Abstract
Nowadays, with over 70% of attacks carried out over the web application level, organizations need all the help they can get in making their system secure. Web Application Firewalls (WAFs) are among the tools that are commonly used for the prevention of Web attacks. However, the WAFs provide very little protection on their own. In order to become useful, they must be configured with rules. Unfortunately, the rule configuration process is not easy and error-prone, thus the quality of protection(QoP) of WAFs is still behind our expectations. In this paper, we investigate the current WAFs and point out some of their problems regarding about the poor QoP. We then analyze the origins of these problems and propose two decision modules, the attack-decision module and priority-decision module based on a proposed simplified taxonomy of web attacks which are helpful for improving the QoP of WAFs. Finally, we conclude our work and show future interests to extend our modules to IDS systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
ModSecurity Reference Manual Version 2.5.0, Breach Security, Inc., http://www.breach.com (February 19, 2008)
Desmet, L., Piessens, F., Joosen, W., Verbaeten, P.: Bridging the Gap Between Web Application Firewalls and Web Application. In: FMSE 2006, Alexanadria, Virginia, USA, Novermber 3 (2006)
Byrne, P.: Application firewalls in a defence-in-depth design. Network Security 2006(9), 9–11 (2006)
Forster, K.: Why Firewalls Fail to Protect Web Sites. Lockstep Systems, Inc. (2002)
Alvarez, G., Petrovic, S.: A Taxonomy of Web Attacks. In: Cueva Lovelle, J.M., RodrÃguez, B.M.G., Gayo, J.E.L., Ruiz, M.d.P.P., Aguilar, L.J. (eds.) ICWE 2003. LNCS, vol. 2722, pp. 295–298. Springer, Heidelberg (2003)
Lai, J.-Y., Wu, J.-S., Chen, S.-J., Wu, C.-H., Yang, C.-H.: Designing a Taxonomy of Web Attacks. In: 2008 International Conference on Convergence and Hybrid Information Technology, pp. 278–282 (2008)
Almgren, M., Barse, E.L., Jonsson, E.: Consolidation and Evaluation of IDS Taxonomies. In: Nordic Workshop on Secure IT Systems, Norway, October 15-17, 2003, pp. 57–70 (2003)
Howard, J.D., Longstaff, T.A.: A Common Language for Computer Security Incidents. Technical Report SAND98-8667, Sandia National Laboratories (1998)
Open Web Application Security Project (OWASP), Top ten most critical web application vulnerabilities (2005), http://www.owasp.org/documentation/topten.html
Web Application Security Consortium, Web Application Firewall Evaluation Criteria, version 1.0 (January 2006), http://www.webappsec.org/projects/wafec/
AQTronix-WebKnight, http://www.aqtronix.com/
Breach-WebDefend, http://www.breach.com/products/webdefend.html
Microsoft-ISA, http://www.microsoft.com/forefront/edgesecurity/isaserver/en/us/default.aspx
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Han, Y., Sakai, A., Hori, Y., Sakurai, K. (2009). Improving the Quality of Protection of Web Application Firewalls by a Simplified Taxonomy of Web Attacks. In: Park, J.H., Zhan, J., Lee, C., Wang, G., Kim, Th., Yeo, SS. (eds) Advances in Information Security and Its Application. ISA 2009. Communications in Computer and Information Science, vol 36. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02633-1_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-02633-1_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02632-4
Online ISBN: 978-3-642-02633-1
eBook Packages: Computer ScienceComputer Science (R0)