open-appsec NGINX WAF makes machine learning friendly using gamification

This content originally appeared on DEV Community 👩‍💻👨‍💻 and was authored by openappsec

In a previous blog we explained how open-appsec, an open source WAF project, is using machine-learning to preemptively block attacks against Web Apps & APIs.

Machine learning is often a black-box which is difficult to understand and track. open-appsec uses gamification in order to demonstrate the learning progress.

We developed a system that uses human understandable terms to describe the progress of learning as well as explanation as to what is needed in order to reach the next level.

Depending on amount and variance of traffic the machine learning engine will reach a stage where it has observed a sufficient amount of web requests to understand how the application is used. The faster this stage is reached, the faster detection is accurate and it is recommended to move to Prevent mode.

To speed up the learning period the Contextual Machine Learning engine proposes tuning suggestions. The administrator can review the tuning suggestions and help the engine reach even better accuracy, a Machine Learning process also known as supervised learning.

When the learning level becomes Graduate, it is recommended to change the Mode to Prevent. Graduate level ensures very good level of accuracy (e.g. low amount of false positives). To reach Master or PhD level is is necessary to configure Trusted Sources. The Phd level is the highest level, which means that more learning is less likely going to improve the model further.

We get nice feedbacks from users saying that this allows them to understands the status and what they are expected to do no next.

For additional details see here.

This content originally appeared on DEV Community 👩‍💻👨‍💻 and was authored by openappsec

Print Share Comment Cite Upload Translate Updates

APA

openappsec | Sciencx (2022-09-28T00:31:53+00:00) open-appsec NGINX WAF makes machine learning friendly using gamification. Retrieved from https://www.scien.cx/2022/09/28/open-appsec-nginx-waf-makes-machine-learning-friendly-using-gamification/

MLA

" » open-appsec NGINX WAF makes machine learning friendly using gamification." openappsec | Sciencx - Wednesday September 28, 2022, https://www.scien.cx/2022/09/28/open-appsec-nginx-waf-makes-machine-learning-friendly-using-gamification/

HARVARD

openappsec | Sciencx Wednesday September 28, 2022 » open-appsec NGINX WAF makes machine learning friendly using gamification., viewed ,<https://www.scien.cx/2022/09/28/open-appsec-nginx-waf-makes-machine-learning-friendly-using-gamification/>

VANCOUVER

openappsec | Sciencx - » open-appsec NGINX WAF makes machine learning friendly using gamification. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2022/09/28/open-appsec-nginx-waf-makes-machine-learning-friendly-using-gamification/

CHICAGO

" » open-appsec NGINX WAF makes machine learning friendly using gamification." openappsec | Sciencx - Accessed . https://www.scien.cx/2022/09/28/open-appsec-nginx-waf-makes-machine-learning-friendly-using-gamification/

IEEE

" » open-appsec NGINX WAF makes machine learning friendly using gamification." openappsec | Sciencx [Online]. Available: https://www.scien.cx/2022/09/28/open-appsec-nginx-waf-makes-machine-learning-friendly-using-gamification/. [Accessed: ]

rf:citation

» open-appsec NGINX WAF makes machine learning friendly using gamification | openappsec | Sciencx | https://www.scien.cx/2022/09/28/open-appsec-nginx-waf-makes-machine-learning-friendly-using-gamification/ |

Please log in to upload a file.

There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.