Impact of Paranoia Levels on the Effectiveness of the ModSecurity Web Application Firewall

Singh, Jatesh Jagraj; Samuel, Hamman; Zavarsky, Pavol

doi:10.1109/icdis.2018.00030

Cited by 8 publications

(4 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…No caso do ModSecurity, o aumento dos níveis de paranóia também implica em um aumento no índice de falsos positivos [SINGH et al, 2018]. Além disso, em um ambiente de produc ¸ão, é praticamente impossível atingirmos uma taxa de detecc ¸ão constante de 100% pelo fato de existirem muitas variac ¸ões de payloads.…”

Section: Acurácia De Detecc ¸ãOunclassified

WAFCheck: uma ferramenta para auxiliar nos testes de Web Application Firewalls (WAFs)

Melchior

Fiorenza

Kreutz

2021

Anais Estendidos Do XXI Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg Estendido 2021)

View full text Add to dashboard Cite

Estatísticas indicam que até 90% das aplicações disponibilizadas na Internet possuem algum tipo de vulnerabilidade de software. Estudos recentes apontam também que firewalls de aplicação, mais conhecidos como WAFs, podem contribuir para mitigar a exploração de mais de 70% das vulnerabilidades de sistemas web. Entretanto, determinar a capacidade e a qualidade de um WAF pode ser um desafio. Nós propomos a ferramenta WAFCheck para auxiliar nos testes de latência, carga e acurácia de detecção de WAFs. A WAFCheck permite a inclusão e avaliação de conjuntos diversos de payloads, que são utilizados na exploração de vulnerabilidades de sistemas web. Utilizando centenas de payloads das dez vulnerabilidades mais recorrentes segundo a OWASP, nós avaliamos o desempenho dos WAFs gratuitos ModSecurity, Naxsi, ShadowD e xWAF, demostrando o funcionamento e a aplicabilidade da ferramenta.

show abstract

Section: Acurácia De Detecc ¸ãOunclassified

WAFCheck: uma ferramenta para auxiliar nos testes de Web Application Firewalls (WAFs)

Melchior

Fiorenza

Kreutz

2021

Anais Estendidos Do XXI Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg Estendido 2021)

View full text Add to dashboard Cite

show abstract

“…Dari berbagai informasi tadi, diketahui bahwa serangan SQL injection masih menjadi masalah yang belum dapat teratasi secara maksimal, sehingga masih membutuhkan penanganan khusus terhadap masalah ini. SQL injection pun diketahui memiliki beberapa tipe serangan yang beragam [8], diantaranya yaitu Tauntology-Based, Incorrect Queries, Stored Procedure Injection, Piggy Backed, Union-Based, Error-Based, dan yang terakhir yaitu Blind SQL Injection.…”

Section: Pendahuluanunclassified

Implementasi Web Application Firewall Dalam Mencegah Serangan SQL Injection Pada Website

Bangkit

Prabowo²,

Ananda³

2020

Digitalzone

View full text Add to dashboard Cite

Dalam beberapa tahun terakhir perkembangan teknologi informasi menjadi semakin pesat, perkembangan ini membuat segala aktifitas dan pekerjaan menjadi lebih mudah, seperti halnya untuk mengakses berita maupun informasi. Salah satu media yang sering digunakan untuk menemukan berbagai macam informasi pada saat ini yaitu website. Banyaknya website yang ada pada saat ini membuat ia sering dijadikan sasaran berbagai jenis serangan web yang beragam seperti SQL injection. Sehingga diperlukan suatu sistem yang mampu memberikan solusi dalam pengamanan website. Pada penelitian ini menggunakan metode web application firewall karena metode ini mampu untuk menjadi security system dalam mengamankan suatu website dari serangan. Metode web application firewall dilakukan dengan memblokir serangan sql injection yang masuk berdasarkan konfigurasi rules yang telah ditetapkan. Dan dari hasil penelitian ini serangan SQL injection yang telah diujicobakan pada website berhasil diblokir sehingga membuat website menjadi aman dari serangan tersebut.. Kata kunci: Keamanan, Serangan Web, SQL injection, Website, Web Application Firewall. Abstract In the last few years the development of information technology has become increasingly rapid, this has made all activities and jobs easier, such as accessing news and information. One of the media that is often used to find various kinds of information at this time is the website. The large number of websites that exist today makes it a frequent target of various types of web attacks such as SQL injection. So we need a system that is able to provide solutions in securing a website. This research uses a web firewall application method because this method is able to become a security system on a website from attacks. The firewall web application method is carried out by the sql injection attack method which is entered based on predefined rules. And from the results of this study, the SQL injection attack that was tested on the website was successful so that it made the website safe from these attacks. Keywords: Security, Web Attack, SQL injection, Website, Web Application Firewall

show abstract

“…The sequence generation process utilized this information for generating targeted attack payloads. We tested the generated attack payloads against open-source ModSecurity WAFs [ 26 ] and AWS WAFs [ 27 ]. The payloads generated by the conditional sequencing were able to bypass ModSecurity WAFs and AWS WAFs.…”

Section: Introductionmentioning

confidence: 99%

Generative Adversarial Network (GAN)-Based Autonomous Penetration Testing for Web Applications

Chowdhary,

Jha,

Zhao

2023

Sensors

View full text Add to dashboard Cite

The web application market has shown rapid growth in recent years. The expansion of Wireless Sensor Networks (WSNs) and the Internet of Things (IoT) has created new web-based communication and sensing frameworks. Current security research utilizes source code analysis and manual exploitation of web applications, to identify security vulnerabilities, such as Cross-Site Scripting (XSS) and SQL Injection, in these emerging fields. The attack samples generated as part of web application penetration testing on sensor networks can be easily blocked, using Web Application Firewalls (WAFs). In this research work, we propose an autonomous penetration testing framework that utilizes Generative Adversarial Networks (GANs). We overcome the limitations of vanilla GANs by using conditional sequence generation. This technique helps in identifying key features for XSS attacks. We trained a generative model based on attack labels and attack features. The attack features were identified using semantic tokenization, and the attack payloads were generated using conditional sequence GAN. The generated attack samples can be used to target web applications protected by WAFs in an automated manner. This model scales well on a large-scale web application platform, and it saves the significant effort invested in manual penetration testing.

show abstract

Impact of Paranoia Levels on the Effectiveness of the ModSecurity Web Application Firewall

Cited by 8 publications

References 0 publications

WAFCheck: uma ferramenta para auxiliar nos testes de Web Application Firewalls (WAFs)

WAFCheck: uma ferramenta para auxiliar nos testes de Web Application Firewalls (WAFs)

Implementasi Web Application Firewall Dalam Mencegah Serangan SQL Injection Pada Website

Generative Adversarial Network (GAN)-Based Autonomous Penetration Testing for Web Applications

Contact Info

Product

Resources

About