Применение машинного обучения в защите веб-приложений

Abstract

Security of network systems has become a necessity, as more and more important information is stored and used online. The spread of web applications opens up new attack vectors. Traditional security mechanisms, such as firewalls, are not designed to protect web applications and therefore do not provide adequate protection. Current attacks cannot be prevented only by blocking ports 80 (HTTP) and 443 (HTTPS). Preventative measures (such as web application firewall rules) are not always possible. Signature methods for detection are always behind the actual event. Protocol-enforced network firewalls usually provide the first line of defense, delaying most major attacks on the network perimeter. They mainly work on the network, session, and transport layers of the reference network model (OSI). Developers have significantly expanded the capabilities of network firewalls to control the integrity of a wide range of top-level protocols, such as DNS, FTP, HTTP, SMTP, and TFTP. Standard firewalls can help restrict or allow access to network ports. Although application proxy firewalls exist, they cannot understand the specific content of all web applications run by an enterprise. The purpose of this article is to study the features of using machine learning in web application protection. Methods of web application security and learning neural networks were studied. The result of this work is a theoretical overview of the neural network security of a web application.