Date of Publication

7-2-2022

Document Type

Master's Thesis

Degree Name

Master in Information Security

Subject Categories

Information Security

College

College of Computer Studies

Department/Unit

Computer Technology

Thesis Advisor

Fritz Kevin S. Flores

Defense Panel Chair

Gregory G. Cu

Defense Panel Member

Katrina Ysabel C. Solomon
Fritz Kevin S. Flores

Abstract/Summary

With the continuing and rapid evolution of technology, evidently during when the pandemic situation experienced globally, it opens various opportunities for businesses in terms of allowing everyone to easily access their public or private information, allowing people to work remotely and even conduct online transactions on the web, however, cybercriminals took advantage of this opportunity as well to exploit publicly exposed web applications or servers, to infiltrate and eventually exposing data that could impact users and organizations alike. Given the shift of development to these rapid web development and technologies, most organizations that are hosting and deploying these web applications and servers often overlook security and accessibility which opens vulnerabilities to these cyber attacks, in addition, most organizations tend to neglect security given the additional overhead and costs. Therefore, using existing open source web application firewalls is ideal for any organization without having to sacrifice costs as well as usability, in order to detect and prevent web-specific attacks, while acting as an additional layer of security in conjunction with other security tools implemented such as network firewalls and intrusion detection systems. This study explores the advantages and disadvantages of an open-source web application firewall, wherein vulnerability assessment and several penetration tests are conducted against common web vulnerabilities to validate the web application firewall’s effectiveness to detect and prevent web application attacks, as well as its implementation by hardening the system and optimizing the performance of the web application through load balancing and high availability.

Abstract Format

html

Note

Capstone paper (CCS Capstone Project)

Language

English

Format

Electronic

Physical Description

120 leaves

Keywords

Web applications; Firewalls (Computer security)

Upload Full Text

wf_yes

Embargo Period

7-1-2023

Share

COinS