Control of Web Traffic Using Web Application Firewall : Techniques and Challenges

Authors

  • T. Lalitha Kumari  Research Scholar, Department of Computer Science, Chaitanya Deemed to be University, Warangal, Telangana, India
  • Prof. A. Ramesh Babu  Professor, Department of Computer Science, Chaitanya Deemed to be University, Warangal, Telangana, India

DOI:

https://doi.org/10.32628/IJSRST523102130

Keywords:

Web Application Firewalls, cross-site scripting, whitelisting, blacklisting, rate limiting, and protection

Abstract

The increasing complexity and sophistication of web-based applications have made them vulnerable to various security threats. Web Application Firewalls (WAFs) have emerged as an essential security measure to protect web applications from common attacks such as SQL injection, cross-site scripting (XSS), and others. This research paper explores the techniques and challenges involved in controlling web traffic using a Web Application Firewall. The paper discusses the working principles of WAFs, the various methods employed to analyze and filter web traffic, and the effectiveness of these techniques in mitigating different types of attacks. Additionally, the paper highlights the challenges faced in deploying and managing WAFs and provides insights into potential future developments in the field. This research paper delves into the techniques and challenges associated with controlling web traffic using a Web Application Firewall. It explores the fundamental principles of WAFs, including signature-based filtering, behavior-based analysis, whitelisting, blacklisting, rate limiting, and protection against common vulnerabilities. The paper evaluates the effectiveness of these techniques in mitigating various attacks and highlights the challenges involved in deploying and managing WAFs, such as configuration complexity, false positives and negatives, performance impact, and integration with existing security infrastructure. Furthermore, the paper discusses emerging trends and potential future directions in the field, including the integration of machine learning and artificial intelligence, advanced behavioral analysis techniques, and cloud-based architectures.

References

  1. Ponemon Institute, "2019 Cost of a Data Breach Report," 2019.
  2. Ristic, I. "ModSecurity Handbook: Getting Started Guide," Feisty Duck Ltd, 2018.
  3. Gupta, S., et al. "Behavior-based Web Application Firewall for Web Services," International Journal of Advanced Computer Science and Applications, vol. 7, no. 5, 2016.
  4. Sood, S. K., et al. "Securing Web Applications Using Web Application Firewall," International Journal of Computer Science and Information Technologies, vol. 3, no. 1, 2012.
  5. Bajaj, A., et al. "Rate Limiting in Web Application Firewall," International Journal of Computer Applications, vol. 160, no. 2, 2017.
  6. Shubina, M., et al. "Security Policy Configuration and Rule Management in Web Application Firewalls," IEEE Access, vol. 7, 2019.
  7. Wang, X., et al. "F2WAF: Fingerprint-Based Web Application Firewall for Encrypted Traffic," IEEE Transactions on Dependable and Secure Computing, vol. 17, no. 1, 2018.
  8. Diamantaris, P., et al. "Performance Overhead of Web Application Firewalls," International Journal of Information Security, vol. 18, no. 2, 2019.
  9. Garg, S., et al. "SQUWAF: Scalable Queryable Web Application Firewall for Large-scale Cloud Environments," IEEE Transactions on Network and Service Management, vol. 16, no. 2, 2019.
  10. Ristic, I. "ModSecurity Handbook: Getting Started Guide," Feisty Duck Ltd, 2018.
  11. Gupta, S., et al. "Behavior-based Web Application Firewall for Web Services," International Journal of Advanced Computer Science and Applications, vol. 7, no. 5, 2016.
  12. Sood, S. K., et al. "Securing Web Applications Using Web Application Firewall," International Journal of Computer Science and Information Technologies, vol. 3, no. 1, 2012.
  13. Bajaj, A., et al. "Rate Limiting in Web Application Firewall," International Journal of Computer Applications, vol. 160, no. 2, 2017.
  14. Shubina, M., et al. "Security Policy Configuration and Rule Management in Web Application Firewalls," IEEE Access, vol. 7, 2019.
  15. Wang, X., et al. "F2WAF: Fingerprint-Based Web Application Firewall for Encrypted Traffic," IEEE Transactions on Dependable and Secure Computing, vol. 17, no. 1, 2018.
  16. Diamantaris, P., et al. "Performance Overhead of Web Application Firewalls," International Journal of Information Security, vol. 18, no. 2, 2019.
  17. Garg, S., et al. "SQUWAF: Scalable Queryable Web Application Firewall for Large-scale Cloud Environments," IEEE Transactions on Network and Service Management, vol. 16, no. 2, 2019.

International Journal of Scientific Research in Science and Technology

Downloads

Published

2023-06-30

Issue

Volume 10, Issue 3, May-June-2023

Section

Research Articles

License

Copyright (c) IJSRST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
T. Lalitha Kumari, Prof. A. Ramesh Babu "Control of Web Traffic Using Web Application Firewall : Techniques and Challenges" International Journal of Scientific Research in Science and Technology(IJSRST), Online ISSN : 2395-602X, Print ISSN : 2395-6011,Volume 10, Issue 3, pp.728-735, May-June-2023. Available at doi : https://doi.org/10.32628/IJSRST523102130