Reliability Analysis of a Server System with WAF  
Author Mitsuhiro Imaizumi


Co-Author(s) Mitsutaka Kimura


Abstract Cyber attacks on the Internet have become a problem in recent years, and they have been becoming more sophisticated, complicated and diversified. In terms of this problem, a single security measure is not enough, and it is effective to combine multiple security measures. To prevent the sever from cyber attacks due to web application vulnerabilities, WAF (Web Application Firewall) has been widely used. It can detect attacks where IDS (Intrusion Detection System) can not detect them. This paper formulates stochastic models for a server system which has the function of IDS andWAF. Cyber attacks due to unau- thorized access are detected by IDS, and cyber attacks due to web application vulnerabilities are detected by WAF. The total expected costs until cyber attacks are detected are derived and optimal policies which minimize them are discussed. Finally, numerical examples are given.


Keywords Security, WAF, IDS, Inspection, Expected Cost
    Article #:  RQD28-100

Proceedings of 28th ISSAT International Conference on Reliability & Quality in Design
August 3-5, 2023