Exploring the application of process mining techniques to improve web application security

Bruno, Marcelo - Ibañez, Pablo - Techera, Tamara - Calegari, Daniel - Betarte, Gustavo

Resumen:

Web applications are permanently being exposed to attacks that exploit their vulnerabilities. To detect and prevent misuse of the functionality provided by an application, it has become necessary to develop techniques that help discern between a valid user of the system and a malicious agent. In recent years, a technology that has been widely deployed to provide automated and non-invasive support for detecting web application attacks is Web Application Firewalls. In this work, we put forward and discuss the application of Process Mining techniques to detect deviations from the expected behavior of web applications. The objects of behavior analysis are logs generated by a widely deployed WAF called ModSecurity. We discuss experiments we have carried out applying our mining method on the well-known e-commerce platform Magento and using the ProM tool for the execution of the process mining techniques.


Detalles Bibliográficos
2021
Security
Web applications
Process mining
Web application firewall
ModSecurity
ProM
Inglés
Universidad de la República
COLIBRI
https://hdl.handle.net/20.500.12008/29281
Acceso abierto
Licencia Creative Commons Atribución - No Comercial - Sin Derivadas (CC - By-NC-ND 4.0)
Resumen:
Sumario:CLEI 21, Conferencia Latinoamericana de Informática, San José, Costa Rica, 25 al 29 de octubre de 2021.