Abstract

In this paper we propose a centralized web firewall system for web application security which will provide a new type of synchronized system, which has the ability to  detect  and prevent a variety of web application attacks for a wide range of hosts at the same time , using an centralized command and control system, the attacked client then sends the information to a centralized command and control server which will distribute the attack information to all of the integrated clients connected to it. The distributed information contains all of the attack information including the type of attack, the IP address of the attacker, and the time of attack. The process of receiving the attacker's information and distributing it through the centralized web firewall is done automatically and immediately at the time of the attack. And all of the receiving clients will take actions against the threat depending on the distributed information such as banning the IP address of the attacker. The main process aims to protect multiple clients from any possible attack from the same attacker or the same type of attack. The system has been implemented to protect a real web application. Experiments showed that the attacks has been successfully prevented on multiple hosts at the time.

This paper came to provide a centralized web firewall system that connect different web firewalls in order to detect and prevent different types of web attacks and work as a fully integrated system with the different clients.

This work is licensed under a Creative Commons Attribution 4.0 License.