Litcius/Paper detail

WAF-A-MoLE

Luca Demetrio, Andrea Valenza, Gabriele Costa, Giovanni Lagorio

202045 citationsDOIOpen Access PDF

Abstract

Web Application Firewalls are widely used in production environments to mitigate security threats like SQL injections. Many industrial products rely on signature-based techniques, but machine learning approaches are becoming more and more popular. The main goal of an adversary is to craft semantically malicious payloads to bypass the syntactic analysis performed by a WAF.

Topics & Concepts

Computer scienceAdversaryComputer securitySignature (topology)CraftSQL injectionApplication firewallWorld Wide WebStateful firewallNetwork packetArchaeologyMathematicsQuery by ExampleWeb search queryHistorySearch engineGeometryWeb Application Security VulnerabilitiesNetwork Security and Intrusion DetectionSpam and Phishing Detection