Explore chapters and articles related to this topic
Endpoint Agent Architecture
Published in Kevin E. Foltz, William R. Simpson, Enterprise Level Security 2, 2020
Kevin E. Foltz, William R. Simpson
Network monitoring can provide important insights into lower layer resources and communications, but it lacks access to the higher layer content due to widespread HTTPS and similar protocols. Web application firewalls (WAFs) attempt to bridge this gap by decrypting content for the server, analyzing and modifying it for security, and passing the clean content to the server. The WAF may even open files and execute code to determine if certain content presents a danger to the receiver. This approach catches many attacks that network monitoring and pattern-based detection miss, but it breaks the end-to-end security model, introduces latency in communications, and does not stop all attacks.
Towards an intrusion detection system for detecting web attacks based on an ensemble of filter feature selection techniques
Published in Cyber-Physical Systems, 2023
Deepak Kshirsagar, Sandeep Kumar
To secure web applications from different types of attacks has become one of the tedious tasks for security administrators. The security administrator uses a web application firewall, access control mechanism, intrusion detection and prevention systems to secure network resources and web application components. The hacker intelligently bypasses security strategies implemented by security administrators. Therefore, intelligent intrusion detection system (IDS) performs an important role in the security mechanism to secure web applications. The use of machine learning in the anomaly intrusion detection process provides a way to design and develop an intelligent security system to secure web applications. IDS components are classified into signature or misuse and anomaly-based systems based on a detection mechanism to provide an extra security layer for the organisation. The signature IDS analyses the network traffic and compares it with predefined signatures present in the system. The misuse-based IDS produces a lower false alarm rate (FAR) and higher detection rate for the detection of well-known attacks. However, it produces a lower detection rate and higher FAR for the detection of unknown attacks. Most organisations use anomaly IDS to detect unknown attacks that provide a higher detection rate and lower FAR.
A survey of phishing attack techniques, defence mechanisms and open research challenges
Published in Enterprise Information Systems, 2022
A phishing attack can be minimised by using two-factor authentication in where the first credential is a normal username and password which is user known, and the second one which is present on smartphones/laptop (e.g. RSA SecurID) (Phishing attacks 2020). An enterprise can also prevent phishing attacks using different tools such as antivirus software, anti-phishing toolbars, web application firewall, and having up to date operating system and browser (Protecting your Enterprise from Phishing Attacks 2017b).
Artificial Intelligence and Cyber Defense System for Banking Industry: A Qualitative Study of AI Applications and Challenges
Published in Cybernetics and Systems, 2022
Khalifa AL-Dosari, Noora Fetais, Murat Kucukvar
One expert mentioned that mobile threats are addressed by web server monitoring and web application firewall (WAF) systems. In general, it seems that banks in Qatar use a combination of traditional and AI-based tools for preventing AI-powered attacks.