Enhancing web application attack detection using machine learning
- Autor(es):
- Martínez, Rodrigo
- Tipo:
- Preprint
- Versión:
- Enviado
- Resumen:
-
The exploit of vulnerabilities present in Web applications has been the main attack vector in the last decade biggest data breaches. In this work we put forward a framework to leverage the performance of Web Application Firewalls (WAFs) using machine learning techniques. We propose the use of two types of machine learning models: a multi-class approach for the scenario when valid and attack data is available and alternatively a one-class model when only valid data is at hand. The use of both models to predict potential malicious traffic has shown to outperform MODSECURITY, a widely deployed WAF technology, configured with the OWASP Core Rule Set out of the box. We also present a prototype that integrates the one-class model with MODSECURITY.
- Año:
- 2018
- Idioma:
- Inglés
- Temas:
- Web Application Firewall
Web Application Security
Machine Learning
Pattern Recognition
- Institución:
- Universidad de la República
- Repositorio:
- COLIBRI
- Enlace(s):
- https://hdl.handle.net/20.500.12008/29285
- Nivel de acceso:
- Acceso abierto