Mojtaba Hemmati; Mohammad Ali Hadavi
Abstract
Web application firewalls (WAFs) are used for protecting web applications from attacks such as SQL injection, cross-site request forgery, and cross-site scripting. As a result of the growing complexity of web attacks, WAFs need to be tested and updated on a regular basis. There are various tools and ...
Read More
Web application firewalls (WAFs) are used for protecting web applications from attacks such as SQL injection, cross-site request forgery, and cross-site scripting. As a result of the growing complexity of web attacks, WAFs need to be tested and updated on a regular basis. There are various tools and techniques to verify the correct performance of WAFs but most of them are manual or use brute-force attacks, so suffer from poor efficacy. In this work, we propose a solution based on Reinforcement Learning (RL) to discover malicious payloads, which can bypass WAFs. We provide an RL framework with an environment compatible with OpenAI gym toolset standards. This environment is employed for training agents to implement WAF circumvention tasks. The agent mutates a malicious payload syntax using a set of modification operators as actions, without changes to its semantic. Then, upon WAF's reaction to the payload, the environment ascertains a reward for the agent. Eventually, based on the rewards, the agent learns a suitable sequence of mutations for any malicious payload. The payloads, which bypass the WAF can determine rules defects, which can be further used in rule tuning for rule-based WAFs. Also, it can enrich the machine learning-based datasets for retraining. We use Q-learning, advantage actor-critic (A2C), and proximal policy optimization (PPO) algorithms with the deep neural network. Our solution is successful in evading signature-based and machine learning-based WAFs. While we focus on SQL injection in this work, the method can be simply extended to use for any string-based injection attacks.
Mona Alsalamah; Huda Alwabli; Hutaf Alqwifli; Dina M. Ibrahim
Abstract
The functionality of web-based system can be affected by many threats. In fact, web-based systems provide several services built on databases. This makes them prone to Structured Query Language (SQL) injection attacks. For that reason, many research efforts have been made to deal with such attack. The ...
Read More
The functionality of web-based system can be affected by many threats. In fact, web-based systems provide several services built on databases. This makes them prone to Structured Query Language (SQL) injection attacks. For that reason, many research efforts have been made to deal with such attack. The majority of the protection techniques adopt defence strategy which resulting to provide, in extreme response time, a lot of positive rates. Indeed, attacks by injecting SQL is always a serious challenge for web-based system. This kind of attack is still attractive for hackers and it is in growing progress. Forthat reason, many researches have been proposed to deal with this issue. The proposed techniques are essentially based on statistical or dynamic approach or using machine learning or even deep learning. This paper discusses and reviews the existing techniques used to detect and prevent SQL injection attack. In addition, it outlines challenges, open issues and future trends of solutions in this context.
Mohammad Ali A. Hammoudeh; Renad Ibrahim; Lama Alshraryan; Manar Alnomise; Ragad Alhumidan
Abstract
Recently, the interest in cybercrime and cybersecurity has increased dramatically both in terms of critical security issues and national economic information infrastructure and sensitive dealing policies, such as protection and data privacy. Moreover, the growing threat of cybersecurity has prompted ...
Read More
Recently, the interest in cybercrime and cybersecurity has increased dramatically both in terms of critical security issues and national economic information infrastructure and sensitive dealing policies, such as protection and data privacy. Moreover, the growing threat of cybersecurity has prompted the kingdom to pay more attention to its national cybersecurity strategy as the state embarks on a Vision 2030 plan, which aims to diversify the economy and create new jobs. Therefore, Any Computer system is always having security threats which are considered as a big problem and this including application Codes as increasing demand. The paper aims to give a detailed information about secure coding with Python and present security guidelines and considerations in different disciplines. It focuses on giving an overview of the authentication methods used in application (Code) and show program security mistakes to introduce vulnerabilities (Ex. SQL Injection). We reviewthe new user authentication techniques, making it easier for the manager to choose the appropriate techniques for his organization by understanding the way it works, advantages, and disadvantages. The administrator can integratethese mechanisms in a manner that is appropriate for his security plan. This will be useful for programmers and users to keep their codes and applications more secure and viable for usage in sensitive environments.