Por favor, use este identificador para citar o enlazar este ítem:
https://hdl.handle.net/20.500.12008/29285
Cómo citar
| Título: | Enhancing web application attack detection using machine learning |
| Autor: | Martínez, Rodrigo |
| Tipo: | Preprint |
| Palabras clave: | Web Application Firewall, Web Application Security, Machine Learning, Pattern Recognition |
| Fecha de publicación: | 2018 |
| Resumen: | The exploit of vulnerabilities present in Web applications has been the main attack vector in the last decade biggest data breaches. In this work we put forward a framework to leverage the performance of Web Application Firewalls (WAFs) using machine learning techniques. We propose the use of two types of machine learning models: a multi-class approach for the scenario when valid and attack data is available and alternatively
a one-class model when only valid data is at hand. The use of both models to predict potential malicious traffic has shown to outperform MODSECURITY, a widely deployed WAF technology, configured with the OWASP Core Rule Set out of the box. We also present a prototype that integrates the one-class model with
MODSECURITY. |
| Descripción: | LADC 2018, 8th Latin-American Symposium on Dependable Computing, Foz de Iguaçu, Brazil, 8-10 October 2018. |
| Citación: | Martínez, R. Enhancing web application attack detection using machine learning [Preprint]. Publicado en : LADC 2018, 8th Latin-American Symposium on Dependable Computing, Foz de Iguaçu, Brazil, 8-10 October 2018. |
| Licencia: | Licencia Creative Commons Atribución - No Comercial - Sin Derivadas (CC - By-NC-ND 4.0) |
| Aparece en las colecciones: | Publicaciones académicas y científicas - Instituto de Computación |
Ficheros en este ítem:
| Fichero | Descripción | Tamaño | Formato | ||
|---|---|---|---|---|---|
| MAR18.pdf | Preprint | 513,99 kB | Adobe PDF | Visualizar/Abrir |
Este ítem está sujeto a una licencia Creative Commons Licencia Creative Commons
