Code for paper we submitted to the ERRC 2017 conference in Santa Maria, Brazil.
This is a simple implementation of a Web Application Firewall (WAF) based on Anomaly Detection using One Class SVM.
Tested with Python 3.5 on Ubuntu 14.04 and Windows 7
cd paper
pip install -r requirements.txtIf there are problems on Windows with some packages, Anaconda
can be used to install them.
In Ubuntu using pip should just work fine.
- Paste files from CSIC 2010 HTTP data sets into
/waf/data_sets/csic/original_files/ - Paste files from CSIC Torpeda 2012 HTTP data sets into
/waf/data_sets/torpeda/original_files/
Use the run.py file to run the different tests.
For example, python3 run.py test1. To see which tests are available, run the file
without additional commands or parameters like this python3 run.py.
To test the proxy implementation you have to start all the tests beginning with test2 in
their listed order (alphabetical order), starting with the data server and concluding with
source, waiting some seconds between the executions to give them some time to initialize.
The folder paper/latex contains the latex source code of the paper we submitted to the conference.
It includes a script to compile the code and generate a PDF file, using the utilities pdflatex and bibtex.
- Nico Epp
- Ralf Funk
- Cristian Cappo (undergraduate thesis advisor)
Check out our undergraduate thesis (written in spanish).