top of page

Two-Tier Securing Mechanism Against Web Application Attacks Project Presentation to Citrix CEO

Code injection-based attacks like cross-site scripting (XSS) and Structured Query

Language Injection (SQLi) are among the most critical security issues for web

applications. Web application firewalls (WAFs) are installed to defend against

injection attacks. The WAF has a predefined rule set to detect malicious content

in HTTP requests. Nevertheless, attackers use cleverly crafted payload

modifications to evade such rule sets. This project presents a novel approach that

extracts user inputs from HTTP requests to find sophisticated XSS and SQLi

attack vectors. The proposed solution is a two-tier securing mechanism that uses

both a deep learning model called Bidirectional Encoder Representations from

Transformers (BERT), which is fine-tuned to classify SQLi and XSS attacks, and a

context-aware classifier which looks for a change in the structure of the intended

query to detect SQL injections. This work is a server-side solution and

implemented as a reverse proxy thus requiring no changes in the server code. The

BERT model achieves detection accuracy of 98.98% and a precision rate of 99.14%

on a real-world dataset after fivefold cross-validation. Also, the context-aware

classifier produced zero false positives and false negatives during testing

43 views0 comments

Recent Posts

See All
bottom of page