Web Application Firewall With Telegram Bot Integration

Authors

  • Herny Ramadhani Mohd Husny Universiti Kuala Lumpur
  • Dalilah Abdullah Universiti Kuala Lumpur
  • Norsuhaili Seid Universiti Kuala Lumpur
  • Mohamad Amshar Solaiman Universiti Kuala Lumpur

Abstract

With the increasing trends of web-based attacks and successful hacks through vulnerability in web application, many organizations has turned to Web Application Firewall (WAF) as a countermeasure to secure their website from intruders. Despite its effectiveness, WAF is still subjected to advanced attack in which web administrators may need real-time attack notification in order to mitigate successfully. Apart from that, most enterprise level WAF on the market is expensive and feature administration interface that is complex to use (steep learning curve). Staffs need to be trained to handle these devices and that in turn add up to more cost. The project aim to provide solution for these problems by developing a WAF that can be managed through the Telegram chat interface. This enable administrator to receive real-time notification while an attack is ongoing and also makes management of the WAF less complex due to the simplistic interface of the Telegram client. As a plus, the resulting product is also more cost effective compared to most enterprise-level WAF on the market, thus this project is targeted for SME companies, which mostly run e-commerce websites. A SME company could save on resources while still be able to afford baseline security for their crucial web application, which may contain very sensitive financial information about their clients and the company itself.

Published

2017-12-21

Issue

Vol. 2 No. 1 (2017)

Section

Articles

Submission of an original manuscript to the Journal of Computing Technologies and Creative Content (JTeC) will be taken to mean that it represents original work not previoussly published, that it is not being considered elsewhere for publication. All submitted articles that are published by JTeC cannot be published anywhere by the authors unless with the permission by JTeC Editors. JTeC reserves the right to the publications of the articles it published, and reserves the right to reuse the articles elsewhere for academic purposes, while still retaining the names of the original authors with the original articles.

JTeC takes the stance that the publication of scholarly research is meant to disseminate knowledge and in a not-for-profit regime, benefits neither publisher nor author financially. It sees itself as having obligation to its author and to society to make content available online now that the technology allows for such possibility.