ОБЕСПЕЧЕНИЕ БЕЗОПАСНОСТИ ИНТЕРНЕТ ВЕЩЕЙ В ПРОМЫШЛЕННОСТИ 4.0 С ИСПОЛЬЗОВАНИЕМ WAF
Keywords:
Умный дом, Интернет вещей, WAF, атака, OWASP.Abstract
Сегодня возрастает необходимость удаленно управлять бытовой техникой, ставить перед ней задачи и получать от нее нужную информацию. Интернет вещей (IoT) — это совокупность объектов, сервисов и устройств, соединенных друг с другом для обмена данными в различных отраслях и приложениях с использованием Интернета. Однако существуют риски и опасности, такие как физические атаки, атаки по сторонним каналам, атаки криптоанализа, программные атаки, сетевые атаки, нацеленные на устройства IoT. Сетевые атаки не требуют физического доступа к сети для создания серьезных сбоев. Брандмауэр делит сеть на две части: доверенную сеть и ненадежную сеть. В этой работе мы рассматриваем безопасность IoT с помощью брандмауэров веб-приложений.
References
Markets & Markets, " Web Application Firewall Market Size and Share," [online]. Available: https://www.marketsandmarkets.com/Market-Reports/web-application-firewall-market-176479811.html [Accessed 18th July 2022].
Pałka, Dariusz, and Marek Zachara. "Learning web application firewall-benefits and caveats." International Conference on Availability, Reliability, and Security. Springer, Berlin, Heidelberg, 2011.
Hope, Paco, and Ben Walther. Web security testing cookbook: systematic techniques to find problems fast. " O‘Reilly Media, Inc.", 2008.
Pubal, Jason. "Web Application Firewalls." SANS Institute Reading Room (2015).
Briscoe, Neil. "Understanding the OSI 7-layer model." PC Network Advisor 120.2 (2000): 13-15.
Endraca, Alexander, et al. "Web Application Fi rewall (W AF)." International Journal of e-Education, e-Business, e-Management and e-Learning 3.6 (2013): 451.
Narayana, Srikar. "Security Analysis of Web Application for Industrial Internet of Things." (2022).
Dupont, Benoit. "The cyber security environment to 2022: trends, drivers and implications." Drivers and Implications (2012).
Clincy, Victor, and Hossain Shahriar. "Web application firewall: Network security models and configuration." 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC). Vol. 1. IEEE, 2018.
Amouei, Mohammadhossein, Mohsen Rezvani, and Mansoor Fateh. "RAT: Reinforcement-Learning-Driven and Adaptive Testing for Vulnerability Discovery in Web Application Firewalls." IEEE Transactions on Dependable and Secure Computing (2021).
Safoev, N., & Nasrullaev, N. (2021, November). Low area QCA Demultiplexer Design. In 2021 International Conference on Information Science and Communications Technologies (ICISCT) (pp. 01-05). IEEE.
Rajaboevich, G. S., Baxtiyarovich, N. N., & Salimovna, F. D. (2020, November). Methods and intelligent mechanisms for constructing cyberattack detection components on distance-learning systems. In 2020 International Conference on Information Science and Communications Technologies (ICISCT) (pp. 1-6). IEEE.
Yakubdjanovna, I. D., Bakhtiyarovich, N. N., & lqbol Ubaydullayevna, X. (2020, November). Implementation of intercorporate correlation of information security messages and audits. In 2020 International Conference on Information Science and Communications Technologies (ICISCT) (pp. 1-4). IEEE.
Baxtiyorovich, N. N., & Ubaydullaevna, H. I. (2019, November). Method of analyzing of antivirus errors when audit provides. In 2019 International Conference on Information Science and Communications Technologies (ICISCT) (pp. 1-3). IEEE.
Bakhodir, Y., Nurbek, N., & Odiljon, Z. (2019). Methods for applying of scheme of packet filtering rules. International Journal of Innovative Technology and Exploring Engineering, 8(11), 1014-1019.
Gulomov, S. R., & Bakhtiyorovich, N. N. (2016, November). Method for security monitoring and special filtering traffic mode in info communication systems. In 2016 International Conference on Information Science and Communications Technologies (ICISCT) (pp. 1-6). IEEE.
N Akhmedov, H Khujamatov, A Lazarev, M Seidullayev (2021, November). Application of LPWAN technologies for the implementation of iot projects in the Republic of Uzbekistan. In 2021 International Conference on Information Science and Communications Technologies (ICISCT).IEEE.
