A study of web application firewall solutions

Prandl, S.; Lazarescu, Mihai; Pham, DucSon

doi:10.1007/978-3-319-26961-0_29

Access Status

Fulltext not available

Authors

Prandl, S.

Lazarescu, Mihai

Pham, DucSon

Date

2015

Type

Conference Paper

Metadata

Show full item record

Citation

Prandl, S. and Lazarescu, M. and Pham, D. 2015. A study of web application firewall solutions, in Proceedings of the 11th International Conference of Information Security Systems (ICISS), Dec 16-20 2015, pp. 501-510. Kolkata, India: ISS.

Source Title

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

DOI

10.1007/978-3-319-26961-0_29

ISBN

9783319269603

School

Department of Computing

URI

http://hdl.handle.net/20.500.11937/29622

Collection

Curtin Research Publications

Abstract

Web application firewalls (WAFs) are the primary front-end protection mechanism for Internet-based infrastructure which is constantly under attack. This paper therefore aims to provide more insights into the performance of the most popular open-source WAFs, including ModSecurity, WebKnight, and Guardian, which we hope will complement existing knowledge. The key contribution of this work is an in-depth approach for conducting such a study. Specifically, we combine three testing frameworks: the Imperva’s proprietary benchmark, a generic benchmark using both FuzzDB and Burp test-beds, and testing for common vulnerabilities and exposures (CVE) known exploits. Our experiments show that open source WAFs are not yet totally reliable for protecting web applications despite many advances in the field. ModSecurity appears to be the most balanced open-source solution.