Analysis of traditional web security solutions and proposal of a web attacks cognitive patterns classifier architecture

Abstract

[eng] The present work proposes a security architecture for web servers called Web Attacks Cognitive Patterns Classifier, which makes use of cognitive security concepts to deliver a more complete solution than existing ones. The architecture proposes the development of an integrated software solution where existing tools such as Elasticsearch, Logstash and Kibana are incorporated. The proposed system will be nurtured using data of attacks obtained from honeypots implemented in hacker communities; such data will be analyzed by using machine learning algorithms and behavioral parameters to determinate attack patterns and classifications. The present work also makes a literature review of existing web security solutions, to understand their limitations and to explain the reasons why the creation of the proposed architecture was necessary. We can say that usage of different technologies oriented to a specific problem can generate better solutions; in the case of this work, different technologies such as ELK Stack, Cognitive Security, Machine Learning techniques and Honeypots have been combined for the assurance, prevention and proactive security of Web Servers.