Evaluation of Open-source Web Application Firewalls for Cyber Threat Intelligence
One of the most well-known attack detection and prevention systems for web application security is the web application firewall. In this chapter, we present a study on the effectiveness of the most popular and widely used open-source web application firewalls, named AQTRONIX Webknight v4.4 and ModSe...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Buchkapitel |
| Sprache: | eng |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 48 |
|---|---|
| container_issue | |
| container_start_page | 35 |
| container_title | |
| container_volume | |
| creator | Chakir, Oumaima Sadqi, Yassine Maleh, Yassine |
| description | One of the most well-known attack detection and prevention systems for web application security is the web application firewall. In this chapter, we present a study on the effectiveness of the most popular and widely used open-source web application firewalls, named AQTRONIX Webknight v4.4 and ModSecurity v3.0.4, within the four paranoia levels of CRS v3.3.0. According to the experimental results based on the Payload All The Thing and CSIC HTTP 2010 datasets, AQTRONIX Webknight is an effective system for securing web applications against attacks, having identified all the attacks launched with a recall value of 98.5%. It has, however, produced a high false positive rate, with a value of 99.6%. Furthermore, ModSecurity capability is dependent on the PL of CRS configured. We discovered that as PL increases, so does the number of recognized assaults. Unlike the other levels, ModSecurity had a high false positive rate at level 4, with a value of 60.3%. |
| doi_str_mv | 10.1201/9781003373384-3 |
| format | Book Chapter |
| fullrecord | <record><control><sourceid>proquest_infor</sourceid><recordid>TN_cdi_proquest_ebookcentralchapters_7215899_31_66</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>EBC7215899_31_66</sourcerecordid><originalsourceid>FETCH-LOGICAL-i177t-773f64d45b09013e9666f3e70114aac256290080dfe6abf67c511ac4c1ab35ad3</originalsourceid><addsrcrecordid>eNpVkMFOwzAMhoMQCBg7c-0LFOykTdojmjaYNGlCGuIYpakLhdCUpNvE21MYl50s-9f_Sf4Yu0G4RQ54V6oCAYRQQhRZKk7Y9Ohy-rcXSgHnShVwzq5QjHkpFcoLNo3xHQB4kSsUcMme5jvjtmZofZf4Jln31KXRb4Ol5IWq5L7vXWsP8aINtDfOxaTxIZl9VxSSzVsgMyTLbiDn2lfqLF2zs8a4SNP_OWHPi_lm9piu1g_L2f0qbVGpIVVKNDKrs7yCElBQKaVsBClAzIyxPJe8BCigbkiaqpHK5ojGZhZNJXJTiwnjB24f_NeW4qCp8v7DUjcE4-yb6QcKUSuOeVGWWqCWciw9HEptNz7xafY-uFoP5tv50ATT2Tb-QqJG0L-29ZFbLfRuZI4yuPgBz_lzVw</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>book_chapter</recordtype><pqid>EBC7215899_31_66</pqid></control><display><type>book_chapter</type><title>Evaluation of Open-source Web Application Firewalls for Cyber Threat Intelligence</title><source>Ebook Central Perpetual and DDA</source><creator>Chakir, Oumaima ; Sadqi, Yassine ; Maleh, Yassine</creator><contributor>Tawalbeh, Loai ; Maleh, Yassine ; Romdhani, Imed ; Alazab, Mamoun ; Tawalbeh, Loai ; Maleh, Yassine ; Romdhani, Imed ; Alazab, Mamoun</contributor><creatorcontrib>Chakir, Oumaima ; Sadqi, Yassine ; Maleh, Yassine ; Tawalbeh, Loai ; Maleh, Yassine ; Romdhani, Imed ; Alazab, Mamoun ; Tawalbeh, Loai ; Maleh, Yassine ; Romdhani, Imed ; Alazab, Mamoun</creatorcontrib><description>One of the most well-known attack detection and prevention systems for web application security is the web application firewall. In this chapter, we present a study on the effectiveness of the most popular and widely used open-source web application firewalls, named AQTRONIX Webknight v4.4 and ModSecurity v3.0.4, within the four paranoia levels of CRS v3.3.0. According to the experimental results based on the Payload All The Thing and CSIC HTTP 2010 datasets, AQTRONIX Webknight is an effective system for securing web applications against attacks, having identified all the attacks launched with a recall value of 98.5%. It has, however, produced a high false positive rate, with a value of 99.6%. Furthermore, ModSecurity capability is dependent on the PL of CRS configured. We discovered that as PL increases, so does the number of recognized assaults. Unlike the other levels, ModSecurity had a high false positive rate at level 4, with a value of 60.3%.</description><edition>1</edition><identifier>ISBN: 9788770227780</identifier><identifier>ISBN: 8770227780</identifier><identifier>EISBN: 9781003373384</identifier><identifier>EISBN: 1003373380</identifier><identifier>EISBN: 9781000846713</identifier><identifier>EISBN: 1000846695</identifier><identifier>EISBN: 9781000846690</identifier><identifier>EISBN: 1000846717</identifier><identifier>DOI: 10.1201/9781003373384-3</identifier><identifier>OCLC: 1381096716</identifier><identifier>LCCallNum: Q335 .B54 2022</identifier><language>eng</language><publisher>United Kingdom: River Publishers</publisher><ispartof>Big Data Analytics and Intelligent Systems for Cyber Threat Intelligence, 2022, p.35-48</ispartof><rights>2022 River Publishers.</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Uhttps://ebookcentral.proquest.com/covers/7215899-l.jpg</thumbnail><link.rule.ids>779,780,784,793,27925</link.rule.ids></links><search><contributor>Tawalbeh, Loai</contributor><contributor>Maleh, Yassine</contributor><contributor>Romdhani, Imed</contributor><contributor>Alazab, Mamoun</contributor><contributor>Tawalbeh, Loai</contributor><contributor>Maleh, Yassine</contributor><contributor>Romdhani, Imed</contributor><contributor>Alazab, Mamoun</contributor><creatorcontrib>Chakir, Oumaima</creatorcontrib><creatorcontrib>Sadqi, Yassine</creatorcontrib><creatorcontrib>Maleh, Yassine</creatorcontrib><title>Evaluation of Open-source Web Application Firewalls for Cyber Threat Intelligence</title><title>Big Data Analytics and Intelligent Systems for Cyber Threat Intelligence</title><description>One of the most well-known attack detection and prevention systems for web application security is the web application firewall. In this chapter, we present a study on the effectiveness of the most popular and widely used open-source web application firewalls, named AQTRONIX Webknight v4.4 and ModSecurity v3.0.4, within the four paranoia levels of CRS v3.3.0. According to the experimental results based on the Payload All The Thing and CSIC HTTP 2010 datasets, AQTRONIX Webknight is an effective system for securing web applications against attacks, having identified all the attacks launched with a recall value of 98.5%. It has, however, produced a high false positive rate, with a value of 99.6%. Furthermore, ModSecurity capability is dependent on the PL of CRS configured. We discovered that as PL increases, so does the number of recognized assaults. Unlike the other levels, ModSecurity had a high false positive rate at level 4, with a value of 60.3%.</description><isbn>9788770227780</isbn><isbn>8770227780</isbn><isbn>9781003373384</isbn><isbn>1003373380</isbn><isbn>9781000846713</isbn><isbn>1000846695</isbn><isbn>9781000846690</isbn><isbn>1000846717</isbn><fulltext>true</fulltext><rsrctype>book_chapter</rsrctype><creationdate>2022</creationdate><recordtype>book_chapter</recordtype><recordid>eNpVkMFOwzAMhoMQCBg7c-0LFOykTdojmjaYNGlCGuIYpakLhdCUpNvE21MYl50s-9f_Sf4Yu0G4RQ54V6oCAYRQQhRZKk7Y9Ohy-rcXSgHnShVwzq5QjHkpFcoLNo3xHQB4kSsUcMme5jvjtmZofZf4Jln31KXRb4Ol5IWq5L7vXWsP8aINtDfOxaTxIZl9VxSSzVsgMyTLbiDn2lfqLF2zs8a4SNP_OWHPi_lm9piu1g_L2f0qbVGpIVVKNDKrs7yCElBQKaVsBClAzIyxPJe8BCigbkiaqpHK5ojGZhZNJXJTiwnjB24f_NeW4qCp8v7DUjcE4-yb6QcKUSuOeVGWWqCWciw9HEptNz7xafY-uFoP5tv50ATT2Tb-QqJG0L-29ZFbLfRuZI4yuPgBz_lzVw</recordid><startdate>2022</startdate><enddate>2022</enddate><creator>Chakir, Oumaima</creator><creator>Sadqi, Yassine</creator><creator>Maleh, Yassine</creator><general>River Publishers</general><scope>FFUUA</scope></search><sort><creationdate>2022</creationdate><title>Evaluation of Open-source Web Application Firewalls for Cyber Threat Intelligence</title><author>Chakir, Oumaima ; Sadqi, Yassine ; Maleh, Yassine</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i177t-773f64d45b09013e9666f3e70114aac256290080dfe6abf67c511ac4c1ab35ad3</frbrgroupid><rsrctype>book_chapters</rsrctype><prefilter>book_chapters</prefilter><language>eng</language><creationdate>2022</creationdate><toplevel>online_resources</toplevel><creatorcontrib>Chakir, Oumaima</creatorcontrib><creatorcontrib>Sadqi, Yassine</creatorcontrib><creatorcontrib>Maleh, Yassine</creatorcontrib><collection>ProQuest Ebook Central - Book Chapters - Demo use only</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Chakir, Oumaima</au><au>Sadqi, Yassine</au><au>Maleh, Yassine</au><au>Tawalbeh, Loai</au><au>Maleh, Yassine</au><au>Romdhani, Imed</au><au>Alazab, Mamoun</au><au>Tawalbeh, Loai</au><au>Maleh, Yassine</au><au>Romdhani, Imed</au><au>Alazab, Mamoun</au><format>book</format><genre>bookitem</genre><ristype>CHAP</ristype><atitle>Evaluation of Open-source Web Application Firewalls for Cyber Threat Intelligence</atitle><btitle>Big Data Analytics and Intelligent Systems for Cyber Threat Intelligence</btitle><date>2022</date><risdate>2022</risdate><spage>35</spage><epage>48</epage><pages>35-48</pages><isbn>9788770227780</isbn><isbn>8770227780</isbn><eisbn>9781003373384</eisbn><eisbn>1003373380</eisbn><eisbn>9781000846713</eisbn><eisbn>1000846695</eisbn><eisbn>9781000846690</eisbn><eisbn>1000846717</eisbn><abstract>One of the most well-known attack detection and prevention systems for web application security is the web application firewall. In this chapter, we present a study on the effectiveness of the most popular and widely used open-source web application firewalls, named AQTRONIX Webknight v4.4 and ModSecurity v3.0.4, within the four paranoia levels of CRS v3.3.0. According to the experimental results based on the Payload All The Thing and CSIC HTTP 2010 datasets, AQTRONIX Webknight is an effective system for securing web applications against attacks, having identified all the attacks launched with a recall value of 98.5%. It has, however, produced a high false positive rate, with a value of 99.6%. Furthermore, ModSecurity capability is dependent on the PL of CRS configured. We discovered that as PL increases, so does the number of recognized assaults. Unlike the other levels, ModSecurity had a high false positive rate at level 4, with a value of 60.3%.</abstract><cop>United Kingdom</cop><pub>River Publishers</pub><doi>10.1201/9781003373384-3</doi><oclcid>1381096716</oclcid><tpages>14</tpages><edition>1</edition></addata></record> |
| fulltext | fulltext |
| identifier | ISBN: 9788770227780 |
| ispartof | Big Data Analytics and Intelligent Systems for Cyber Threat Intelligence, 2022, p.35-48 |
| issn | |
| language | eng |
| recordid | cdi_proquest_ebookcentralchapters_7215899_31_66 |
| source | Ebook Central Perpetual and DDA |
| title | Evaluation of Open-source Web Application Firewalls for Cyber Threat Intelligence |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-04T15%3A19%3A22IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_infor&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=bookitem&rft.atitle=Evaluation%20of%20Open-source%20Web%20Application%20Firewalls%20for%20Cyber%20Threat%20Intelligence&rft.btitle=Big%20Data%20Analytics%20and%20Intelligent%20Systems%20for%20Cyber%20Threat%20Intelligence&rft.au=Chakir,%20Oumaima&rft.date=2022&rft.spage=35&rft.epage=48&rft.pages=35-48&rft.isbn=9788770227780&rft.isbn_list=8770227780&rft_id=info:doi/10.1201/9781003373384-3&rft_dat=%3Cproquest_infor%3EEBC7215899_31_66%3C/proquest_infor%3E%3Curl%3E%3C/url%3E&rft.eisbn=9781003373384&rft.eisbn_list=1003373380&rft.eisbn_list=9781000846713&rft.eisbn_list=1000846695&rft.eisbn_list=9781000846690&rft.eisbn_list=1000846717&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=EBC7215899_31_66&rft_id=info:pmid/&rfr_iscdi=true |