Systematic Approach for Web Protection Runtime Tools’ Effectiveness Analysis
نویسندگان
چکیده
Web applications represent one of the principal vehicles by which attackers gain access to an organization’s network or resources. Thus, different approaches protect web have been proposed date. Of them, two major areWeb Application Firewalls (WAF) and Runtime Self Protection (RASP). It is, thus, essential understand differences relative effectiveness both these for effective decisionmaking regarding security applications. Here we present a comparative study between WAF RASP simulated settings, with aim compare their efficiency against categories attacks. For this, used computation metrics sorted results using F-Score index. We found that tools scored better than tools. In this study, also developed new experimental methodology objective evaluation protection since, best our knowledge, no method specifically evaluates
منابع مشابه
TIED, LibsafePlus: Tools for Runtime Buffer Overflow Protection
Buffer overflow exploits make use of the treatment of strings in C as character arrays rather than first-class objects. The manipulation of arrays as pointers and primitive pointer arithmetic makes it possible for a program to access memory locations which it is not supposed to access. There have been many efforts in the past to overcome this vulnerability by performing array bounds checking in...
متن کاملTIED, LibsafePlus: Tools for Runtime Buffer Overflow Protection
Buffer overflow exploits make use of the treatment of strings in C as character arrays rather than as first-class objects. Manipulation of arrays as pointers and primitive pointer arithmetic make it possible for a program to access memory locations which it is not supposed to access. There have been many efforts in the past to overcome this vulnerability by performing array bounds checking in C...
متن کاملRuntime Verification for Hybrid Analysis Tools
We present the first steps towards a runtime verification framework for monitoring hybrid and cyber-physical systems (CPS) development tools—such as hybrid systems reachability analysis tools, modelbased development environments like Simulink/Stateflow (SLSF), etc.— based on randomized differential testing. First, hybrid automaton models are randomly generated. Next, these hybrid automaton mode...
متن کاملSecuriFly: Runtime Protection and Recovery from Web Application Security Vulnerabilities
This reports presents a runtime solution to a range of Web application security vulnerabilities. The solution we proposes called SecuriFly consists of instrumenting the application to precisely track the flow of data. When a potential vulnerability is observed, the application is either terminated to prevent the vulnerability from being exploited or special recovery code is executed and the app...
متن کاملOn Social Network Web Sites: Definition, Features, Architectures and Analysis Tools
Development and usage of online social networking web sites are growing rapidly. Millions members of these web sites publicly articulate mutual "friendship" relations and share user-created contents, such as photos, videos, files, and blogs. The advances in web designing technology and fast growing usage of online resources prompted web designers to improve features and architectures of social ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Cmes-computer Modeling in Engineering & Sciences
سال: 2022
ISSN: ['1526-1492', '1526-1506']
DOI: https://doi.org/10.32604/cmes.2022.020976