What question did this study set out to answer?

The goal is to develop policies that effectively manage a server's security against cyber attacks using WAF and IDS.

April 1, 2026

Optimal Management Policies for a Server System with Web Application Firewall

Key Points

The goal is to develop policies that effectively manage a server's security against cyber attacks using WAF and IDS.
Formulated five stochastic models for server systems incorporating WAF and IDS.
Considered various types of cyber attacks including unauthorized access and web application vulnerabilities.
Analyzed non-linear parameters and implemented random checking within the models.
Optimized policies were identified to minimize the total expected costs until cyber attacks are detected.
Demonstrated the effectiveness of combining WAF and IDS for enhanced security against complex threats.
Provided numerical examples showing the application of the proposed models.

Abstract

Cyber attacks on the Internet have been becoming more sophisticated, complicated and diversified in recent years. In terms of this problem, a single security measure is not enough, and it is effective to combine multiple security measures. To prevent the sever from cyber attacks due to web application vulnerabilities, WAF (Web Application Firewall) has been widely used. It can detect attacks where IDS (Intrusion Detection System) can not detect them. This paper formulates five stochastic models for a server system which has the function of IDS and WAF considering multiple attacks, non-linear parameter and random checking. Cyber attacks due to unauthorized access are detected by IDS, and cyber attacks due to web application vulnerabilities are detected by WAF. The total expected costs until cyber attacks are detected are derived and optimal policies which minimize them are discussed. Finally, numerical examples are given.

Bookmark

Optimal Management Policies for a Server System with Web Application Firewall

Key Points

Abstract

Cite This Study