Optimum tuning of defense settings for common attacks on the web applications

Abstract

Statistics from various sources indicate that there are roughly 75% cyber attacks occurred in the web applications, and the trend is growing. The unsafe coding of web application or the vulnerability of the application itself is yet to be patched result in a high security risk. In addition to white-box testing to examine the source code, black box testing for vulnerability scan or penetration test, one may choose to setup defense facilities at the front-end of the server - such as: application-layer intrusion prevention system, or application software and hardware firewall to enhance the defense mechanism or to gain more time to patch the vulnerability. This paper presents an optimum tuning method utilizing the application firewall widely used by the modern enterprises. We explore several attacking methods commonly used nowadays, such as the signature of cross-site scripting and SQL injection, and introduce a new method to setup the parameters of the device to strengthen the defense. To enhance the security of the back-end application servers, we use keyword filtering and re-treatment to rule out the blacklist, and to adjust the system settings so that it can effectively block the assaults or reduce the possibility of successful attacks. In addition, we also simulate attacks to web browsing and application through vulnerability scanning tools to test the security of application system and to make sure the necessary defense of the optimum tuning parameters. This concept does produce good results in our implementation of verification tests. It is worth promoting as a reference.