Moving towards positive security model for web application firewall


Yaacob, Asrul Hadi and Roslee, Mardeni and Ahmad, Nurul Nadia and Ahmad, Nazrul Muhaimin (2012) Moving towards positive security model for web application firewall. WASET International Science Index, 6 (12). pp. 1579-1584. ISSN 2010-376X

[img] Text
Restricted to Repository staff only

Download (334kB)


The proliferation of web application and the pervasiveness of mobile technology make web-based attacks even more attractive and even easier to launch. Web Application Firewall (WAF) is an intermediate tool between web server and users that provides comprehensive protection for web application. WAF is a negative security model where the detection and prevention mechanisms are based on predefined or user-defined attack signatures and patterns. However, WAF alone is not adequate to offer best defensive system against web vulnerabilities that are increasing in number and complexity daily. This paper presents a methodology to automatically design a positive security based model which identifies and allows only legitimate web queries. The paper shows a true positive rate of more than 90% can be achieved.

Item Type: Article
Additional Information: Yaacob, A. , Ahmad, N. , Ahmad, N. , Roslee, M. (2012). 'Moving Towards Positive Security Model For Web Application Firewall'. World Academy of Science, Engineering and Technology, International Science Index 72, 6(12), 0 - 1603.
Subjects: Q Science > Q Science (General)
Divisions: Faculty of Information Science and Technology (FIST)
Faculty of Engineering (FOE)
Depositing User: Ms Rosnani Abd Wahab
Date Deposited: 09 Jan 2014 04:55
Last Modified: 27 Apr 2015 07:52


Downloads per month over past year

View ItemEdit (login required)