Artificial Intelligence Web Application Firewall for advanced detection of web injection attacks.

Saved in:
Bibliographic Details
Title: Artificial Intelligence Web Application Firewall for advanced detection of web injection attacks.
Authors: Román‐Gallego, Jesús‐Ángel1 (AUTHOR) zjarg@usal.es, Pérez‐Delgado, María‐Luisa1 (AUTHOR), Viñuela, Marcos Luengo1 (AUTHOR), Vega‐Hernández, María‐Concepción1 (AUTHOR)
Source: Expert Systems. Jan2025, Vol. 42 Issue 1, p1-18. 18p.
Subjects: HTTP (Computer network protocol), Web-based user interfaces, Artificial intelligence, Support vector machines, Internet servers, K-nearest neighbor classification
Abstract: Currently, web services‐based applications have an important presence in public and private organizations. The vulnerabilities that these types of applications may have pose an inherent potential risk to the business model of these organizations. These applications have the inherent risk of being used by organizations in such a way that their activity is affected and they become the main entry point for attackers who want to breach their security. The main barrier to this type of attack are web application firewalls (WAF), which are responsible for processing Hypertext Transfer Protocol requests between clients and web servers, classifying them and rejecting malicious requests. This type of (WAF) applications, for the most part, have regular expressions that correspond to general rules and allow detecting malicious requests that follow a pattern contained in them. However, due to the knowledge of these rules by attackers, it is easy to circumvent security and to impersonate a malicious request by an innocuous request. Therefore, in this article, we present a study of different models based on artificial intelligence techniques as Naïve Bayes, k‐nearest neighbors, support vector machines, and linear regression to test their effectiveness in detecting malicious requests from a synthetic dataset containing more than 100,000 requests. The results obtained show that the implementation of these methods optimize the detection of malicious requests obtaining results between 92% and 99% of success in their classification. [ABSTRACT FROM AUTHOR]
Copyright of Expert Systems is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Full text is not displayed to guests.
FullText Links:
  – Type: pdflink
Text:
  Availability: 1
Header DbId: egs
DbLabel: Engineering Source
An: 181701545
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: Artificial Intelligence Web Application Firewall for advanced detection of web injection attacks.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Román‐Gallego%2C+Jesús‐Ángel%22">Román‐Gallego, Jesús‐Ángel</searchLink><relatesTo>1</relatesTo> (AUTHOR)<i> zjarg@usal.es</i><br /><searchLink fieldCode="AR" term="%22Pérez‐Delgado%2C+María‐Luisa%22">Pérez‐Delgado, María‐Luisa</searchLink><relatesTo>1</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Viñuela%2C+Marcos+Luengo%22">Viñuela, Marcos Luengo</searchLink><relatesTo>1</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Vega‐Hernández%2C+María‐Concepción%22">Vega‐Hernández, María‐Concepción</searchLink><relatesTo>1</relatesTo> (AUTHOR)
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22Expert+Systems%22">Expert Systems</searchLink>. Jan2025, Vol. 42 Issue 1, p1-18. 18p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22HTTP+%28Computer+network+protocol%29%22">HTTP (Computer network protocol)</searchLink><br /><searchLink fieldCode="DE" term="%22Web-based+user+interfaces%22">Web-based user interfaces</searchLink><br /><searchLink fieldCode="DE" term="%22Artificial+intelligence%22">Artificial intelligence</searchLink><br /><searchLink fieldCode="DE" term="%22Support+vector+machines%22">Support vector machines</searchLink><br /><searchLink fieldCode="DE" term="%22Internet+servers%22">Internet servers</searchLink><br /><searchLink fieldCode="DE" term="%22K-nearest+neighbor+classification%22">K-nearest neighbor classification</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: Currently, web services‐based applications have an important presence in public and private organizations. The vulnerabilities that these types of applications may have pose an inherent potential risk to the business model of these organizations. These applications have the inherent risk of being used by organizations in such a way that their activity is affected and they become the main entry point for attackers who want to breach their security. The main barrier to this type of attack are web application firewalls (WAF), which are responsible for processing Hypertext Transfer Protocol requests between clients and web servers, classifying them and rejecting malicious requests. This type of (WAF) applications, for the most part, have regular expressions that correspond to general rules and allow detecting malicious requests that follow a pattern contained in them. However, due to the knowledge of these rules by attackers, it is easy to circumvent security and to impersonate a malicious request by an innocuous request. Therefore, in this article, we present a study of different models based on artificial intelligence techniques as Naïve Bayes, k‐nearest neighbors, support vector machines, and linear regression to test their effectiveness in detecting malicious requests from a synthetic dataset containing more than 100,000 requests. The results obtained show that the implementation of these methods optimize the detection of malicious requests obtaining results between 92% and 99% of success in their classification. [ABSTRACT FROM AUTHOR]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of Expert Systems is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=181701545
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1111/exsy.13505
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 18
        StartPage: 1
    Subjects:
      – SubjectFull: HTTP (Computer network protocol)
        Type: general
      – SubjectFull: Web-based user interfaces
        Type: general
      – SubjectFull: Artificial intelligence
        Type: general
      – SubjectFull: Support vector machines
        Type: general
      – SubjectFull: Internet servers
        Type: general
      – SubjectFull: K-nearest neighbor classification
        Type: general
    Titles:
      – TitleFull: Artificial Intelligence Web Application Firewall for advanced detection of web injection attacks.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Román‐Gallego, Jesús‐Ángel
      – PersonEntity:
          Name:
            NameFull: Pérez‐Delgado, María‐Luisa
      – PersonEntity:
          Name:
            NameFull: Viñuela, Marcos Luengo
      – PersonEntity:
          Name:
            NameFull: Vega‐Hernández, María‐Concepción
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 01
              Text: Jan2025
              Type: published
              Y: 2025
          Identifiers:
            – Type: issn-print
              Value: 02664720
          Numbering:
            – Type: volume
              Value: 42
            – Type: issue
              Value: 1
          Titles:
            – TitleFull: Expert Systems
              Type: main
ResultId 1