IMPLEMENTATION OF WEB APPLICATION FIREWALL (WAF) FOR MAXIMUM PROTECTION OVER NETWORK

Abstract

Security is one of the key elements of any financial model. An OSI model perspective we have seen an upward progression inside the layer of insecurity. We started from physical layer attacks and gradually moved to Layer 2 and so on and so forth. At the moment we are at a point where most of the security issues lie at the application layer. Most of the application layer attacks we witness are fell inside the category of “Input Validation Attacks” i.e. not properly validating the users input before its parsed. To minimize the attack surface at application layer, vendors have come up with application layer firewalls also known as WAF (Web Application Firewall). A web application firewall uses two basic approaches for detecting malicious input, a positive model (Allow Known Good) or otherwise known as a White list or a negative model (Reject Known Bad), due to the simplicity of design, almost all of the “WAF” vendors rely upon “Blacklisting” Approach to filter the input. However, there is a fundamental problem inside the blacklist approach is that different browsers parse different inputs in a different way, which makes it easier for us to bypass blacklist based Web application firewalls The objective of this project is the Implementation of Web Application Firewall over Network for Maximum Protection it will be fulfilling the needs over the security area. This document has the detailed description of project; this project actually works for the server side protection. VIII Our solution is a light weight, and contains a user friendly interface which allows even non-technical people to configure and modify the rules. The implementation would be based upon a strong blacklist with minimal number of false positives. The second objective of this project is to create a tool which allows vendors to test the effectiveness of their Web Application Firewall as well as for webmasters to analyze the current solutions they have implemented