Concurrent Implementation of WAF and Hardening Broken Authentication To Secure Web Application

  • Dimas Charis Suryo Nugroho Universitas Bina Nusantara, Jakarta, Indonesia
  • Muhammad Fadlan Hidayat Universitas Bina Nusantara, Jakarta, Indonesia
  • Benfano Soewito Universitas Bina Nusantara, Jakarta, Indonesia
Keywords: Web Application Firewall, Hardening Broken Authentication, Cyber Security, OWASP 2017, Injection, Broken Authentication.

Abstract

Web Application Security is considered crucial in the era of rapid technology development, following with recent rapid development of artificial intelligence architecture, virtual reality and the internet of things, one of important node which is a web application that is connected to others node is needed to be protected from cyber-attack attempts scenarios. These cyber-attack scenarios are currently growing and evolve nowadays and cause a lot of losses in various countries, such as economic loss, privacy loss, safety loss and etc. Some research studies have developed web application fire-wall using artificial intelligence and show that using web application firewall are effective to tackle some of cyber-attack scenarios attempt However, the authors want to revisit and con duct several experiments on this web application firewall and also In this research the authors study and communicate proposed cyber security method through an experiment of concurrent implementation from Web Application Firewall (WAF) and Hardening Broken Authentication (HBA) method to secure OWASP 2017 most happening and popular two cyber-attack types namely Injection and Broken Authentication. As cyber-attacks are increased and evolving against recent web application firewalls, the authors successfully secure 14 out of 16 cyber-attack scenarios, and 11 out of 16 cyber-attack scenarios are perfectly secured by the concurrent implementation of web application (WAF) and Hardening Broken Authentication (HBA) without significant increased average network access from 51 milliseconds to 61 milliseconds according to authors experiment with fair same internet connection and devices compared to other security methods in this experiment.

 

Downloads

Download data is not yet available.
Published
2022-08-10