Abstract:
In this project, a module has been developed for Rule Explorer which allows searching, analyzing, verifying, translating and classifying firewall rules. Web application Firewall rule creation process is a tedious task. Even the experts can make mistakes in the syntax. An efficient and automated solution was needed to cater this problem.
This module focuses on simplifying the rule creation process and automates the process as much as possible so manual rules creation can be avoided which can result into errors and difficulty for the security administrator who has to develop these rules. A mechanism has been designed to generate rules for web application using its access logs. This technique focuses on learning through logs and developing application profile. It then provides option to create resource/parameter specific rule on the basis of positive security model.
