Design of Realtime Web Application Firewall on Deep Learning-Based to Improve Web Application Security
DOI:
10.29303/jppipa.v10i12.8346Published:
2025-01-02Downloads
Abstract
Web applications are widely used nowadays, but comprises several vulnerabilities that are often used by attacker to exploit the system. There is web application firewall (WAF) that could mitigate these problem. WAF generally works based on pre-established rules. However, the weakness of this system is the evolving nature of attacks, and configuring rules on WAF requires in-depth knowledge related to existing applications. Artificial intelligence technology, both machine learning (ML) and deep learning (DL), shows good potential in recognizing types of attacks. In this research, a Real-time DL-based WAF was built to enhance security in web applications. Various ML and DL models were tested to perform the task of web attack detection, including Support Vector Machine (SVM), Random Forest (RF), Convolutional Neural Network (CNN), and Long Short-Term Memory (LSTM). Based on the test results, the CNN-LSTM model achieved the highest performance, namely an accuracy of 98.61%, precision of 99%, recall of 98.08%, and f1-score of 98.54%. From the testing results with a web vulnerability scanner, the performance of the DL-based WAF is not inferior to ModSecurity WAF, which is used as a comparison. From the analysis results, it can be concluded that the implementation of DL-based WAF can improve the security of web applications.
Keywords:
Cybersecurity Deep learning Web application firewall (WAF) Web attack detection Web vulnerabilitiesReferences
Alaoui, R. L., & Nfaoui, E. H. (2022). Deep Learning for Vulnerability and Attack Detection on Web Applications: A Systematic Literature Review. Future Internet, 14(4), 118. https://doi.org/10.3390/fi14040118
Alazmi, S., & De Leon, D. C. (2022). A Systematic Literature Review on the Characteristics and Effectiveness of Web Application Vulnerability Scanners. IEEE Access, 10, 33200–33219. https://doi.org/10.1109/ACCESS.2022.3161522
Althubiti, S., Nick, W., Mason, J., Yuan, X., & Esterline, A. (2018). Applying Long Short-Term Memory Recurrent Neural Network for Intrusion Detection. Conference Proceedings - IEEE SOUTHEASTCON. https://doi.org/10.1109/SECON.2018.8478898
Altulaihan, E. A., Alismail, A., & Frikha, M. (2023). A Survey on Web Application Penetration Testing. In Electronics (Switzerland) (Vol. 12, Issue 5). https://doi.org/10.3390/electronics12051229
Applebaum, S., Gaber, T., & Ahmed, A. (2021). Signature-based and Machine-Learning-based Web Application Firewalls: A Short Survey. Procedia CIRP, 189. https://doi.org/10.1016/j.procs.2021.05.105
Aswal, K., Rajmohan, A., Mukund, S., Panicker, V. J., & Dhivvya, J. P. (2021). Kavach: A Machine Learning based approach for enhancing the attack detection capability of firewalls. 2021 12th International Conference on Computing Communication and Networking Technologies (ICCCNT), 1–5. https://doi.org/10.1109/ICCCNT51525.2021.9579836
Aydos, M., Aldan, Ç., Coşkun, E., & Soydan, A. (2022). Security testing of web applications: A systematic mapping of the literature. In Journal of King Saud University - Computer and Information Sciences (Vol. 34, Issue 9). https://doi.org/10.1016/j.jksuci.2021.09.018
Clincy, V., & Shahriar, H. (2018). Web Application Firewall: Network Security Models and Configuration. 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), 01, 835–836. https://doi.org/10.1109/COMPSAC.2018.00144
Dawadi, B. R., Adhikari, B., & Srivastava, D. K. (2023). Deep Learning Technique-Enabled Web Application Firewall for the Detection of Web Attacks. Sensors, 23(4), 2073. https://doi.org/10.3390/S23042073
Demirel, D. Y., & Sandikkaya, M. T. (2023). Web Based Anomaly Detection Using Zero-Shot Learning With CNN. IEEE Access, 11, 91511–91525. https://doi.org/10.1109/ACCESS.2023.3303845
Díaz-Verdejo, J. E., Estepa Alonso, R., Estepa Alonso, A., & Madinabeitia, G. (2023). A critical review of the techniques used for anomaly detection of HTTP-based attacks: taxonomy, limitations and open challenges. Computers & Security, 124, 102997. https://doi.org/10.1016/j.cose.2022.102997
Eunaicy, C., & Suguna, S. (2022). Web attack detection using deep learning models. Materials Today: Proceedings, 62. https://doi.org/10.1016/j.matpr.2022.03.348
Hashmi, E., Yayilgan, S. Y., Yamin, M. M., Ali, S., & Abomhara, M. (2024). Advancing Fake News Detection: Hybrid Deep Learning With FastText and Explainable AI. IEEE Access, 12(March), 44462–44480. https://doi.org/10.1109/ACCESS.2024.3381038
Ioannou, C., & Vassiliou, V. (2019). Classifying Security Attacks in IoT Networks Using Supervised Learning. 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), 652–658. https://doi.org/10.1109/DCOSS.2019.00118
Ioannou, C., & Vassiliou, V. (2020). Experimentation with Local Intrusion Detection in IoT Networks Using Supervised Learning. 2020 16th International Conference on Distributed Computing in Sensor Systems (DCOSS), 423–428. https://doi.org/10.1109/DCOSS49796.2020.00073
Jemal, I., Haddar, M. A., Cheikhrouhou, O., & Mahfoudhi, A. (2021). Performance evaluation of Convolutional Neural Network for web security. Computer Communications, 175, 58–67. https://doi.org/10.1016/j.comcom.2021.04.029
Khamdamov, R. K., Kerimov, K. F., & Ibrahimov, J. O. (2019). Method of developing a web-application firewall. Journal of Automation and Information Sciences, 51(6). https://doi.org/10.1615/JAutomatInfScien.v51.i6.60
Kim, A., Park, M., & Lee, D. H. (2020). AI-IDS: Application of Deep Learning to Real-Time Web Intrusion Detection. IEEE Access, 8, 70245–70261. https://doi.org/10.1109/ACCESS.2020.2986882
Kresna, A. I., & Rosmansyah, Y. (2018). Web Server Farm Design Using Personal Computer (PC) Desktop. International Conferences on Information Technologies and Electrical Engineering, 106–111. https://doi.org/10.1109/ICITEED.2018.8534920
Krishnan, S., Neyaz, A., & Liu, Q. (2021). IoT Network Attack Detection using Supervised Machine Learning. International Journal of Artificial Intelligence and Expert Systems (IJAE), 10, 18–32. Retrieved from https://www.cscjournals.org/manuscript/Journals/IJAE/Volume10/Issue2/IJAE-201.pdf
Li, Z., Zou, D., Xu, S., Jin, H., Zhu, Y., & Chen, Z. (2022). SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities. IEEE Transactions on Dependable and Secure Computing, 19(4), 2244–2258. https://doi.org/10.1109/TDSC.2021.3051525
Luxemburk, J., Hynek, K., & Cejka, T. (2021). Detection of HTTPS Brute-Force Attacks with Packet-Level Feature Set. 2021 IEEE 11th Annual Computing and Communication Workshop and Conference, CCWC 2021, 114–122. https://doi.org/10.1109/CCWC51732.2021.9375998
Mac, H., Truong, D., Nguyen, L., Nguyen, H., Tran, H. A., & Tran, D. (2018). Detecting Attacks on Web Applications using Autoencoder. Symposium on Information and Communication Technology, 416–421. https://doi.org/10.1145/3287921.3287946
Muzaki, R. A., Briliyant, O. C., Hasditama, M. A., & Ritchi, H. (2020). Improving Security of Web-Based Application Using ModSecurity and Reverse Proxy in Web Application Firewall. 2020 International Workshop on Big Data and Information Security, IWBIS 2020, 85–90. https://doi.org/10.1109/IWBIS50925.2020.9255601
Paleyes, A., Urma, R. G., & Lawrence, N. D. (2022). Challenges in Deploying Machine Learning: A Survey of Case Studies. ACM Computing Surveys, 55(6). https://doi.org/10.1145/3533378
Priyanka, A. K., & Smruthi, S. S. (2020). WebApplication Vulnerabilities:Exploitation and Prevention. Proceedings of the 2nd International Conference on Inventive Research in Computing Applications, ICIRCA 2020. https://doi.org/10.1109/ICIRCA48905.2020.9182928
Ramezany, S., Setthawong, R., & Tanprasert, T. (2022). A Machine Learning-based Malicious Payload Detection and Classification Framework for New Web Attacks. 19th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology, ECTI-CON 2022. https://doi.org/10.1109/ECTI-CON54298.2022.9795455
Rani, D., & Kaushal, N. C. (2020). Supervised Machine Learning Based Network Intrusion Detection System for Internet of Things. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT), 1–7. https://doi.org/10.1109/ICCCNT49239.2020.9225340
Rolnick, D., Donti, P. L., Kaack, L. H., Kochanski, K., Lacoste, A., Sankaran, K., Ross, A. S., Milojevic-Dupont, N., Jaques, N., Waldman-Brown, A., Luccioni, A. S., Maharaj, T., Sherwin, E. D., Mukkavilli, S. K., Kording, K. P., Gomes, C. P., Ng, A. Y., Hassabis, D., Platt, J. C., … Bengio, Y. (2023). Tackling Climate Change with Machine Learning. In ACM Computing Surveys (Vol. 55, Issue 2). https://doi.org/10.1145/3485128
Roscher, R., Bohn, B., Duarte, M. F., & Garcke, J. (2020). Explainable Machine Learning for Scientific Insights and Discoveries. IEEE Access, 8. https://doi.org/10.1109/ACCESS.2020.2976199
Salam, A., Ullah, F., Amin, F., & Abrar, M. (2023). Deep Learning Techniques for Web-Based Attack Detection in Industry 5.0: A Novel Approach. Technologies, 11(4), 107. https://doi.org/10.3390/technologies11040107
Seyyar, Y. E., Yavuz, A. G., & Ünver, H. M. (2022). An Attack Detection Framework Based on BERT and Deep Learning. IEEE Access, 10, 68633–68644. https://doi.org/10.1109/ACCESS.2022.3185748
Topuz, K., Bajaj, A., & Abdulrashid, I. (2023). Interpretable Machine Learning. Proceedings of the Annual Hawaii International Conference on System Sciences, 2023-Janua. https://doi.org/10.1201/9780367816377-16
Ullah, F., Javaid, Q., Salam, A., Ahmad, M., Sarwar, N., Shah, D., & Abrar, M. (2020). Modified Decision Tree Technique for Ransomware Detection at Runtime through API Calls. Scientific Programming, 2020(1), 8845833. https://doi.org/10.1155/2020/8845833
Ullah, F., Salam, A., Abrar, M., Ahmad, M., Ullah, F., Khan, A., Alharbi, A., & Alosaimi, W. (2022). Machine health surveillance system by using deep learning sparse autoencoder. Soft Computing, 26(16), 7737–7750. https://doi.org/10.1007/S00500-022-06755-Z/METRICS
Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A. N., Kaiser, Ł., & Polosukhin, I. (2017). Attention Is All You Need. Advances in Neural Information Processing Systems, 5999–6009. Retrieved from https://papers.nips.cc/paper_files/paper/2017/hash/3f5ee243547dee91fbd053c1c4a845aa-Abstract.html
Verbraeken, J., Wolting, M., Katzy, J., Kloppenburg, J., Verbelen, T., & Rellermeyer, J. S. (2020). A Survey on Distributed Machine Learning. In ACM Computing Surveys (Vol. 53, Issue 2). https://doi.org/10.1145/3377454
Yin, X., Zhu, Y., & Hu, J. (2021). A Comprehensive Survey of Privacy-preserving Federated Learning. ACM Computing Surveys (CSUR), 54(6). https://doi.org/10.1145/3460427
License
Copyright (c) 2024 Rofif Zainul Muttaqin, Dodi Sudiana
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with Jurnal Penelitian Pendidikan IPA, agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution 4.0 International License (CC-BY License). This license allows authors to use all articles, data sets, graphics, and appendices in data mining applications, search engines, web sites, blogs, and other platforms by providing an appropriate reference. The journal allows the author(s) to hold the copyright without restrictions and will retain publishing rights without restrictions.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in Jurnal Penelitian Pendidikan IPA.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
