Presentation | 2013/3/7 Development of Web Application Firewall by Using Bayesian Filter TAKESHI HISHINUMA, NORIAKI YOSHIURA, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Recently, many web applications which provide many kinds of services on the Internet and security is important in their operations. Web Application Firewall(WAF) is used for security of web applications. Many of WAFs consists of signature-based filters which have prepared particular input patterns, but the filters do not always have proper patterns for malicious codes, malicious scripts and vulnerability due to bugs of individual web applications. This paper develops a WAF which learns good or bad input patterns by Bayesian filter when the administrators of web applications suggest input which should be rejected or accepted. Input inspection uses a Bayesian filter and an anomaly detector. The anomaly detector is based on statistics, which are data of N-gram of inputs for web applications. This paper implements a prototype of our WAF by script language Python and experiments with randomly-generated HTTP requests. The results of the experiment found that iteration of learning by using Bayesian filter decreases false positives and false negatives. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Web Application Firewall / Bayesian Filter / Anomaly Detection / N-gram |
Paper # | |
Date of Issue |
Conference Information | |
Committee | SITE |
---|---|
Conference Date | 2013/3/7(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Social Implications of Technology and Information Ethics (SITE) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Development of Web Application Firewall by Using Bayesian Filter |
Sub Title (in English) | |
Keyword(1) | Web Application Firewall |
Keyword(2) | Bayesian Filter |
Keyword(3) | Anomaly Detection |
Keyword(4) | N-gram |
1st Author's Name | TAKESHI HISHINUMA |
1st Author's Affiliation | Graduate School of Science and Engineering, Saitama University() |
2nd Author's Name | NORIAKI YOSHIURA |
2nd Author's Affiliation | Graduate School of Science and Engineering, Saitama University |
Date | 2013/3/7 |
Paper # | |
Volume (vol) | vol.112 |
Number (no) | 488 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |