Design of Realtime Web Application Firewall on Deep Learning-Based to Improve Web Application Security

Authors

DOI:

10.29303/jppipa.v10i12.8346

Published:

2025-01-02

Issue:

Vol. 10 No. 12 (2024): December

Keywords:

Cybersecurity, Deep learning, Web application firewall (WAF), Web attack detection, Web vulnerabilities

Research Articles

Downloads

How to Cite

Muttaqin, R. Z., & Sudiana, D. (2025). Design of Realtime Web Application Firewall on Deep Learning-Based to Improve Web Application Security. Jurnal Penelitian Pendidikan IPA, 10(12), 11121–11129. https://doi.org/10.29303/jppipa.v10i12.8346

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

Abstract

Web applications are widely used nowadays, but comprises several vulnerabilities that are often used by attacker to exploit the system. There is web application firewall (WAF) that could mitigate these problem. WAF generally works based on pre-established rules. However, the weakness of this system is the evolving nature of attacks, and configuring rules on WAF requires in-depth knowledge related to existing applications. Artificial intelligence technology, both machine learning (ML) and deep learning (DL), shows good potential in recognizing types of attacks. In this research, a Real-time DL-based WAF was built to enhance security in web applications. Various ML and DL models were tested to perform the task of web attack detection, including Support Vector Machine (SVM), Random Forest (RF), Convolutional Neural Network (CNN), and Long Short-Term Memory (LSTM). Based on the test results, the CNN-LSTM model achieved the highest performance, namely an accuracy of 98.61%, precision of 99%, recall of 98.08%, and f1-score of 98.54%. From the testing results with a web vulnerability scanner, the performance of the DL-based WAF is not inferior to ModSecurity WAF, which is used as a comparison. From the analysis results, it can be concluded that the implementation of DL-based WAF can improve the security of web applications.

References

Alaoui, R. L., & Nfaoui, E. H. (2022). Deep Learning for Vulnerability and Attack Detection on Web Applications: A Systematic Literature Review. Future Internet, 14(4), 118. https://doi.org/10.3390/fi14040118

Alazmi, S., & De Leon, D. C. (2022). A Systematic Literature Review on the Characteristics and Effectiveness of Web Application Vulnerability Scanners. IEEE Access, 10, 33200–33219. https://doi.org/10.1109/ACCESS.2022.3161522

Althubiti, S., Nick, W., Mason, J., Yuan, X., & Esterline, A. (2018). Applying Long Short-Term Memory Recurrent Neural Network for Intrusion Detection. Conference Proceedings - IEEE SOUTHEASTCON. https://doi.org/10.1109/SECON.2018.8478898

Altulaihan, E. A., Alismail, A., & Frikha, M. (2023). A Survey on Web Application Penetration Testing. In Electronics (Switzerland) (Vol. 12, Issue 5). https://doi.org/10.3390/electronics12051229

Applebaum, S., Gaber, T., & Ahmed, A. (2021). Signature-based and Machine-Learning-based Web Application Firewalls: A Short Survey. Procedia CIRP, 189. https://doi.org/10.1016/j.procs.2021.05.105

Aswal, K., Rajmohan, A., Mukund, S., Panicker, V. J., & Dhivvya, J. P. (2021). Kavach: A Machine Learning based approach for enhancing the attack detection capability of firewalls. 2021 12th International Conference on Computing Communication and Networking Technologies (ICCCNT), 1–5. https://doi.org/10.1109/ICCCNT51525.2021.9579836

Aydos, M., Aldan, Ç., Coşkun, E., & Soydan, A. (2022). Security testing of web applications: A systematic mapping of the literature. In Journal of King Saud University - Computer and Information Sciences (Vol. 34, Issue 9). https://doi.org/10.1016/j.jksuci.2021.09.018

Clincy, V., & Shahriar, H. (2018). Web Application Firewall: Network Security Models and Configuration. 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), 01, 835–836. https://doi.org/10.1109/COMPSAC.2018.00144

Dawadi, B. R., Adhikari, B., & Srivastava, D. K. (2023). Deep Learning Technique-Enabled Web Application Firewall for the Detection of Web Attacks. Sensors, 23(4), 2073. https://doi.org/10.3390/S23042073

Demirel, D. Y., & Sandikkaya, M. T. (2023). Web Based Anomaly Detection Using Zero-Shot Learning With CNN. IEEE Access, 11, 91511–91525. https://doi.org/10.1109/ACCESS.2023.3303845

Díaz-Verdejo, J. E., Estepa Alonso, R., Estepa Alonso, A., & Madinabeitia, G. (2023). A critical review of the techniques used for anomaly detection of HTTP-based attacks: taxonomy, limitations and open challenges. Computers & Security, 124, 102997. https://doi.org/10.1016/j.cose.2022.102997

Eunaicy, C., & Suguna, S. (2022). Web attack detection using deep learning models. Materials Today: Proceedings, 62. https://doi.org/10.1016/j.matpr.2022.03.348

Hashmi, E., Yayilgan, S. Y., Yamin, M. M., Ali, S., & Abomhara, M. (2024). Advancing Fake News Detection: Hybrid Deep Learning With FastText and Explainable AI. IEEE Access, 12(March), 44462–44480. https://doi.org/10.1109/ACCESS.2024.3381038

Ioannou, C., & Vassiliou, V. (2019). Classifying Security Attacks in IoT Networks Using Supervised Learning. 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), 652–658. https://doi.org/10.1109/DCOSS.2019.00118

Ioannou, C., & Vassiliou, V. (2020). Experimentation with Local Intrusion Detection in IoT Networks Using Supervised Learning. 2020 16th International Conference on Distributed Computing in Sensor Systems (DCOSS), 423–428. https://doi.org/10.1109/DCOSS49796.2020.00073

Jemal, I., Haddar, M. A., Cheikhrouhou, O., & Mahfoudhi, A. (2021). Performance evaluation of Convolutional Neural Network for web security. Computer Communications, 175, 58–67. https://doi.org/10.1016/j.comcom.2021.04.029

Khamdamov, R. K., Kerimov, K. F., & Ibrahimov, J. O. (2019). Method of developing a web-application firewall. Journal of Automation and Information Sciences, 51(6). https://doi.org/10.1615/JAutomatInfScien.v51.i6.60

Kim, A., Park, M., & Lee, D. H. (2020). AI-IDS: Application of Deep Learning to Real-Time Web Intrusion Detection. IEEE Access, 8, 70245–70261. https://doi.org/10.1109/ACCESS.2020.2986882

Kresna, A. I., & Rosmansyah, Y. (2018). Web Server Farm Design Using Personal Computer (PC) Desktop. International Conferences on Information Technologies and Electrical Engineering, 106–111. https://doi.org/10.1109/ICITEED.2018.8534920

Krishnan, S., Neyaz, A., & Liu, Q. (2021). IoT Network Attack Detection using Supervised Machine Learning. International Journal of Artificial Intelligence and Expert Systems (IJAE), 10, 18–32. Retrieved from https://www.cscjournals.org/manuscript/Journals/IJAE/Volume10/Issue2/IJAE-201.pdf

Li, Z., Zou, D., Xu, S., Jin, H., Zhu, Y., & Chen, Z. (2022). SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities. IEEE Transactions on Dependable and Secure Computing, 19(4), 2244–2258. https://doi.org/10.1109/TDSC.2021.3051525

Luxemburk, J., Hynek, K., & Cejka, T. (2021). Detection of HTTPS Brute-Force Attacks with Packet-Level Feature Set. 2021 IEEE 11th Annual Computing and Communication Workshop and Conference, CCWC 2021, 114–122. https://doi.org/10.1109/CCWC51732.2021.9375998

Mac, H., Truong, D., Nguyen, L., Nguyen, H., Tran, H. A., & Tran, D. (2018). Detecting Attacks on Web Applications using Autoencoder. Symposium on Information and Communication Technology, 416–421. https://doi.org/10.1145/3287921.3287946

Muzaki, R. A., Briliyant, O. C., Hasditama, M. A., & Ritchi, H. (2020). Improving Security of Web-Based Application Using ModSecurity and Reverse Proxy in Web Application Firewall. 2020 International Workshop on Big Data and Information Security, IWBIS 2020, 85–90. https://doi.org/10.1109/IWBIS50925.2020.9255601

Paleyes, A., Urma, R. G., & Lawrence, N. D. (2022). Challenges in Deploying Machine Learning: A Survey of Case Studies. ACM Computing Surveys, 55(6). https://doi.org/10.1145/3533378

Priyanka, A. K., & Smruthi, S. S. (2020). WebApplication Vulnerabilities:Exploitation and Prevention. Proceedings of the 2nd International Conference on Inventive Research in Computing Applications, ICIRCA 2020. https://doi.org/10.1109/ICIRCA48905.2020.9182928

Ramezany, S., Setthawong, R., & Tanprasert, T. (2022). A Machine Learning-based Malicious Payload Detection and Classification Framework for New Web Attacks. 19th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology, ECTI-CON 2022. https://doi.org/10.1109/ECTI-CON54298.2022.9795455

Rani, D., & Kaushal, N. C. (2020). Supervised Machine Learning Based Network Intrusion Detection System for Internet of Things. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT), 1–7. https://doi.org/10.1109/ICCCNT49239.2020.9225340

Rolnick, D., Donti, P. L., Kaack, L. H., Kochanski, K., Lacoste, A., Sankaran, K., Ross, A. S., Milojevic-Dupont, N., Jaques, N., Waldman-Brown, A., Luccioni, A. S., Maharaj, T., Sherwin, E. D., Mukkavilli, S. K., Kording, K. P., Gomes, C. P., Ng, A. Y., Hassabis, D., Platt, J. C., … Bengio, Y. (2023). Tackling Climate Change with Machine Learning. In ACM Computing Surveys (Vol. 55, Issue 2). https://doi.org/10.1145/3485128

Roscher, R., Bohn, B., Duarte, M. F., & Garcke, J. (2020). Explainable Machine Learning for Scientific Insights and Discoveries. IEEE Access, 8. https://doi.org/10.1109/ACCESS.2020.2976199

Salam, A., Ullah, F., Amin, F., & Abrar, M. (2023). Deep Learning Techniques for Web-Based Attack Detection in Industry 5.0: A Novel Approach. Technologies, 11(4), 107. https://doi.org/10.3390/technologies11040107

Seyyar, Y. E., Yavuz, A. G., & Ünver, H. M. (2022). An Attack Detection Framework Based on BERT and Deep Learning. IEEE Access, 10, 68633–68644. https://doi.org/10.1109/ACCESS.2022.3185748

Topuz, K., Bajaj, A., & Abdulrashid, I. (2023). Interpretable Machine Learning. Proceedings of the Annual Hawaii International Conference on System Sciences, 2023-Janua. https://doi.org/10.1201/9780367816377-16

Ullah, F., Javaid, Q., Salam, A., Ahmad, M., Sarwar, N., Shah, D., & Abrar, M. (2020). Modified Decision Tree Technique for Ransomware Detection at Runtime through API Calls. Scientific Programming, 2020(1), 8845833. https://doi.org/10.1155/2020/8845833

Ullah, F., Salam, A., Abrar, M., Ahmad, M., Ullah, F., Khan, A., Alharbi, A., & Alosaimi, W. (2022). Machine health surveillance system by using deep learning sparse autoencoder. Soft Computing, 26(16), 7737–7750. https://doi.org/10.1007/S00500-022-06755-Z/METRICS

Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A. N., Kaiser, Ł., & Polosukhin, I. (2017). Attention Is All You Need. Advances in Neural Information Processing Systems, 5999–6009. Retrieved from https://papers.nips.cc/paper_files/paper/2017/hash/3f5ee243547dee91fbd053c1c4a845aa-Abstract.html

Verbraeken, J., Wolting, M., Katzy, J., Kloppenburg, J., Verbelen, T., & Rellermeyer, J. S. (2020). A Survey on Distributed Machine Learning. In ACM Computing Surveys (Vol. 53, Issue 2). https://doi.org/10.1145/3377454

Yin, X., Zhu, Y., & Hu, J. (2021). A Comprehensive Survey of Privacy-preserving Federated Learning. ACM Computing Surveys (CSUR), 54(6). https://doi.org/10.1145/3460427

Author Biographies

Rofif Zainul Muttaqin, University of Indonesia

Dodi Sudiana, University of Indonesia.

License

Copyright (c) 2024 Rofif Zainul Muttaqin, Dodi Sudiana

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with Jurnal Penelitian Pendidikan IPA, agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution 4.0 International License (CC-BY License). This license allows authors to use all articles, data sets, graphics, and appendices in data mining applications, search engines, web sites, blogs, and other platforms by providing an appropriate reference. The journal allows the author(s) to hold the copyright without restrictions and will retain publishing rights without restrictions.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in Jurnal Penelitian Pendidikan IPA.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).