Web application firewalls are an indispensable layer to protect online systems from attacks. However, the fast pace at which new kinds of attacks appear and their sophistication require that firewalls be updated and tested regularly as otherwise they will be circumvented. In this paper, we focus our research on web application firewalls and SQL injection attacks. We present a machine learning-based testing approach to detect holes in firewalls that let SQL injection attacks bypass. At the beginning, the approach can automatically generate diverse attack payloads, which can be seeded into inputs of web-based applications, and then submit them to a system that is protected by a firewall. Incrementally learning from the tests that are blocked ...
Over the years, technological advances have driven massive proliferation of web systems and business...
Summary. We depend on database-driven web applications for an ever increasing amount of activities, ...
Web services are increasingly adopted in various domains, from finance and e-government to social me...
Web application firewalls are an indispensable layer to protect online systems from attacks. However...
Web application firewalls (WAF) are an indispensable mechanism to protect online systems from attack...
International audienceInjections flaws which include SQL injection are the most prevalent security t...
peer reviewedWeb application firewalls (WAF) are an essential protection mechanism for online softwa...
Today most of us depend on Internet for our day to day activities such as financial transactions, ed...
Web services are increasingly adopted in various domains, from finance and e-government to social me...
International audience—Injections flaws which include SQL injection are the most prevalent security ...
Web services are increasingly adopted in various domains, from finance and e-government to social me...
Testing and fixing WAFs are two relevant and complementary challenges for security analysts. Automat...
peer reviewedThis paper examines the effects and potential benefits of utilising Web Application Fir...
Abstract—The Internet and web applications are playing very important role in our today‘s modern day...
With the rise of the Internet, web applications, such as online banking and web-based email the web ...
Over the years, technological advances have driven massive proliferation of web systems and business...
Summary. We depend on database-driven web applications for an ever increasing amount of activities, ...
Web services are increasingly adopted in various domains, from finance and e-government to social me...
Web application firewalls are an indispensable layer to protect online systems from attacks. However...
Web application firewalls (WAF) are an indispensable mechanism to protect online systems from attack...
International audienceInjections flaws which include SQL injection are the most prevalent security t...
peer reviewedWeb application firewalls (WAF) are an essential protection mechanism for online softwa...
Today most of us depend on Internet for our day to day activities such as financial transactions, ed...
Web services are increasingly adopted in various domains, from finance and e-government to social me...
International audience—Injections flaws which include SQL injection are the most prevalent security ...
Web services are increasingly adopted in various domains, from finance and e-government to social me...
Testing and fixing WAFs are two relevant and complementary challenges for security analysts. Automat...
peer reviewedThis paper examines the effects and potential benefits of utilising Web Application Fir...
Abstract—The Internet and web applications are playing very important role in our today‘s modern day...
With the rise of the Internet, web applications, such as online banking and web-based email the web ...
Over the years, technological advances have driven massive proliferation of web systems and business...
Summary. We depend on database-driven web applications for an ever increasing amount of activities, ...
Web services are increasingly adopted in various domains, from finance and e-government to social me...