The number of companies offering their services online has grown enormously in recent years. Customer confidence in these web applications is, therefore, vital. However, the number of attacks on these sites has also multiplied exponentially, requiring the use of new tools to prevent and defend against them. In this scenario, web application firewalls (WAFs) are emerging as one of the main defenses against website attacks. Their goal is to block those requests that could be considered malicious. Most WAFs are based on filtering requests using regular expressions; nevertheless, this approach has many difficulties in dealing with issues such as detecting zero‐day vulnerabilities or replay attacks and requires frequent and exhaustive updates. Thanks to advances in machine learning techniques, it is now possible to simplify the update process and combine manually configured rules with learned rules. In this work, we present a solution for the open‐source WAF Shadow Daemon that incorporates a machine learning module for attack detection. The proposed solution improves the detection capability of Shadow Daemon while keeping the latency of the detection process within limits that allow for pleasant interaction with users.
López‐Bravo et al. (Wed,) studied this question.