Litcius/Paper detail

Web application firewall based on machine learning models

Muhammed Ersin Durmuşkaya, Selim Bayraklı

2025PeerJ Computer Science5 citationsDOIOpen Access PDF

Abstract

The increasing reliance on web applications for storing sensitive data and financial transactions has elevated the importance of web application security. A machine learning-based web application firewall was designed to protect web applications against injection vulnerabilities. A hybrid dataset, including CISC 2010, HTTPParams 2015, and real-time Hypertext Transfer Protocol (HTTP) requests, was employed. The study evaluated five classification algorithms-K-nearest neighbors, logistic regression, naïve Bayes, support vector machine, and decision tree-for detecting cross site scripting (XSS), Structured Query Language (SQL) Injection, Operating System Command Injection, and Local File Inclusion attacks. Decision tree was identified as the algorithm with the highest precision, accuracy, recall, F1-score, receiver operating characteristic (ROC), and area under the curve (AUC) values. According to the confusion matrix analysis, the real-time tested web application firewalls (WAF) achieved a remarkably high F1 score of 93.13% and accuracy of 93.27%. The findings indicate that machine learning-based WAFs effectively protect web applications against injection threats. Future work includes expanding the WAF to cover other attack types and testing it on different datasets.

Topics & Concepts

Firewall (physics)Computer scienceApplication firewallWorld Wide WebStateful firewallComputer securityBusinessAccretion (finance)FinanceNetwork packetSchwarzschild radiusCharged black holeNetwork Security and Intrusion DetectionNetwork Packet Processing and OptimizationAdvanced Malware Detection Techniques