{"id":"https://openalex.org/W7117878256","doi":"https://doi.org/10.1109/access.2025.3650335","title":"Using the Reinforcement Learning Agent to Test the Correctness of Rule Configuration in Web Application Firewalls","display_name":"Using the Reinforcement Learning Agent to Test the Correctness of Rule Configuration in Web Application Firewalls","publication_year":2026,"publication_date":"2026-01-01","ids":{"openalex":"https://openalex.org/W7117878256","doi":"https://doi.org/10.1109/access.2025.3650335"},"language":null,"primary_location":{"id":"doi:10.1109/access.2025.3650335","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3650335","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2025.3650335","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5003046094","display_name":"Mariusz Sepczuk","orcid":"https://orcid.org/0000-0002-4054-3478"},"institutions":[{"id":"https://openalex.org/I108403487","display_name":"Warsaw University of Technology","ror":"https://ror.org/00y0xnp53","country_code":"PL","type":"education","lineage":["https://openalex.org/I108403487"]}],"countries":["PL"],"is_corresponding":true,"raw_author_name":"Mariusz Sepczuk","raw_affiliation_strings":["Faculty of Electronics and Information Technology, Warsaw University of Technology, Warsaw, Poland"],"affiliations":[{"raw_affiliation_string":"Faculty of Electronics and Information Technology, Warsaw University of Technology, Warsaw, Poland","institution_ids":["https://openalex.org/I108403487"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091929774","display_name":"Krzysztof Sosnowski","orcid":null},"institutions":[{"id":"https://openalex.org/I108403487","display_name":"Warsaw University of Technology","ror":"https://ror.org/00y0xnp53","country_code":"PL","type":"education","lineage":["https://openalex.org/I108403487"]}],"countries":["PL"],"is_corresponding":false,"raw_author_name":"Krzysztof Sosnowski","raw_affiliation_strings":["Faculty of Electrical Engineering, Warsaw University of Technology, Warsaw, Poland"],"affiliations":[{"raw_affiliation_string":"Faculty of Electrical Engineering, Warsaw University of Technology, Warsaw, Poland","institution_ids":["https://openalex.org/I108403487"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5003046094"],"corresponding_institution_ids":["https://openalex.org/I108403487"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.01269475,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"14","issue":null,"first_page":"2134","last_page":"2151"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.7271000146865845,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.7271000146865845,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.1111999973654747,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.042399998754262924,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.7508000135421753},{"id":"https://openalex.org/keywords/correctness","display_name":"Correctness","score":0.7457000017166138},{"id":"https://openalex.org/keywords/reinforcement-learning","display_name":"Reinforcement learning","score":0.7141000032424927},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.637499988079071},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.6263999938964844},{"id":"https://openalex.org/keywords/blocking","display_name":"Blocking (statistics)","score":0.5529999732971191},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4984999895095825},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.48339998722076416},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.47440001368522644}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8838000297546387},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.7508000135421753},{"id":"https://openalex.org/C55439883","wikidata":"https://www.wikidata.org/wiki/Q360812","display_name":"Correctness","level":2,"score":0.7457000017166138},{"id":"https://openalex.org/C97541855","wikidata":"https://www.wikidata.org/wiki/Q830687","display_name":"Reinforcement learning","level":2,"score":0.7141000032424927},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.637499988079071},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.6263999938964844},{"id":"https://openalex.org/C144745244","wikidata":"https://www.wikidata.org/wiki/Q4927286","display_name":"Blocking (statistics)","level":2,"score":0.5529999732971191},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4984999895095825},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.48339998722076416},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.47440001368522644},{"id":"https://openalex.org/C128942645","wikidata":"https://www.wikidata.org/wiki/Q1568346","display_name":"Test case","level":3,"score":0.3813999891281128},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.3472999930381775},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.34439998865127563},{"id":"https://openalex.org/C41550386","wikidata":"https://www.wikidata.org/wiki/Q529909","display_name":"Multi-agent system","level":2,"score":0.31949999928474426},{"id":"https://openalex.org/C206588197","wikidata":"https://www.wikidata.org/wiki/Q846574","display_name":"Reuse","level":2,"score":0.31360000371932983},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.30320000648498535},{"id":"https://openalex.org/C2777210771","wikidata":"https://www.wikidata.org/wiki/Q4927124","display_name":"Block (permutation group theory)","level":2,"score":0.2939000129699707},{"id":"https://openalex.org/C151552104","wikidata":"https://www.wikidata.org/wiki/Q7705809","display_name":"Test suite","level":4,"score":0.2924000024795532},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.2890999913215637},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2809000015258789},{"id":"https://openalex.org/C74072328","wikidata":"https://www.wikidata.org/wiki/Q1142726","display_name":"Intelligent agent","level":2,"score":0.2800999879837036},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.2786000072956085},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.27390000224113464},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2705000042915344},{"id":"https://openalex.org/C2777267654","wikidata":"https://www.wikidata.org/wiki/Q3519023","display_name":"Test (biology)","level":2,"score":0.2680000066757202},{"id":"https://openalex.org/C2778583558","wikidata":"https://www.wikidata.org/wiki/Q771245","display_name":"Code reuse","level":3,"score":0.25940001010894775},{"id":"https://openalex.org/C109086967","wikidata":"https://www.wikidata.org/wiki/Q2509100","display_name":"Test script","level":4,"score":0.2547000050544739},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.2513999938964844},{"id":"https://openalex.org/C96865113","wikidata":"https://www.wikidata.org/wiki/Q2946816","display_name":"Certificate","level":2,"score":0.2508000135421753},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.2500999867916107}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/access.2025.3650335","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3650335","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1109/access.2025.3650335","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3650335","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6347259879112244}],"awards":[{"id":"https://openalex.org/G1920338450","display_name":null,"funder_award_id":"CPR-IDUB/54/Z01/POB3/2024","funder_id":"https://openalex.org/F4320322637","funder_display_name":"Politechnika Warszawska"}],"funders":[{"id":"https://openalex.org/F4320322637","display_name":"Politechnika Warszawska","ror":"https://ror.org/00y0xnp53"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":33,"referenced_works":["https://openalex.org/W2016441490","https://openalex.org/W2209913494","https://openalex.org/W2591642604","https://openalex.org/W2809183419","https://openalex.org/W2810065972","https://openalex.org/W2883263864","https://openalex.org/W2912451346","https://openalex.org/W2963064278","https://openalex.org/W2964241064","https://openalex.org/W2993498479","https://openalex.org/W2995988246","https://openalex.org/W3154674654","https://openalex.org/W3170554148","https://openalex.org/W3180874179","https://openalex.org/W3188417193","https://openalex.org/W3213434944","https://openalex.org/W4224317173","https://openalex.org/W4284965199","https://openalex.org/W4286285091","https://openalex.org/W4295279953","https://openalex.org/W4313563646","https://openalex.org/W4318312487","https://openalex.org/W4320035250","https://openalex.org/W4320919360","https://openalex.org/W4321201289","https://openalex.org/W4381331436","https://openalex.org/W4385070750","https://openalex.org/W4390698574","https://openalex.org/W4391347706","https://openalex.org/W4400229166","https://openalex.org/W4402811769","https://openalex.org/W4416120425","https://openalex.org/W4416323636"],"related_works":[],"abstract_inverted_index":{"Data":[0],"protection":[1],"is":[2,53,59,69,138,166],"one":[3],"of":[4,9,16,49,64,85,91,118,153,168,200],"the":[5,17,83,89,131,145,151,154,186,198],"most":[6],"essential":[7],"elements":[8],"cyber":[10],"security":[11,46],"strategies":[12],"and":[13,36,123,125,189],"processes.":[14],"One":[15,62],"components":[18],"that":[19,173,184],"support":[20],"this":[21,55,79,106],"process":[22],"are":[23,32],"firewalls,":[24],"particularly":[25],"web":[26,159],"application":[27,146,160],"firewalls":[28],"(WAFs).":[29],"These":[30],"tools":[31],"responsible":[33],"for":[34,196],"detecting":[35],"blocking":[37,51],"potential":[38],"attacks":[39,95],"coming":[40],"from":[41],"user":[42],"traffic.":[43],"Their":[44],"proper":[45],"configuration":[47,68],"(usage":[48],"appropriate":[50,194],"rules)":[52],"behind":[54],"crucial":[56],"task,":[57],"which":[58],"often":[60],"marginal.":[61],"method":[63,195],"verifying":[65,197],"such":[66],"a":[67,101,110],"using":[70,100,130,185],"fuzz":[71],"tests,":[72],"but":[73],"they":[74],"have":[75],"some":[76],"drawbacks.":[77],"In":[78],"work,":[80],"we":[81,108,126,149],"investigated":[82],"effectiveness":[84,152],"WAF":[86,176,201],"configurations":[87],"in":[88],"context":[90],"cross":[92],"site":[93],"scripting":[94],"(XSS)":[96],"with":[97,114,157],"an":[98,193],"agent":[99,133,156],"reinforcement":[102],"learning":[103],"(RL)":[104],"approach.For":[105],"purpose,":[107],"created":[109],"suitable":[111],"test":[112],"environment":[113],"six":[115],"different":[116],"types":[117],"WAFs":[119],"(e.g.,":[120],"ModSecurity,":[121],"Naxsi,":[122],"SafeLine)":[124],"conducted":[127],"several":[128],"experiments":[129],"RL":[132,155,187],"to":[134,140,162,182],"check":[135],"whether":[136,164],"it":[137,165],"possible":[139],"bypass":[141,175],"attack":[142],"detection":[143],"by":[144],"firewall.":[147],"Moreover,":[148],"compared":[150],"five":[158],"fuzzers":[161],"verify":[163],"capable":[167],"finding":[169],"more":[170],"effective":[171],"payloads":[172],"can":[174,191],"detection.":[177],"The":[178],"results":[179],"allow":[180],"us":[181],"conclude":[183],"concept":[188],"fuzzing":[190],"be":[192],"efficacy":[199],"configurations.":[202]},"counts_by_year":[],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2026-01-01T00:00:00"}