An Efficient Firewall For Web Applications (EFWA)

Abstract

Today, with the development of technology, communication tools like computers, phones, tablets and etc. use the http as default protocol. The fact that large data stream transactions are over the http protocol has caused this protocol to become a target for attackers. It is important to analyse HTTP traffic for attack prevention systems and to detect attack attempts. Signature based, anomaly based and mixed methods are used for the intrusion detection system. The most common attack methods applied by attackers using http traffic are SQL injection, cross-site scripting (XSS), cross-site request forgery (CRLF injection), malicious file execution, unsafe direct object reference (OSS) etc. For these attacks, we will talk about anomalous attack prevention. The study used the CSIC 2010 HTTP dataset, which contains popular types of attacks and is openly accessible. Decision Tree (C4.5), K Nearest Neighborhood (KNN) algorithms were used for the emerging classes. As a result, a significant result of 96.26% has been achieved.