Bridging the Gap Between Research and Practice in Intelligently Bypassing WAF
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the challenges and solutions in using AI to bypass web application firewalls (WAFs) in this Black Hat conference talk. Delve into the three-step workflow of building payload datasets, applying mutation operations, and utilizing heuristic algorithms or reinforcement learning to evade WAFs. Examine two key practical issues: the diversity of payloads and their varying difficulty in bypassing security measures. Learn about innovative approaches to address these challenges, including device and semantic environments, and a core algorithm for more effective WAF evasion. Gain insights into experimental results and the broader implications for cybersecurity research and practice in this 26-minute presentation.
Syllabus
Introduction
Agenda
Related Works
Key Issues
Our Research
Our Workflow
Our Scheme
Device Environment
Semantic Environment
Core Algorithm
Experimental Results
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube