Paper Contents
Abstract
Businesses are increasingly adopting web-based applications, which is leading to a rise in cyberattacks this leads to weaknesses in these applications. As threat actors continue to develop more creative attacks, it is harder for cyber defence technologies to keep pace. Attackers are always ready with creative attacks with the help of encoding schemes, obfuscated payloads, new 0-day exploits, etc. To prevent such web-based attacks the major defence mechanism implemented is the Web Application Firewall(WAF) but still, it gets bypassed with various tactics of payload and exploit development. To reduce the gap between attack strategies and defensive mechanisms there is a need of model based solution which will be in sync with the creative art of bypassing mechanisms adopted by threat actors. Along with the need for such a learning model, there is also a need for data pre-processing, analysis, and prevention of malicious inputs as near as possible to the client side. This model will be an extension to the existing Web Application firewall. The model must be based on advantage of cloud-based technologies, Edge computing, Artificial Intelligence, Machine learning, and Edge intelligence. The adoption of Edge computing and Edge Intelligence will help to avoid conflict between legit request and malicious request and will reduce the unnecessary data passing through and will work on the requests only which seems malicious. The request which seems malicious but not having rules and fingerprints to get detected by the firewall will be sent to the learning model situated in the cloud to realize the intent of the request and if deemed malicious will create a new rule to drop the request otherwise the request will be flagged as safe and allowed to pass through. The newly created rule will help to drop such malicious requests if received in the future.
Copyright
Copyright © 2023 Avinash Sawade. This is an open access article distributed under the Creative Commons Attribution License.
