leak of user data from BPJS Health in 2021, this data leak is certainly very detrimental to users. This research develops a Web Application Firewall (WAF) using ModSecurity and OWASP Core Rule Set to protect web applications from SQL Injection and XSS attacks. The methodology involves analyzing the functionality of the existing system using UML, with DVWA and WordPress as test objects. Results showed 100% SQL Injection and 99.8% XSS attack detection, with logs recording attacks in real-time. The findings emphasize the importance of WAF integration with web application built-in security, making significant contributions in the design and implementation of resilient WAFs, as well as improving resilience against evolving cyber threats.
9
ALQAHTANI, ABDULLAH HAMAD. "Web Intrusion Detection Systems Comparison: Techniques and usage." Journal of Computer and Information Technology 13, no. 1 (2022): 1–10. http://dx.doi.org/10.22147/jucit/130101.
Full textAbstract:
Web attacks are one of the most concern these days. Vulnerable applications require protection, which can be provided through web application firewalls (WAF) and web intrusion detection systems (WIDS). Some of them are signature based and some detect / protect through anomaly detection. Various commercial solutions have been offered by vendors like CISCO ACE application firewall, Barracuda application firewall etc. Open source community has also contributed some formidable solutions like ModSecurity, PHPIDS, Ironbee, WebKnight and Snort etc. No solution has yet proven to be the silver bullet and this area is still a subject of active research. Inability to detect any novel attack has been the common weakness and has lead to various techniques being proposed for identifying zero-day attacks. In this paper, we analyze various commercial and open source web application protection solutions and make comparative analyses of their strengths andweaknesses, identifying any areas that still need attention of the research community.
10
Mohammed, Mustafa Khan. "Developing Comprehensive Web Application Firewall (WAF) Policies for Multiple Environments, Enhancing Web Application Security." Journal of Scientific and Engineering Research 11, no. 4 (2024): 358–65. https://doi.org/10.5281/zenodo.13950690.
Full textAbstract:
Web servers are the engines that drive web applications. Web applications are the critical elements in an organization that need maximum security protection to secure workloads. Therefore, a web application firewall (WAF) is deployed to guard the web server from a plethora of attack vectors, including all the OWASP's top 10 common attacks. WAF focuses on the application layer, which is the seventh layer of the OSI (Open System Interconnection) model, due to the application layer's inherent features, which give the WAF a conducive environment in which to operate. The superiority of WAF in inspecting and blocking HTTP traffic depends on the configuration of comprehensive policy rules. Access controls are employed via Access Control Lists (ACLs) that contain rules or a group of rules that allow or deny the traffic from percolating into or out of the web server. The iptables userspace application is utilized; it queues the packets at the kernel layer and provides packet direction to pass through the WAF first before entering the webserver. At the kernel level, packets are inspected, and the decision-making process is performed; packets devoid of malicious intent are sent to the user level, whereby the webserver is operating, whereas the suspicious packets are blocked. The WAF can compare the ACL against the incoming HTTP packets from the traffic prior to reaching the webserver. The system administrator writes the policy rules and configures them via the test editor or text area space provided. The inbuilt algorithms from the WAF contain regular expressions that compare the packet payload by simply checking the pattern. The test results demonstrate the precision and accuracy of the Web Application Firewall in identifying and blocking various attacks, aligning with the OWASP top 10 web application attacks. The paper proposes the development of comprehensive web application firewall policies tailored for multiple environments, such as on-premise, cloud, and hybrid environments, ensuring powerful security across different deployment scenarios. This study aims to enhance the overall security landscape of web servers that host web applications.
11
Sime, Raif, Necmettin Sezgin, and Fikri Ağgün. "An Integrated Web Security Application: Integration Of Nginx Reverse Proxy, Fail2ban, Waf, Postgresql and Laravel." Balkan Journal of Electrical and Computer Engineering 13, no. 1 (2025): 106–11. https://doi.org/10.17694/bajece.1547456.
Full textAbstract:
Recently, the increase in network-connected devices and the ability to run every application over the web has made web application security an issue that needs to be seriously considered. Although firewall solutions are used to protect networked systems and users, it seems that they are insufficient to ensure application security, especially in today's conditions. In this context, WAF (Web Application Firewall) systems have been developed and continue to be developed, especially to ensure the security of web applications. While the firewall filters traffic at the network layer, which is a lower layer, WAF protects at the application layer closest to the user. Network administrators intensively use WAF applications and the systems they create with new technologies integrated into these applications in order to maximize security. In this study, the WAF application, which is used together with Laravel, File2ban and Postgresql, is discussed, which we compiled and ran to protect the corporate network we manage from attacks and application vulnerabilities. In addition, it is thought that this study will guide other researchers working in this field and aims to open doors to produce more effective solutions.
12
Deski Ari Sandi and Agus Tedyyana. "Implementasi dan Analisa Sistem Pencegahan Intrusi pada Aplikasi Web Menggunakan Web Application Firewall." Repeater : Publikasi Teknik Informatika dan Jaringan 2, no. 4 (2024): 16–26. http://dx.doi.org/10.62951/repeater.v2i4.196.
Full textAbstract:
In the era of information technology advancement, web applications have become a means of seeking information. However, with technological progress, they have become increasingly vulnerable to cyber attacks such as SQL Injection and Cross-Site Scripting (XSS). This research aims to implement the Teler-waf Web Application Firewall (WAF) to protect web applications from such attacks. The research methodology includes the implementation of the Teler-waf WAF, analysis of web application security, and testing the speed of attack detection. The results show that Teler-waf is effective in preventing attacks, and its integration with Telegram bots provides real-time notifications to system administrators, enhancing security responsiveness. This research contributes to strengthening web application security and understanding the role of the Teler-waf WAF in addressing cyber threats.
13
Sukmana, Sulaeman Hadi, Deri Saputra, Diah Puspitasari, Qudsiah Nur Azizah, Erma Delima Sikumbang, and Kresna Ramanda. "Analisis Web Performance Load Test Pada Situs Web PT Neptus Teknologi Indonesia Jakarta Setelah Menggunakan Cloud Web Application Firewall (WAF)." J-SAKTI (Jurnal Sains Komputer dan Informatika) 8, no. 1 (2024): 12. https://doi.org/10.30645/j-sakti.v8i1.762.
Full textAbstract:
Advances in information technology are increasing over time, the use of the internet has become a daily thing that is often done. All kinds of activities that take place every day some use an internet connection for the process. PT Neptus Teknologi Indonesia currently needs protection for the company's website to improve performance and avoid hacker attacks. Website security protection using Cloud Web Application Firewall (WAF) at PT Neptus Teknologi Indonesia is used to improve website performance which is not currently implemented. Currently, the performance of the company's website still gets insufficient marks in the criteria for a good website in testing using Pingdom Tools and GTMetrix and is not yet protected for security. The stages carried out start from making observations, preparing tools and materials, determining testing tools, installing and configuring the Cloud Web Application Firewall WAF and carrying out testing and data analysis. The results of the analysis that has been carried out show that the use of Cloud Web Application Firewall (WAF) for the performance of the neptus.co.id website is very beneficial because implementing cloud WAF can change the performance load and prevent attacks from hackers
14
Cárdenas Rosero, Gabriela Elizabeth, Cathy Pamela Guevara Vega, and Pablo Landeta-López. "Website Protection: An Evaluation of the Web Application Firewall." Data and Metadata 4 (February 13, 2025): 190. https://doi.org/10.56294/dm2025190.
Full textAbstract:
Introduction: In recent years, a significant increase in attacks targeting web applications has been observed. These attacks compromise application integrity, disrupt services, and have devastating consequences regarding data loss, reputational damage, and financial costs. Objective: The objective was to evaluate the effectiveness of the Web Application Firewall (WAF) using the OWASP methodology to detect and neutralize attacks on the Universidad Técnica del Norte’s web server. Results: The results were to categorize the main types of attacks detected by the WAF, analyze the most frequent attacks blocked by the firewall, and implement an additional layer of security on the web server. Conclusions: It was concluded that the WAF detects suspicious or potentially malicious activity in web traffic but fails to identify all cyber threats comprehensively. In addition, the WAF report, broken down each month with the number of frequent attack events identified as malicious, is a crucial tool for the web administrator.
15
Harini, K. "Enhancing Web Application Protection with ModSecurity and Reverse Proxy." International Journal for Research in Applied Science and Engineering Technology 13, no. 3 (2025): 1476–80. https://doi.org/10.22214/ijraset.2025.67528.
Full textAbstract:
As more individuals, businesses, and governments rely on web applications for communication and operations, the risk of cyber threats continues to grow. Traditional security measures, like network firewalls and intrusion detection systems, often fall short in protecting against sophisticated web-based attacks. This project focuses on strengthening web application security by integrating a web application firewall (WAF) using ModSecurity with a reverse proxy. Our system is designed to filter and monitor HTTP traffic, helping to prevent threats such as cross-site scripting (XSS), SQL injection. In addition, it features an intuitive logging interface, enhances security by detecting NoSQL injection attempts, and includes a real-time alerting system to notify administrators of potential threats. By providing proactive protection and real-time threat mitigation, this approach offers a more effective way to safeguard web applications against evolving cyber risks.
16
Yusup, Muhammad, Maisyaroh Maisyaroh, and Laila Septiana. "Securing Web Application by Embedded Firewall at Gytech Indosantara Mandiri Ltd." PIKSEL : Penelitian Ilmu Komputer Sistem Embedded and Logic 8, no. 1 (2020): 49–58. http://dx.doi.org/10.33558/piksel.v8i1.2019.
Full textAbstract:
Gytech Indosantara Mandiri Ltd. in the last few years experienced many Cybercrime attacks on the Web Server which caused many moral and material losses. Therefore, it is necessary to consider ways to fight and prevent attacks on the webserver. One way to fight and prevent attacks is to use the Attack Signatures method by using ModSecurity and fail2ban as a Web Application Firewall (WAF). ModSecurity is used to detect and prevent the occurrence of Cyber Crime in the Http and https services. Whereas Fail2ban is used to prevent Bruteforce attacks on ssh, FTP and telnet services. Modesecurity, which acts as a Web Application Firewall (WAF) will send logs to Fail2ban when exploits occur on the Web Server. Meanwhile, Fail2ban will block the Attacker's IP address so that both can be used as a Web Application Firewall or can be used as layer 7 network security.
17
Muttaqin, Rofif Zainul, and Dodi Sudiana. "Design of Realtime Web Application Firewall on Deep Learning-Based to Improve Web Application Security." Jurnal Penelitian Pendidikan IPA 10, no. 12 (2025): 11121–29. https://doi.org/10.29303/jppipa.v10i12.8346.
Full textAbstract:
Web applications are widely used nowadays, but comprises several vulnerabilities that are often used by attacker to exploit the system. There is web application firewall (WAF) that could mitigate these problem. WAF generally works based on pre-established rules. However, the weakness of this system is the evolving nature of attacks, and configuring rules on WAF requires in-depth knowledge related to existing applications. Artificial intelligence technology, both machine learning (ML) and deep learning (DL), shows good potential in recognizing types of attacks. In this research, a Real-time DL-based WAF was built to enhance security in web applications. Various ML and DL models were tested to perform the task of web attack detection, including Support Vector Machine (SVM), Random Forest (RF), Convolutional Neural Network (CNN), and Long Short-Term Memory (LSTM). Based on the test results, the CNN-LSTM model achieved the highest performance, namely an accuracy of 98.61%, precision of 99%, recall of 98.08%, and f1-score of 98.54%. From the testing results with a web vulnerability scanner, the performance of the DL-based WAF is not inferior to ModSecurity WAF, which is used as a comparison. From the analysis results, it can be concluded that the implementation of DL-based WAF can improve the security of web applications.
18
Thang, Nguyen Manh, and Tran Thi Luong. "Algorithm for detecting attacks on Web applications based on machine learning methods and attributes queries." Journal of Science and Technology on Information security 2, no. 14 (2022): 26–34. http://dx.doi.org/10.54654/isj.v2i14.118.
Full textAbstract:
Abstract—Almost developed applications tend to become as accessible as possible to the user on the Internet. Different applications often store their data in cyberspace for more effective work and entertainment, such as Google Docs, emails, cloud storage, maps, weather, news,... Attacks on Web resources most often occur at the application level, in the form of HTTP/HTTPS-requests to the site, where traditional firewalls have limited capabilities for analysis and detection attacks. To protect Web resources from attacks at the application level, there are special tools - Web Application Firewall (WAF). This article presents an anomaly detection algorithm, and how it works in the open-source web application firewall ModSecurity, which uses machine learning methods with 8 suggested features to detect attacks on web applications. Tóm tắt—Hầu hết các ứng dụng được phát triển có xu hướng trở nên dễ tiếp cận nhất có thể đối với người dùng qua Internet. Các ứng dụng khác nhau thường lưu trữ dữ liệu trên không gian mạng để làm việc và giải trí hiệu quả hơn, chẳng hạn như Google Docs, email, lưu trữ đám mây, bản đồ, thời tiết, tin tức,... Các cuộc tấn công vào tài nguyên Web thường xảy ra nhất ở tầng ứng dụng, dưới dạng các yêu cầu HTTP/HTTPS đến trang web, nơi tường lửa truyền thống có khả năng hạn chế trong việc phân tích và phát hiện các cuộc tấn công. Để bảo vệ tài nguyên Web khỏi các cuộc tấn công ở tầng ứng dụng, xuất hiện các công cụ đặc biệt - Tường lửa Ứng dụng Web (WAF). Bài viết này trình bày thuật toán phát hiện bất thường và cách thức hoạt động của tường lửa ứng dụng web mã nguồn mở ModSecurity khi sử dụng phương pháp học máy với 8 đặc trưng được đề xuất để phát hiện các cuộc tấn công vào các ứng dụng web.
19
Kurniawan, Azis, and Kalamullah Ramli. "EFFECTIVENESS OF SECURITY THROUGH OBSCURITY METHODS TO AVOID WEB APPLICATION VULNERABILITY SCANNERS." Jurnal Teknik Informatika (Jutif) 4, no. 6 (2023): 1479–86. http://dx.doi.org/10.52436/1.jutif.2023.4.6.778.
Full textAbstract:
The concept of security through obscurity is not recommended by the National Institute of Standards and Technology (NIST) as a form of system security. Basically this concept hides assets as difficult as possible so that it is not easy for attackers to find them, so that it can be used to avoid vulnerability scanner applications that are widely used by attackers to find out web system weaknesses. This research was conducted by modifying the web application firewall (WAF) and testing using the SQLMap and OWASP Zed Attack Proxy (ZAP) vulnerability scanner applications. The results of the study show that SQLMap takes up to 1238 times longer to complete a scan on a modified web application firewall than without modification, while OWASP ZAP cannot complete a scan on the same treatment. Thus the concept of security through obscurity can be applied to web security to extend vulnerability scanning time.
20
Akhmetov, B. S., and V. A. Lakhno. "Using WAF to protect the university’s internal services in the Zero Trust structure." Bulletin of the National Engineering Academy of the Republic of Kazakhstan 84, no. 2 (2022): 25–33. http://dx.doi.org/10.47533/2020.1606-146x.151.
Full textAbstract:
The article presents the results of a pilot study on the use of a Web Application Firewall (Web Application Firewall or WAF) to protect the internal services of the information educational environment of the university (IEEU). It is shown that this task is extremely important in the context of globalization of education. The use of WAF is performed in the Zero Trust structure. The system was tested in two stages. Firstly, tools were used to automate the search for web vulnerabilities (web vulnerability scanners) IEEU. At the second stage, manual testing of applications for vulnerabilities of SQL injection, cross-site scripting and Path Traversal attacks was carried out. It is shown that the results obtained make it possible to improve the protection of services in the university’s local networks, which is important for achieving the ultimate goal effective protection of end users and IEEU services in the context of globalization of education. It has been established that the use of WAF in systems with zero trust is a fairly common option for protecting services within organizations, including educational ones. It is shown that the use of open WAF solutions in the Zero Trust structure allows you to more flexibly and personally adjust protection to the appropriate needs of university services.
21
Innuddin, Muhammad, Pahrul Irfan, and Rifqi Hammad. "Meningkatkan Keamanan Web Server Nginx dengan NAXSI sebagai Web Application Firewall." Jurnal Aplikasi Teknologi Informasi dan Manajemen (JATIM) 4, no. 2 (2023): 148–56. http://dx.doi.org/10.31102/jatim.v4i2.2310.
Full textAbstract:
Teknologi informasi dari generasi sebelumnya hingga saat ini semakin cepat sehingga pemeliharaan dan peningkatan keamanan menjadi faktor penting yang harus diperhatikan dalammerancang dan membangun WebServer. Pemeliharaan layanan dengan menerapkan sistem keamanan sangat penting dilakukan untuk mencegah pihak yang tidak berwenang memperoleh informasi penting atau merusak sebuah sistem dengan berbagai jenis serangan berbahaya. Penerapan keamanan bertujuan untuk mencegah serangan yang dilakukan seperti mengubah tampilan website, pencurian password atau membuat WebServer tidak dapat bekerja secara normal. NAXSI merupakan WebApplicationFirewall (WAF) untuk mengatasi permasalahan keamanan pada WebServerNginx dengan melakukan logging pada aktivitas Web secara realtime untuk memantau lalu lintas HTTP. Jika terdapat permintaan berbahaya maka akan ditolak dan diarahkan ke halaman forbidden. Penelitian ini menggunakan metode NetworkDevelopmentLifeCycle (NDLC). Terdapat 5 skenario dilakukan dalam uji cobadiantaranya,InformationGathering menggunakan WhatWeb dan DirBuster, HTTPAttack, XSSAttack serta BruteForceLogin menggunakan WPScan. Pengujian performansi penanganan serangan pada WebServer menggunakan dua scenario yaitu sebelum diaktifkan dan setelah diaktifkan NAXSI. Kesimpulan dari penelitian ini adalah performa NAXSI sangat baik dalam melindungi WebServerNGINX dari berbagai jenis ancaman serangan berbahaya yang diuji karena NAXSI dapat mendeteksi dan mencegah adanya serangan dan dapat menstabilkan nilai CPUusage, penggunaan memori serta mampu menormalkan traffic jaringan.
22
Khabibah, Dea Ummul, Yana Nurrohman, Kenzi Dewandaru, Steven Jona Duari Huta Balian, and Aep Setiawan. "Strategi Mitigasi SQL Injection dengan Implementasi SQLMap dan Web Application Firewall." Journal of Technology and System Information 1, no. 4 (2024): 12. http://dx.doi.org/10.47134/jtsi.v1i4.2656.
Full textAbstract:
Kemajuan teknologi informasi, terutama internet, telah menjadikan internet sebagai media utama pertukaran informasi dan data di era digital. Aplikasi berbasis web menyediakan layanan global dengan akses luas bagi pengguna di seluruh dunia. Namun, kemajuan ini juga dimanfaatkan oleh penyerang untuk tujuan ilegal, seperti serangan SQL Injection. Penelitian ini menyoroti penggunaan teknologi Web Application Firewall (WAF) sebagai langkah proaktif dalam menguji dan meningkatkan ketahanan aplikasi terhadap serangan SQL Injection. Penelitian ini bertujuan mendalami mekanisme serangan SQL Injection, menerapkan teknik SQLMap untuk mengidentifikasi dan mengekstrak informasi sensitif dari basis data, serta memahami cara kerja SQLMap dalam memanfaatkan celah keamanan. Penelitian ini juga mengembangkan strategi mitigasi efektif untuk melindungi aplikasi web dari serangan SQL Injection. Dengan fokus pada langkah-langkah keamanan seperti WAF, penelitian ini tidak hanya meningkatkan kesadaran akan keamanan aplikasi web tetapi juga melindungi data sensitif dari ancaman serangan siber yang semakin kompleks. Implementasi SQLMap pada server Ubuntu menjadi bagian penting penelitian ini, menambah kompleksitas dalam pengujian keamanan aplikasi web dan menunjukkan relevansi teknologi open-source dalam konteks keamanan informasi.
23
Dawadi, Babu R., Bibek Adhikari, and Devesh K. Srivastava. "Deep Learning Technique-Enabled Web Application Firewall for the Detection of Web Attacks." Sensors 23, no. 4 (2023): 2073. http://dx.doi.org/10.3390/s23042073.
Full textAbstract:
New techniques and tactics are being used to gain unauthorized access to the web that harm, steal, and destroy information. Protecting the system from many threats such as DDoS, SQL injection, cross-site scripting, etc., is always a challenging issue. This research work makes a comparative analysis between normal HTTP traffic and attack traffic that identifies attack-indicating parameters and features. Different features of standard datasets ISCX, CISC, and CICDDoS were analyzed and attack and normal traffic were compared by taking different parameters into consideration. A layered architecture model for DDoS, XSS, and SQL injection attack detection was developed using a dataset collected from the simulation environment. In the long short-term memory (LSTM)-based layered architecture, the first layer was the DDoS detection model designed with an accuracy of 97.57% and the second was the XSS and SQL injection layer with an obtained accuracy of 89.34%. The higher rate of HTTP traffic was investigated first and filtered out, and then passed to the second layer. The web application firewall (WAF) adds an extra layer of security to the web application by providing application-level filtering that cannot be achieved by the traditional network firewall system.
24
Pratama, Krisna Dewa, and Nuril Anwar. "Impact Analysis of Web Application Firewall on Website-Based Application Security (Case Study PPDB Kak Seto School Website)." Mobile and Forensics 5, no. 1 (2023): 44–58. http://dx.doi.org/10.12928/mf.v5i1.8914.
Full textAbstract:
The swift advancement of web-based applications has posed security challenges. Insufficient security awareness among web developers has resulted in a surge of cybercrime incidents due to website vulnerabilities. To counter this, implementing a Web Application Firewall (WAF) is proposed for the vulnerable PPDB Sekolah Kak Seto website, aiming to mitigate threats in the public network. The WAF acts as a defense against potential cyber breaches. Employing an experimental approach, this research encompasses identification, observation, literature review, analysis of WAF system requirements, implementation, testing, and pre/post-implementation analysis using ModSecurity as the security system. The study analyzes the impact of WAF adoption and provides recommendations for enhancing security. Findings demonstrate WAF's effectiveness in fortifying the Kak Seto School web application by efficiently identifying and blocking potential attacks, thereby reducing breach success rates. Post-WAF implementation, Pingdom tests show a slight drop in Performance Grade (70 to 69) and a minor increase in Load Time (2.76 to 3.23 seconds). GTmetrix tests reveal a Grade downgrade from B to C and an increase in Largest Contentful Paint time (2.2 to 2.7 seconds). In conclusion, despite minor performance effects, WAF significantly enhances security, as evident in improved loading times during tests.
25
Sudha, T. Gnana, N. Snehalatha, and A. Komala. "Penetration Testing and Simulation for Vulnerability Assessment in Application Security." International Research Journal of Innovations in Engineering and Technology 09, Special Issue ICCIS (2025): 75–79. https://doi.org/10.47001/irjiet/2025.iccis-202511.
Full textAbstract:
Abstract - This project is a security framework that includes a backend server, a web application firewall (WAF), and a penetration testing tool to protect web applications and identify vulnerabilities. The backend server handles data requests and responses securely using Flask. The WAF acts as a protective layer, checking requests for threats like XSS and SQL Injection, blocking malicious traffic, and forwarding safe requests to the backend. The penetration testing tool scans ports, detects services, grabs banners, and checks for known vulnerabilities like BlueKeep and SMBv3 RCE. It also generates reports with security findings and recommendations. Together, these components secure the application by blocking threats, identifying risks, and providing actionable insights for improvement.
26
Вульфин, А. М. "Security analysis of a web application for accessing the critical data storage system." МОДЕЛИРОВАНИЕ, ОПТИМИЗАЦИЯ И ИНФОРМАЦИОННЫЕ ТЕХНОЛОГИИ 9, no. 4(35) (2021): 38–39. http://dx.doi.org/10.26102/2310-6018/2021.35.4.038.
Full textAbstract:
В работе рассматривается проблема обеспечения защищенного доступа с помощью веб-приложения к существующей базе данных, содержащей критически важную информацию о параметрах жизненного цикла сложных технических изделий. На основе анализа документа международной организации Web Application Security Consortium (WASC) «The WASC Threat Classification v2.0» выделены возможные атаки на веб-приложение, выступающее в качестве однонаправленной прослойки доступа к базе данных, эксплуатирующие потенциальные уязвимости (недостатки аутентификации, недостатки авторизации, атаки на стороне клиента, выполнение вредоносного кода на стороне сервера), разработан комплекс контрмер применительно к архитектуре веб-приложения. Разработана схема, описывающая контрмеры применительно к Model-View-Controller архитектуре web-приложения. Представлена диаграмма первого уровня декомпозиции функциональной модели работы веб-приложения. Для обеспечения безопасности на уровне сети модернизирована базовая архитектура сети предприятия с демилитаризованной зоной и соответствующей конфигурацией межсетевых экранов. Для оценки защищенности использованы внутренние метрики защищенности программного обеспечения, а также использована методика анализа рисков кибербезопасности на основе нечетких серых когнитивных карт, позволившая количественно оценить снижение относительно риска нарушения целостности накапливаемых данных в 3,5 раза. Рассмотрены четыре сценария воздействия злоумышленника: без использования дополнительных контрмер, применение архитектурной организации веб-приложения прослойки, учитывающего основные паттерны обеспечения кибербезопасности, применение Web-application Firewall (WAF), применение архитектурной организации приложения и WAF. The paper deals with the issue of providing secure access using a web application to an existing database containing critical information about the parameters of complex technical products life cycle. Based on the analysis of the document of the international organization Web Application Security Consortium (WASC) "The WASC Threat Classification v2.0", possible attacks on a web application, acting as a unidirectional layer of access to the database, exploiting potential vulnerabilities (authentication flaws, authorization flaws, client-side attacks, execution of malicious code on the server-side) have been highlighted and a set of countermeasures has been devised in relation to the architecture of a web application. A pattern has been developed that describes countermeasures concerning the Model-View-Controller architecture of a web application. The diagram of the first level of the web application functional model decomposition is presented. To ensure security at the network level, the basic architecture of the enterprise network with a demilitarized zone and the corresponding configuration of firewalls has been modernized. To assess the security, the internal metrics of software security were utilized, and the cybersecurity risk analysis method by means of fuzzy gray cognitive maps was applied which made it possible to quantitatively assess the reduction with regard to the risk of the accumulated data integrity violation by 3.5 times. Four scenarios of the attacker's impact are considered: without the use of additional countermeasures, the use of the web application layer architectural organization, which takes into account the main patterns of cybersecurity, the use of the Web-application Firewall (WAF), the use of the application architectural organization, and WAF.
27
Prasetio, Dimaz Arno, Ahmad Fauzi, Ema Utami, and Kusnawi. "Optimasi Pencarian Alamat IP Menggunakan Counting Bloom Filter Pada Web Application Firewall." Aisyah Journal Of Informatics and Electrical Engineering (A.J.I.E.E) 2, no. 2 (2020): 163–70. http://dx.doi.org/10.30604/jti.v2i2.44.
Full textAbstract:
Proses pencarian IP pada Web Application Firewall menjadi sebuah tantangan ketika database IP yang dikumpulkan mulai membesar. WAF harus dapat dengan cepat memberikan keputusan apakah sebuah IP masuk kedalam kategori buruk (blacklisted ip) atau tidak. Berdasarkan penelitian-penelitian sebelumnya algoritma bloom filter dapat dengan mengurangi waktu pencarian secara signifikan, namun hal itu tidak cukup karena bloom filter memiliki kelemahan pada struktur datanya yang tidak dapat dilakukan penghapusan, berdasarkan masalah tersebut kami mengajukan pemodelan baru pencarian IP pada WAF dengan menggunakan algoritma Counting Bloom Filter.
28
Hardianto, Hardianto. "Analisis Cyber Crime handling pada Aplikasi Web dengan WAF ModSecurity." PETIR 16, no. 1 (2023): 91–99. http://dx.doi.org/10.33322/petir.v16i1.1910.
Full textAbstract:
Pemanfaatan Teknologi terutama internet dalam kehidupan sehari-hari mengambil peranan sangat.Saat ini pengguna internet telah mencapai 5,07 miliar orang atau sekitar 63,45% dari total populasi dunia. Penggunaan internet paling banyak adalah aplikasi berbasis web sehingga aplikasi web menjadi sasaran serangan paling tinggi. Serangan terhadap aplikasi web semakin meningkat baik jumlah maupun intensitasnya. Menurut survei Acunetix sekitar 21% aplikasi web mempunyai resiko yang sangat tinggi dan lebih dari 63% mempunyai kerentanan tingkat menengah. Tulisan ini akan membahas Penerapan Web Application Firewall (WAF) pada web server sebagai salah satu solusi dalam penanganan cyber crime pada aplikasi web. WAF memiliki kemampuan untuk memfilter paket, memblokir lalu lintas HTTP dan juga logging. Aplikasi WAF yang akan digunakan adalah ModSecurity karena sifatnya yang open source namun stabil dan efektif. Hasil pengujian menunjukkan ModSecurity dapat menangkal serangan SQL Injection namun tidak terlalu membebani kinerja Web Server.
29
Widiyono, Nabila Apriliana, and Unan Yusmaniar Oktiawati. "Implementasi Web Application Firewall (WAF) pada Aplikasi Fishku Berbasis Google Cloud Armor." Journal of Internet and Software Engineering 5, no. 2 (2024): 75–85. http://dx.doi.org/10.22146/jise.v5i2.9980.
Full textAbstract:
Keamanan Aplikasi Website menjadi isu mendesak dalam era digital yang semakin kompleks. Penelitian ini bertujuan untuk menerapkan layanan keamanan Google Cloud Armor pada Google Cloud Platform dalam melindungi Aplikasi Website Fishku, khususnya terhadap 3 (tiga) jenis serangan Local File Inclusion (LFI), Vulnerability Scanner, dan Protocol Attack. Keamanan Aplikasi Website memiliki peran yang sangat penting mengingat meningkatnya serangan siber yang dapat mengancam integritas dan kerahasiaan data pengguna. Penelitian ini menggunakan Aplikasi Website "Fishku" sebagai subjek uji coba. Pengujian dilakukan sebelum dan setelah penerapan Google Cloud Armor, dengan menggunakan laptop sebagai alat dan sistem operasi Kali Linux yang telah dilakukan instalasi pada VirtualBox untuk menguji keberhasilan perlindungan yang diberikan. Selain itu, penelitian ini juga melibatkan konfigurasi Load Balancer dan pemanfaatan fitur Alerts untuk mendeteksi serangan potensial. Analisis data metric juga dilakukan untuk memantau kinerja sistem secara lebih komprehensif. Hasil penelitian menunjukkan bahwa Google Cloud Armor berhasil melindungi Aplikasi Website "Fishku" dari serangan tersebut dan mengungkapkan keberhasilan perlindungan dalam keamanan dan kinerja sistem. Dampak dari penelitian ini penting dalam konteks pengembangan Aplikasi Website yang aman, dengan Google Cloud Armor sebagai solusi yang layak dipertimbangkan. Dalam kesimpulannya, penelitian ini memberikan pandangan penting mengenai perlunya perlindungan pada Aplikasi Website dan memberikan pandangan bagaimana Google Cloud Armor dapat menjadi solusi dalam mengatasi ancaman siber. Implikasi lebih luas dari hasil penelitian ini dapat membentuk landasan untuk perkembangan keamanan Aplikasi Website di masa depan.
30
Laipaka, Robertus. "Menerapkan Teknik Firewall Aplikasi Web (WAF) Pada Aplikasi SINTEL Untuk Mengatasi Serangan Siber." Prosiding Seminar Nasional Inovasi dan Adopsi Teknologi (INOTEK) 4, no. 1 (2024): 1–10. http://dx.doi.org/10.35969/inotek.v4i1.407.
Full textAbstract:
Seiring dengan meningkatnya pertumbuhan aplikasi web, ancaman keamanan juga merupakan faktor utama yang perlu diperhatikan oleh pengembang aplikasi website. Pengembang web sudah menyadari bahwa salah satu kelemahan paling signifikan dari PHP adalah tidak adanya mekanisme penguatan keamanan default. Sehingga rentan terhadap serangan injeksi SQL, XSS, CSRF, malware, dan brute force. Penelitian ini bertujuan membangun aplikasi SINTEL yang aman sebagai upaya menjaga keakuratan informasi yang dimuat pada aplikasi tersebut. Web Application Firewall (WAF) diterapkan berbasis kode atau diintegrasikan langsung dalam aplikasi SINTEL. Dengan integrasi mendalam dalam aplikasi, pengembang dapat memastikan bahwa aplikasi terlindungi secara efektif dari berbagai ancaman keamanan, sambil tetap mempertahankan performa optimal dan kepatuhan terhadap regulasi. Setelah dilakukan melalui pengujian serangan injeksi SQL, XSS, CSRF, malware, dan brute force, aplikasi SINTEL mampu mengatasi serangan dengan baik. Kondisi ini membuktikan menerapkan WAF berbasis kode pada aplikasi web masih dianggap sangat efektif dalam mengatasi ancaman serangan siber.
31
Kasturi, Santanam, Xiaolong Li, John Pickard, and Peng Li. "Prioritization of Application Security Vulnerability Remediation Using Metrics, Correlation Analysis, and Threat Model." American Journal of Software Engineering and Applications 12, no. 1 (2024): 5–13. http://dx.doi.org/10.11648/j.ajsea.20241201.12.
Full textAbstract:
As part of a continuing research for evaluating threats posed for exposed attack surface, this study will provide a consolidated view of exploitability of vulnerable applications presenting a web attack surface of an organization exposed to an attacker. While testing and scanning technologies like Static Analysis Security Testing (SAST), Dynamic Analysis Security Testing (DAST), Application Ethical Hack (Penetration Testing), a monitoring technology like the Web Application Firewall (WAF) provides web traffic information of the number of transaction requests for every application under study. To ensure validity, reliability, and completeness of observation multiple applications must be observed. Research from a prior study is referenced that shows correlation between incoming WAF requests and existing vulnerabilities. Using correlation analysis, vulnerabilities metrics, and a threat model analysis help identify pathways to an attack. A vulnerability map-based attack tree can be developed using Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) information. The threat model analysis and vulnerability-based attack tree can help in simulation studies of possible attacks. This attack tree will show the linkages between vulnerabilities and a lineage pointing to how an attack could travel from the incoming WAF requests to deep down into the application code of exposed and existing, open vulnerabilities travelling laterally to create a more expanded attack crossing trust boundaries using application data flow.
32
Kerimov, Komil, Zarina Azizova, Fayzi Bekkamov, Mekhriddin Rakhimov, and Mannon Ochilov. "ENSURING INFORMATION SECURITY IN THE INTELLIGENT SCIENTIFIC AND TECHNICAL INFORMATION SYSTEMS." ENVIRONMENT. TECHNOLOGIES. RESOURCES. Proceedings of the International Scientific and Practical Conference 2 (June 22, 2024): 150–54. http://dx.doi.org/10.17770/etr2024vol2.8042.
Full textAbstract:
Scientific and scientific-technical information is a valuable tool for the development of education, technology and society as a whole. The increase in the volume of information and the development of information networks of data exchange requires special means to ensure information protection of data. Methods, means and systems for information security of scientific, technical and scientific-educational resources in intellectual information systems are of particular importance. The purpose of the research is to develop methods and software tools to ensure information security of valuable scientific and technical information resources in intelligent information systems. The proposed solution for intrusion detection in intelligent system is a web application firewall, which is used for enhanced security, detecting and preventing attacks before they reach the web application. It will protect the system from a whole range of attacks while allowing HTTP traffic monitoring and analyzing small changes or persistent state online. The Web Application Firewall (WAF) has the following features: logging of all HTTP protocol transactions, including request termination permissions and logging of the response; HTTP traffic can be examined in real time to detect attacks; preventing attacks before they reach the web application. This work is performed within the framework of the project on creation of an integrated intelligent system “SMART TUIT”, which includes several subsystems (Information Retrieval, Voice Recognition, Pattern Recognition, Scientific Information Assessment, Geoinformation System).
33
Thang, Nguyen Manh, Truong Phi Ho, and Hoang Thanh Nam. "A new approach to improving web application firewall performance based on support vector machine method with analysis of Http request." Journal of Science and Technology on Information security 1, no. 15 (2022): 62–73. http://dx.doi.org/10.54654/isj.v1i15.842.
Full textAbstract:
Abstract - Amount of attacks on information system is rapidly increasing not only in numbers but also in quality. Each attack violates properties of confidentiality, integrity, and accessibility of information, most attacks pursue financial gain, especially web attacks because almost companies use web applications for their businesses. The issue of protecting personal data from these attacks has become critical for all organizations and companies. Thus, the need to use an intrusion detection system and an intrusion prevention system to protect these data is relevant. Traditional means of protecting access to the corporate network (firewalls) are not able to protect against most threats directed at Web resources. The reason is that attacks on such resources most often occur at the application level, in the form of HTTP / HTTPS-requests to the site, where traditional firewalls have extremely limited opportunities for analysis and detection attacks. For protecting web resources from attacks at the application level we have special tools - web application firewall (WAF). The task of the tool is detecting and blocking attacks on Web resources at the application level. However, the analysis of incidents of information security shows that even with a class of means of detecting attacks on Web resources, their effectiveness does not provide a 100% detection level. With an aim of applying machine learning methods to improve WAF performance. The author discusses as popular types of attacks on Web applications and the survey of machine learning methods in the attack detection task to build an algorithm for automatic detectionattacks based on the support vector machine and analysis of HTTP request. Tóm tắt - Số lượng các cuộc tấn công vào hệ thống thông tin đang gia tăng nhanh chóng không chỉ về số lượng mà còn về mức độ nguy hại. Mỗi cuộc tấn công đều hướng đến việc ảnh hướng đến tính bảo mật, tính toàn vẹn và tính sẵn sàng của thông tin, hầu hết các cuộc tấn công nhằm thu lợi về tài chính, đặc biệt là các cuộc tấn công web vì hầu hết các công ty sử dụng các ứng dụng web cho doanh nghiệp của họ. Vấn đề bảo vệ dữ liệu cá nhân khỏi các cuộc tấn công này đã trở nên quan trọng đối với tất cả các tổ chức và công ty. Do đó, nhu cầu sử dụng một hệ thống phát hiện xâm nhập và một hệ thống ngăn chặn xâm nhập để bảo vệ những dữ liệu này là có liên quan. Các phương tiện truyền thống để bảo vệ quyền truy cập vào mạng công ty (tường lửa) không thể bảo vệ khỏi hầu hết các mối đe dọa nhắm vào tài nguyên web. Nguyên nhân là do các cuộc tấn công vào các tài nguyên như vậy thường xảy ra nhất ở tầng ứng dụng, dưới dạng HTTP / HTTPS-request tới trang web, nơi tường lửa truyền thống có rất ít cơ hội để phân tích và phát hiện các cuộc tấn công. Để bảo vệ tài nguyên web khỏi các cuộc tấn công ở cấp ứng dụng, chúng ta có các công cụ đặc biệt - tường lửa ứng dụng web (WAF). Nhiệm vụ của công cụ này là phát hiện và ngăn chặn các cuộc tấn công vào tài nguyên Web ở cấp độ ứng dụng. Tuy nhiên, phân tích các sự cố về an toàn thông tin cho thấy rằng ngay cả với một loại phương tiện phát hiện các cuộc tấn công vào tài nguyên web cũng không thể phát hiện được 100% các nguy cơ. Với mục đích áp dụng các phương pháp học máy để cải thiện hiệu suất WAF. Tác giả thảo luận về các dạng tấn công phổ biến trên ứng dụng web và khảo sát các phương pháp học máy trong nhiệm vụ phát hiện tấn công để xây dựng thuật toán cho các cuộc tấn công phát hiện tự động dựa trên vector hỗ trợ máy và phân tích yêu cầu HTTP.
34
Mauricio, Leopoldo, and Marcelo Rubinstein. "A Network Function Virtualization Architecture for Automatic and Efficient Detection and Mitigation against Web Application Malware." Journal of Internet Services and Applications 14, no. 1 (2023): 10–20. http://dx.doi.org/10.5753/jisa.2023.2847.
Full textAbstract:
This paper proposes and implements a Network Function Virtualization (NFV) security architecture to provide automatic and efficient detection and mitigation against Web application malware. The mitigation is given by dynamically chaining a Virtual Security Function (VSF) to the data stream to block malicious exploitation traffic without affecting the benign traffic. We implement an NFV Security Controller (NFV-SC) that interacts with an Intrusion Detection System and a Web Application Firewall (WAF), both implemented as VSFs. We also implement a vulnerability scanner and a mechanism to automatically create rules in advance in the WAF-VSF when a security vulnerability is found in an application, even if no malicious traffic has attempted to exploit the flaw. In addition, it dynamically identifies and removes no longer used security rules to improve performance. We implement and evaluate our security proposal in the Open Platform for NFV (OPNFV). The evaluation results in our experimental scenarios show that the NFV security architecture automatically blocks 99.12% of the HTTP malicious traffic without affecting 93.6% of the benign HTTP requests. Finally, we show that the number of rules in the WAF-VSF severely affects the latency to load HTTP response headers and that the number of redirection OpenFlow rules within Open vSwitches is not enough to significantly impact the end-user experience in modern web browser applications.
35
Thodupunuri, Mohit. "AKAMAI WAF VS. AWS WAF A COMPARATIVE ANALYSIS OF WEB APPLICATION FIREWALL SOLUTIONS FOR CLOUD SECURITY." INTERNATIONAL JOURNAL OF INFORMATION TECHNOLOGY AND MANAGEMENT INFORMATION SYSTEMS 14, no. 2 (2023): 68–79. https://doi.org/10.34218/ijitmis_14_02_009.
Full text
36
Wijaya, Adi, and Tata Sutabri. "Mendesain Cyber Security untuk Keamanan Website Menggunakan Web Aplication Firewall pada Kantor Bkpsdm Ogan Ilir." Blantika: Multidisciplinary Journal 2, no. 4 (2024): 386–95. http://dx.doi.org/10.57096/blantika.v2i4.121.
Full textAbstract:
Di era teknologi sekarang ini yang semakin maju, website telah menjadi salah satu sarana utama bagi setiap perusahaan maupun individu dalam hal berinteraksi dengan sesama pengguna ataupun konsumen secara online. Namun dibalik kemudahan tersebut terdapat pula tantangan yang besar khususnya dalam menghadapi ancaman keamanan siber. Seperti diketahui, serangan siber semakin hari semakin terus berkembang dan serangan terhadap website tentunya dapat menyebabkan banyak kerugian baik kerugian yang sifatnya finansial ataupun nonfinansial. Oleh karena itu, perlindungan terhadap website akan menjadi sangat penting. Web Application FireWall (WAF) adalah salah satu tool yang dapat dijadikan sebagai alat ataupun solusi, baik itu untuk mencegah maupun mengurangi resiko dari serangan siber tersebut. Dengan menggunakan WAF secara tepat dan dengan langkah-langkah keamanan lainnya, tentunya akan dapat meningkatkan keamanan, baik keamanan website itu sendiri dan juga keamanan dalam menlindungi data pengguna. Metodologi penelitian ini mencakup analisis kebutuhan keamanan, perancangan dan implementasi sistem keamanan cyber berbasis WAF, serta evaluasi kinerja sistem yang diimplementasikan. Hasil dari penelitian ini diharapkan dapat memberikan panduan yang jelas bagi Kantor BKPSDM Ogan Ilir dalam meningkatkan tingkat keamanan website mereka melalui penggunaan teknologi WAF.
37
Tuyishime, Emmanuel, Titus C. Balan, Petru A. Cotfas, Daniel T. Cotfas, and Alexandre Rekeraho. "Enhancing Cloud Security—Proactive Threat Monitoring and Detection Using a SIEM-Based Approach." Applied Sciences 13, no. 22 (2023): 12359. http://dx.doi.org/10.3390/app132212359.
Full textAbstract:
With the escalating frequency of cybersecurity threats in public cloud computing environments, there is a pressing need for robust security measures to safeguard sensitive data and applications. This research addresses growing security concerns in the cloud by proposing an innovative security information and event management system (SIEM) that offers automated visibility of cloud resources. Our implementation includes a virtual network comprising virtual machines, load balancers, Microsoft Defender for Cloud, and an application gateway that functions as a web application firewall (WAF). This WAF scans incoming Internet traffic and provides centralized protection against common exploits and vulnerabilities, securing web applications within the cloud environment. We deployed the SIEM system to automate visibility and incident response for cloud resources. By harnessing the power of this employed SIEM, the developed system can continuously monitor, detect security incidents, and proactively mitigate potential security threats. Microsoft Defender for Cloud consistently assesses the configuration of cloud resources against industry standards, regulations, and benchmarks to ensure compliance requirements are met. Our findings highlight the practicality and effectiveness of deploying such solutions to safeguard cloud resources, offering valuable insights to organizations and security professionals seeking sustainable and resilient security measures in the cloud computing environment.
38
Borlakova, Mariam A., Said I. Eltaev, and Movladi I. Isaev. "DETECTING AND PREVENTING ATTACKS BASED ON JAVASCRIPT VULNERABILITIES IN MODERN WEB APPLICATIONS." EKONOMIKA I UPRAVLENIE: PROBLEMY, RESHENIYA 12/10, no. 153 (2024): 84–90. https://doi.org/10.36871/ek.up.p.r.2024.12.10.012.
Full textAbstract:
This article discusses methods and approaches to detecting and preventing attacks caused by JavaScript vulnerabilities in modern web applications. The main focus is on the analysis of the most common types of attacks, including cross-site scripting (XSS), cross-site request forgery (CSRF), clickjacking, and exploitation of third-party library vulnerabilities. Threat detection algorithms based on static and dynamic code analysis, signature and behavioral analysis, as well as machine learning methods are presented. Architectural approaches to preventing attacks are described, including the implementation of Content Security Policy (CSP), the use of CSRF tokens, and WAF (Web Application Firewall)-based protection. Code analysis and monitoring tools such as ESLint, SonarQube, OWASP ZAP, and Snyk are considered. The study provides recommendations for integrating analysis tools and protection methods into the DevSecOps and CI/CD process. The main conclusion of the article is the need to use a multi-layered approach to protecting web applications, combining code analysis methods, dynamic analysis, and the use of automated protection systems.
39
Wijaya, I. Gusti Agung Surya Pramana, Gusti Made Arya Sasmita, and I. Putu Agus Eka Pratama. "Web Application Penetration Testing on Udayana University's OASE E-learning Platform Using Information System Security Assessment Framework (ISSAF) and Open Source Security Testing Methodology Manual (OSSTMM)." International Journal of Information Technology and Computer Science 16, no. 2 (2024): 45–56. http://dx.doi.org/10.5815/ijitcs.2024.02.04.
Full textAbstract:
Education is a field that utilizes information technology to support academic and operational activities. One of the technologies widely used in the education sector is web-based applications. Web-based technologies are vulnerable to exploitation by attackers, which highlights the importance of ensuring strong security measures in web-based systems. As an educational organization, Udayana University utilizes a web-based application called OASE. OASE, being a web-based system, requires thorough security verification. Penetration testing is conducted to assess the security of OASE. This testing can be performed using the ISSAF and OSSTMM frameworks. The penetration testing based on the ISSAF framework consists of 9 steps, while the OSSTMM framework consists of 7 steps for assessment. The results of the OASE penetration testing revealed several system vulnerabilities. Throughout the ISSAF phases, only 4 vulnerabilities and 3 information-level vulnerabilities were identified in the final testing results of OASE. Recommendations for addressing these vulnerabilities are provided as follows. Implement a Web Application Firewall (WAF) to reduce the risk of common web attacks in the OASE web application. input and output validation to prevent the injection of malicious scripts addressing the stored XSS vulnerability. Update the server software regularly and directory permission checks to eliminate unnecessary information files and prevent unauthorized access. Configure a content security policy on the web server to ensure mitigation and prevent potential exploitation by attackers.
40
Meduri, Vedaswaroop. "Applying The Promethee Method In The Field Of Computer Cybersecurity Is “Ranking Cybersecurity Solutions For Risk Mitigation." Nanoscience & Technology: Open Access 7, no. 1 (2023): 1–11. https://doi.org/10.15226/2374-8141/7/1/00163.
Full textAbstract:
Introduction: Cybersecurity, also known as computer security or information technology security, is a field dedicated to safeguarding computer systems, networks, and data from unauthorized access, damage, or disruption. With the rapid advancements in technology and the increasing reliance on digital infrastructure, cyber threats have become a significant concern for individuals, organizations, and governments worldwide. cybersecurity involves understanding and countering various cyber threats, such as malware, phishing attacks, data breaches, and ransomware. It encompasses a wide range of practices and measures, including encryption, firewalls, authentication protocols, intrusion detection systems, and security awareness training. The primary goal of cybersecurity is to protect sensitive information, maintain the integrity of computer systems, and ensure the availability of critical services in the face of potential cyber-attacks. As the digital landscape continues to evolve, the importance of cybersecurity becomes more prominent, making it a critical aspect of modern-day computing and information management. Research significance: Computer cybersecurity research is of utmost significance as it safeguards critical infrastructure, protects personal data, defends against evolving cyber threats, preserves national security, fosters economic growth, upholds privacy and individual rights, promotes global cooperation, and prepares for future challenges. In an increasingly interconnected world, this research plays a pivotal role in ensuring a secure digital landscape for individuals, organizations, and nations. Methodology: The PROMETHEE (Preference Ranking Organization Method for Enrichment Evaluations) method is a multi-criteria decision-making technique used to rank and select alternatives based on various criteria. Developed by J.P. Brans and P. Vincke in the 1980s, PROMETHEE enables decision-makers to evaluate complex problems with conflicting objectives. The method assesses the relative importance of each criterion, compares alternatives pairwise, and calculates preference indices to generate a global ranking. By providing a systematic approach to decision-making, PROMETHEE helps in choosing the most suitable option from a set of alternatives in a wide range of applications, such as business, engineering, and environmental management. Alternative: Next-Generation Firewall with Advanced Threat Protection, Endpoint Detection and Response (EDR) System, Cloud-Based Security Information and Event Management (SIEM), Network Behavior Analytics Platform, Multi-Factor Authentication (MFA) Solution, Web Application Firewall (WAF) Evaluation preference: Threat Detection, Incident Response, User-Friendliness, Scalability Results: From the result it is seen that Incident Response is got the first rank where as is the Scalability is having the lowest rank. Keywords: Cloud-Based Security, Web Application Firewall, PROMETHEE, Computer Cyber Security
41
Rifai, Muhammad Fajar, Syaiful Hendra, Hajra Rasmita Ngemba, Ryfial Azhar, and Rahmah Laila. "Enhancing Web Server Security against Layered Cyber Threats in Healthcare." Advance Sustainable Science, Engineering and Technology 6, no. 2 (2024): 0240209. http://dx.doi.org/10.26877/asset.v6i2.18307.
Full textAbstract:
Information technology plays an important role in improving operational efficiency at Torabelo Hospital. The server system in use today faces security and optimization challenges. This research analyzes the impact and recommends solutions to improve server security and optimization. The findings show that the server system is vulnerable to various types of attacks and performance degradation. This can negatively impact hospital operations and put patients at risk. The recommended solution is to implement Squid as reverse proxy, WAF (Web Application Firewall), and Snort as IDS (Intrusion Detection System). System testing showed that this solution successfully detected and prevented various common attacks. This research provides insights to health IT professionals to improve the security and performance of their server systems and improve healthcare services to patients at Torabelo Hospital.
42
Prasad, Y. Shyam, B. Simhadri, and A. Karthikram. "SecuProbe: Intelligent Detection of Cross-Site Scripting, SQL Injection, & No SQL Attacks with Real-Time Alert." International Research Journal of Innovations in Engineering and Technology 09, Special Issue (2025): 238–44. https://doi.org/10.47001/irjiet/2025.inspire38.
Full textAbstract:
SecuProbe is an advanced Web Application Firewall (WAF) designed to protect web applications from common and critical cyberattacks, including SQL Injection (SQLI), NoSQL Injection, and Cross-Site Scripting (XSS). This paper discusses the design and implementation of SecuProbe, focusing on its real-time detection capabilities and advanced security features. The system uses a hybrid detection approach, combining signature-based and anomaly detection techniques. Signature-based detection matches incoming requests against known attack patterns, while anomaly detection identifies suspicious behaviors that deviate from normal traffic. This dual-layered detection method improves accuracy and allows the identification of both known and emerging threats. SecuProbe integrates automated attack categorization, enabling the system to classify detected threats into specific categories for better analysis and response. It also features an email alerting mechanism that notifies administrators of potential security breaches, ensuring prompt action against identified vulnerabilities. It is capable of handling high volumes of concurrent requests while maintaining low latency and high throughput, ensuring minimal impact on web application performance. This makes it suitable for both small-scale applications and large, complex infrastructures. The system has been extensively tested and evaluated to ensure accuracy, reliability, and efficiency.
43
Mamuriyah, Nimatul, Stefanus Eko Prasetyo, and Abner Onesimus Sijabat. "Rancangan Sistem Keamanan Jaringan dari serangan DDoS Menggunakan Metode Pengujian Penetrasi." Jurnal Teknologi Dan Sistem Informasi Bisnis 6, no. 1 (2024): 162–67. http://dx.doi.org/10.47233/jteksis.v6i1.1124.
Full textAbstract:
Dengan tumbuhnya teknologi yang semakin inovatif, telah menciptakan media baru untuk menyampaikan informasi yaitu aplikasi web. Teknologi yang ada pada saat ini diperlukan untuk menyebarkan informasi secara luas dan tanpa batas. Lumpuhnya web server dapat menganggu proses client dalam mengakses informasi. Kelumpuhan web server dapat diakibatkan oleh beberapa serangan, salah satunya adalah Distributed Denial of Service (DDoS). penulis menggunakan Kali Linux sebagai perangkat lunak pengujian penetrasi, dengan menggunakan tool GoldenEye sebagai alat ini dapat digunakan untuk menguji apakah suatu situs rentan terhadap serangan DDoS. Rancangan keamanan dengan Cloudflare melibatkan penerapan beberapa lapisan perlindungan yang dirancang untuk memitigasi risiko keamanan pada aplikasi dan situs web. Secara umum, Cloudflare Web Application Firewall (WAF) ditempatkan di depan server asal untuk mendeteksi dan memblokir serangan berbasis web. Layanan DDoS protection Cloudflare diterapkan pada lapisan global, mengamankan infrastruktur dari serangan hacker. Dengan memanfaatkan infrastruktur Cloudflare, rancangan ini memberikan solusi keamanan yang efektif dan efisien terhadap serangan DDoS, memastikan ketersediaan dan keandalan layanan jaringan.
44
Charan, Shankar Kummarapurugu. "Securing Kubernetes Ingress Traffic for Public-Facing Microservices Using TLS Termination and WAF Integration." Journal of Scientific and Engineering Research 6, no. 1 (2019): 283–90. https://doi.org/10.5281/zenodo.14273907.
Full textAbstract:
As Kubernetes has become a leading platform for managing containerized microservices, securing the flow of external traffic into these systems has grown increasingly important. Public-facing microservices are particularly exposed to threats like data breaches, Distributed Denial of Service (DDoS) attacks, and unauthorized access. This paper presents a solution that combines Transport Layer Security (TLS) termination and a Web Application Firewall (WAF) to address these security challenges. TLS termination ensures that communication between users and services remains encrypted, protecting data in transit, while the WAF offers an additional safeguard by analyzing incoming HTTP/HTTPS traffic for potential threats. The proposed architecture integrates seamlessly with Kubernetes, using automated tools for managing TLS certificates and applying WAF rules. Through performance benchmarks and security tests, this study demonstrates that the approach effectively balances robust security with low latency, making it a viable option for deployment in enterprise-grade Kubernetes environments. The results highlight the practical benefits of the solution, offering improved protection without compromising on performance.
45
Окулов, М. Д., та В. К. Денисенко. "Анализ защищенности web-приложения на основе моделирования сетевых атак". Информатика. Экономика. Управление - Informatics. Economics. Management 4, № 2 (2025): 2018–27. https://doi.org/10.47813/2782-5280-2025-4-2-2018-2027.
Full textAbstract:
В статье рассматриваются ключевые угрозы безопасности современных веб-приложений, такие как межсайтовый скриптинг (XSS), подделка межсайтовых запросов (CSRF), фишинг, атаки типа "отказ в обслуживании" (DoS), утечки данных и несанкционированный доступ. Особое внимание уделяется анализу уязвимостей, связанных с клиентской и серверной частями приложений, а также методам их идентификации и оценки рисков. В работе подробно описаны современные методы и средства защиты, включая использование Web Application Firewall (WAF), шифрование данных, двухфакторную аутентификацию и механизмы контроля доступа. Проведено практическое моделирование сетевых атак, в частности SQL-инъекций, с целью оценки уровня защищенности веб-приложения и демонстрации типовых сценариев компрометации. Приведены рекомендации по обеспечению безопасности баз данных и резервных копий, а также предложены стратегии противодействия внутренним и внешним угрозам. Статья подчеркивает важность комплексного подхода к защите веб-приложений, включающего регулярное обновление ПО, контроль доступа, мониторинг и аудит действий пользователей, а также внедрение специализированных систем защиты. Результаты исследования могут быть использованы для повышения уровня безопасности корпоративных веб-ресурсов и защиты пользовательских данных.
46
Самандаров, Б. С., Г. А. Гулмирзаева та Д. Р. Жолдасбаев. "Анализ и моделирование уязвимостей безопасности информационных систем". Информатика. Экономика. Управление - Informatics. Economics. Management 4, № 1 (2025): 2019–26. https://doi.org/10.47813/2782-5280-2025-4-1-2019-2026.
Full textAbstract:
В статье рассматривается проблема уязвимости информационных систем к SQL-инъекциям, которые остаются одной из наиболее распространенных угроз для веб-приложений. Предложена математическая модель, позволяющая оценить вероятность успешной атаки на основе параметров системы, таких как уровень уязвимостей, сложность SQL-запросов и уровень защиты. Модель включает функции для оценки уязвимостей, сложности запросов и уровня защиты, а также целевую функцию, направленную на минимизацию вероятности атаки. На примере синтетических данных продемонстрирована эффективность модели: внедрение мер защиты, таких как Web Application Firewall (WAF) и улучшение валидации входных данных, значительно снижает вероятность успешной SQL-инъекции. Результаты работы могут быть использованы для разработки эффективных мер защиты информационных систем и интеграции модели с системами мониторинга безопасности
47
Ripai, Rizki, Riki Aldi Pari, Fajar Sidik, Sony Veri Shandy, and Fajar Mahardika. "Implementasi Layanan Cloudflare sebagai Mitigasi terhadap Ancaman Pemindaian dan Eksploitasi Siber Menggunakan Nmap dan Metasploit." sudo Jurnal Teknik Informatika 4, no. 1 (2025): 40–49. https://doi.org/10.56211/sudo.v4i1.902.
Full textAbstract:
Serangan siber berbasis pemindaian jaringan dan eksploitasi sistem menjadi ancaman signifikan bagi keamanan aplikasi web. Alat seperti Nmap dan Metasploit banyak digunakan oleh peretas untuk mengidentifikasi celah keamanan serta mengeksploitasi sistem target. Penelitian ini bertujuan untuk mengevaluasi efektivitas layanan Cloudflare dalam memitigasi serangan reconnaissance dan eksploitasi tersebut. Metode yang digunakan adalah pendekatan eksperimental dengan melakukan simulasi serangan terhadap dua lingkungan server: satu tanpa proteksi Cloudflare dan satu dengan konfigurasi penuh layanan Cloudflare. Serangan dilakukan menggunakan teknik pemindaian port dan service enumeration dari Nmap, serta injeksi payload eksploitasi menggunakan Metasploit Framework. Hasil pengujian menunjukkan bahwa Cloudflare mampu secara signifikan mengurangi keberhasilan pemindaian dan eksploitasi, dengan tingkat deteksi dan pemblokiran mencapai lebih dari 90% terhadap permintaan mencurigakan. Fitur seperti Web Application Firewall (WAF), rate limiting, dan penyembunyian IP server terbukti efektif dalam menghambat proses pengintaian serta serangan berbasis payload otomatis. Penelitian ini menyimpulkan bahwa Cloudflare merupakan solusi mitigasi yang efisien dalam meningkatkan ketahanan sistem web terhadap serangan berbasis Nmap dan Metasploit.
48
Charan, Shankar Kummarapurugu. "Securing Kubernetes Ingress Traffic for Public-Facing Microservices Using TLS Termination and WAF Integration." INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH AND CREATIVE TECHNOLOGY 6, no. 2 (2020): 1–9. https://doi.org/10.5281/zenodo.14183876.
Full textAbstract:
As Kubernetes has become a leading platform for managing containerized microservices, securing the flow of external traffic into these systems has grown increasingly important. Public-facing microservices are particularly exposed to threats like data breaches, Distributed Denial of Service (DDoS) attacks, and unauthorized access. This paper presents a solution that combines Transport Layer Security (TLS) termi- nation and a Web Application Firewall (WAF) to address these security challenges. TLS termination ensures that communication between users and services remains encrypted, protecting data in transit, while the WAF offers an additional safeguard by analyzing incoming HTTP/HTTPS traffic for potential threats. The proposed architecture integrates seamlessly with Kubernetes, using automated tools for managing TLS certificates and applying WAF rules. Through performance benchmarks and security tests, this study demonstrates that the approach effectively balances robust security with low latency, making it a viable option for deployment in enterprise-grade Kubernetes environments. The results highlight the practical benefits of the solution, offering improved protection without compromising on performance.
49
Muhammad Risky Ardiansyah, Muhlis Tahir, Andi Risqita Nuria Fawash, et al. "Analisis Kerentanan Keamanan Website Menggunakan Metode PTES (Penetration Testing Execution And Standart)." NUANSA INFORMATIKA 18, no. 2 (2024): 145–53. http://dx.doi.org/10.25134/ilkom.v18i2.119.
Full textAbstract:
With rapid advances in Information Technology (IT), the need for an IT-based learning framework and mechanism has become an unavoidable necessity. This requires solid security in a system, using the Penetration Testing Execution and Standard (PTES) method. This research method is quantitative and descriptive, used to illuminate website security and provide input for improvement. The research involved Tenable Nessus Professional tools that emit vulnerabilities, such as Browseable Web Directory and Potentially Clickjacking Web. The PTES stages covered include Planning, Data Collection, Scanning, Access Rights, Security, and Web Application Firewall (WAF) configuration. The hope is that this method will provide an in-depth understanding of potential threats and vulnerabilities in government information systems, as well as present solutions. The research results are expected to provide education and insight into website security. This allows related parties to take preventive and corrective steps, improve security, and protect the integrity and confidentiality of data entities. As a result, information systems are expected to be more secure and resistant to potential cyber threats.
50
Hanif Setia Nusantara, L. Budi Handoko, Maulana Ikhsan, and Chaerul Umam. "Vulnerability Analysis on Semarang City Road Section Information System Website Using VAPT Method." INOVTEK Polbeng - Seri Informatika 10, no. 2 (2025): 1119–30. https://doi.org/10.35314/gdaky847.
Full textAbstract:
Web-based public service applications in the digital governance era are increasingly vulnerable to cyber threats. This study analyzes the vulnerability of the Semarang City Road Information System website quantitatively using the Vulnerability Assessment and Penetration Testing (VAPT) method to evaluate its effectiveness in identifying security gaps. This system is part of an e-government service providing road infrastructure information but, like other technology-based systems, is susceptible to exploitation. The VAPT method used includes two main stages: Vulnerability Assessment to identify weaknesses and Penetration Testing to simulate attacks. The study identified 5 potential vulnerabilities: SQL Injection, Credit Card Number Disclosure, Insecure Direct Object Reference (IDOR), Cross-Site Scripting (XSS), and Error Message on Page. However, 80% of these were false positives, effectively filtered by Alibaba Cloud’s Web Application Firewall (WAF). The IDOR vulnerability was confirmed as valid, allowing unauthorized access to sensitive data through manipulation of the ID parameter in the URL. The original contribution of this research is the specific recommendation for implementing Indirect Object References mechanisms such as ID encryption, as well as emphasizing the need for comprehensive routine testing to improve security and prevent potential data misuse.