Description, analysis and implementation of a Web Application Firewall (WAF). Creation of attack scenarios and threats prevention
Περιγραφή, ανάλυση και υλοποίηση ενός WAF. Δημιουργία σεναρίων επιθέσεων και αποτροπή απειλών
View/
Keywords
WAF ; Web Application Firewall ; Dos attack ; SQL injection ; LAMP server ; XSS attack ; LFi attack ; SIEM ; Attack scenariosAbstract
This thesis refers to some general concepts that will be used to describe, analyze and implement a Web Application Firewall. Also, all attacks that will take place during implementation are explained in a separate chapter. The thesis includes an extensive report of 1st, 2nd, and 3rd generation Firewalls. Additional information on 3rd generation Firewall (WAF) will be provided. In addition, Security Information and Event Management (SIEM) will be presented with a historical overview, how it works, its benefits and its development. Furthermore, the implementation of the thesis will be presented as follows: The presentation of the website, the implementation of WAF with the default and custom rules with relevant attacks. Furthermore, the deployment and results from SIEM are presented. Finally, some use cases with the most known attacks with their results before and after the implementation of WAF have been created.
Postgraduate Studies Programme
Ασφάλεια Ψηφιακών ΣυστημάτωνDepartment
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Ψηφιακών ΣυστημάτωνNumber of pages
80Language
EnglishCollections
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού - Μη Εμπορική Χρήση - Παρόμοια Διανομή 3.0 Ελλάδα
Αναφορά Δημιουργού - Μη Εμπορική Χρήση - Παρόμοια Διανομή 3.0 Ελλάδα