Curtin University Homepage
  • Library
  • Help
    • Admin

    espace - Curtin’s institutional repository

    JavaScript is disabled for your browser. Some features of this site may not work without it.
    View Item 
    • espace Home
    • espace
    • Curtin Research Publications
    • View Item
    • espace Home
    • espace
    • Curtin Research Publications
    • View Item

    A study of web application firewall solutions

    Access Status
    Fulltext not available
    Authors
    Prandl, S.
    Lazarescu, Mihai
    Pham, DucSon
    Date
    2015
    Type
    Conference Paper
    
    Metadata
    Show full item record
    Citation
    Prandl, S. and Lazarescu, M. and Pham, D. 2015. A study of web application firewall solutions, in Proceedings of the 11th International Conference of Information Security Systems (ICISS), Dec 16-20 2015, pp. 501-510. Kolkata, India: ISS.
    Source Title
    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    DOI
    10.1007/978-3-319-26961-0_29
    ISBN
    9783319269603
    School
    Department of Computing
    URI
    http://hdl.handle.net/20.500.11937/29622
    Collection
    • Curtin Research Publications
    Abstract

    Web application firewalls (WAFs) are the primary front-end protection mechanism for Internet-based infrastructure which is constantly under attack. This paper therefore aims to provide more insights into the performance of the most popular open-source WAFs, including ModSecurity, WebKnight, and Guardian, which we hope will complement existing knowledge. The key contribution of this work is an in-depth approach for conducting such a study. Specifically, we combine three testing frameworks: the Imperva’s proprietary benchmark, a generic benchmark using both FuzzDB and Burp test-beds, and testing for common vulnerabilities and exposures (CVE) known exploits. Our experiments show that open source WAFs are not yet totally reliable for protecting web applications despite many advances in the field. ModSecurity appears to be the most balanced open-source solution.

    Advanced search

    Browse

    Communities & CollectionsIssue DateAuthorTitleSubjectDocument TypeThis CollectionIssue DateAuthorTitleSubjectDocument Type

    My Account

    Admin

    Statistics

    Most Popular ItemsStatistics by CountryMost Popular Authors

    Follow Curtin

    • 
    • 
    • 
    • 
    • 

    CRICOS Provider Code: 00301JABN: 99 143 842 569TEQSA: PRV12158

    Copyright | Disclaimer | Privacy statement | Accessibility

    Curtin would like to pay respect to the Aboriginal and Torres Strait Islander members of our community by acknowledging the traditional owners of the land on which the Perth campus is located, the Whadjuk people of the Nyungar Nation; and on our Kalgoorlie campus, the Wongutha people of the North-Eastern Goldfields.