暂无分享,去创建一个
Modern overlay security mechanisms like Web Application Firewalls (WAF) suffer from inability to recognize custom high-level application logic and data objects, which results in low accuracy, high false positives rates, and overhelming manual effort for fine tuning. In this paper we propose an approach to web application modeling for security purposes that could help next-generation WAFs to adapt to specific web applications, and do it automatically whenever possible. We aim at creating multi-layer models that adequately simulate various aspects of web application functionality that are significant for intrusion detection and prevention, including request parsing and routing, reconstruction of actions and data objects, and action interdependencies.
[1] George Noseevich,et al. Detecting Insufficient Access Control in Web Applications , 2011, 2011 First SysSec Workshop.
[2] Konrad Rieck,et al. TokDoc: a self-healing web application firewall , 2010, SAC '10.