Understanding the Feature Space and Decision Boundaries of Commercial WAFs Using Maximum Entropy in the Mean

The security of a network requires the correct identification and characterization of the attacks through its ports. This involves the follow-up of all the requests for access to the networks by all kinds of users. We consider the frequency of connections and the type of connections to a network, an...

Descripción completa

Detalles Bibliográficos
Autores principales: Gzyl, Henryk, ter Horst, Enrique, Peña-Garcia, Nathalie, Torres, Andres
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2023
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10670514/
https://www.ncbi.nlm.nih.gov/pubmed/37998168
http://dx.doi.org/10.3390/e25111476
Descripción
Sumario:The security of a network requires the correct identification and characterization of the attacks through its ports. This involves the follow-up of all the requests for access to the networks by all kinds of users. We consider the frequency of connections and the type of connections to a network, and determine their joint probability. This leads to the problem of determining a joint probability distribution from the knowledge of its marginals in the presence of errors of measurement. Mathematically, this consists of an ill-posed linear problem with convex constraints, which we solved by the method of maximum entropy in the mean. This procedure is flexible enough to accommodate errors in the data in a natural way. Also, the procedure is model-free and, hence, it does not require fitting unknown parameters.

Ejemplares similares