Comparative approach to web application firewalls
سال انتشار: 1394
نوع سند: مقاله کنفرانسی
زبان: انگلیسی
مشاهده: 485
فایل این مقاله در 5 صفحه با فرمت PDF قابل دریافت می باشد
- صدور گواهی نمایه سازی
- من نویسنده این مقاله هستم
استخراج به نرم افزارهای پژوهشی:
شناسه ملی سند علمی:
KBEI02_128
تاریخ نمایه سازی: 5 بهمن 1395
چکیده مقاله:
considering the increasing deployment of the Internet and information systems together with providing various services through web applications, the related risks and threats in this field are also skyrocketing. In recent years several different websites such as online shops, portals, and governmental sites were subject to penetrations attacks and illegal hacking activities. The mentioned intrusions have often resulted in significant financial and credibility losses together with endangering organizational and even national interests. Given the magnitude and complexity of cyber-attacks and due to the diversity of the web application’s structure, the need to have a comprehensive and effective solution to prevent or mitigate the negative effects of such attacks is imperative. Taking into account the nature of the Internet and the necessity of websites availability 24 hours a day from all parts of the globe, it is ideal and can be taken as an advantage, but it should be also noted that this feature, considering the absence of appropriate security, can lead to some main ways for targeting and attacking web applications. One of the newest tools to prevent infiltration and attacks on websites, are web application-specific firewalls or the Web Application Firewalls (WAF) by which security policies can be applied among end users and web applications. In this paper this feature has been implemented in software for protection and provides the advantage of preserving the security in web applications against attacks and methods which affect the system together through a comparative approach
کلیدواژه ها:
comparative approach ، web application firewall (waf) ، penetration testing ، security assessment ، vulnerability assessment
نویسندگان
z Ghanbari
Department of Electrical Engineering and Information Technology Azad University of Tehran-Electronic Branch Tehran, Iran
y Rahmani
Department of Electrical Engineering and Information Technology Azad University of Tehran-Electronic Branch Tehran, Iran
h Ghaffarian
Department of Electrical Engineering and Information Technology Azad University of Tehran-Electronic Branch Tehran, Iran
M. Hossein Ahmadzadegan
Department of Electrical Engineering and Information Technology Azad University of Tehran-Electronic Branch Tehran, Iran