Experimental study of ModSecurity web application firewalls
Loading...
Date
Author(s)
Citation for Previous Publication
Link to Related Item
Abstract
Description
Risks related to web security are too important to be ignored. The Open Web Application Security Project (OWASP) document maintains a rating of the top 10 common threats. Although not an official standard, is widely acknowledged in the classification of vulnerabilities. This paper evaluates the effectiveness of ModSecurity web application firewall with OWASP Core Rule Set (CRS) version 3.2 released in September 2019 to detect known web security risks. This paper proposes to provide insight on detection capability of ModSecurity with CRS v.3.2 at default level, how well it can protect web server against Denial of Service (DoS) attacks, and performance on web server in terms of Throughput (the average amount of bytes transmitted every second), Transaction rates (the amount of hits), Concurrency (the average number of parallel connections and increases as server efficiency declines). In addition, provides recommendation on areas of improvement and future research areas.
Item Type
http://purl.org/coar/resource_type/c_1843
Alternative
Other License Text / Link
Subject/Keywords
Language
en