Formal reasoning of web application Firewall rules through ontological modeling

Author

Ahmad, Ayaz ; Anwar, Zeeshan ; Hur, A. ; Ahmad, H.F.

Author_Institution

Sch. of Electr. Eng. & Comput. Sci., Nat. Univ. of Sci. & Technol., Islamabad, Pakistan

fYear

2012

fDate

13-15 Dec. 2012

Firstpage

230

Lastpage

237

Abstract

Web application Firewalls (WAF)s are security tools that protect web application from external attacks. They do so by applying a set of security policy rules on HTTP traffic generated and received by web applications. These policies Rules are in-fact the heart of WAFs which are unable to provide strong protection on their own without well-written policy rules. Unfortunately due to complexity of web application and increased sophistication of application level attacks the rule configuration and management for WAFs is an error prone and tedious task. This paper is an effort to explore the effectiveness of an Ontology based framework for modeling, configuring, querying and reasoning overWAF Firewall configurations.We have tested our framework on a leading open source web application firewalls known as ModSecurity. Our preliminary results show that our framework significantly improves configuration errors in the WAF ruleset that arise because of duplication and policy conflicts.

Keywords

Internet; firewalls; inference mechanisms; ontologies (artificial intelligence); HTTP traffic; ModSecurity framework; WAF; Web application firewall rule; firewall configuration modeling; firewall configuration query; firewall configuration reasoning; formal reasoning; ontological modeling; rule configuration; rule management; security policy rule; security tool; ModSecurity; OWL-DL; Ontology; Security; WAF; Web Appliction;

fLanguage

English

Publisher

ieee

Conference_Titel

Multitopic Conference (INMIC), 2012 15th International

Conference_Location

Islamabad

Print_ISBN

978-1-4673-2249-2

Type

conf

DOI

10.1109/INMIC.2012.6511505

Filename

6511505