{"id":"https://openalex.org/W4214813133","doi":"https://doi.org/10.1109/iscisc53448.2021.9720473","title":"Using Deep Reinforcement Learning to Evade Web Application Firewalls","display_name":"Using Deep Reinforcement Learning to Evade Web Application Firewalls","publication_year":2021,"publication_date":"2021-09-01","ids":{"openalex":"https://openalex.org/W4214813133","doi":"https://doi.org/10.1109/iscisc53448.2021.9720473"},"language":"en","primary_location":{"id":"doi:10.1109/iscisc53448.2021.9720473","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iscisc53448.2021.9720473","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 18th International ISC Conference on Information Security and Cryptology (ISCISC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5108781330","display_name":"Mojtaba Hemmati","orcid":null},"institutions":[{"id":"https://openalex.org/I78323350","display_name":"Malek Ashtar University of Technology","ror":"https://ror.org/0043ezw98","country_code":"IR","type":"education","lineage":["https://openalex.org/I78323350"]}],"countries":["IR"],"is_corresponding":true,"raw_author_name":"Mojtaba Hemmati","raw_affiliation_strings":["Malek-Ashtar University of Technology,Faculty of Electrical and Computer Engineering,Iran","Faculty of Electrical and Computer Engineering, Malek-Ashtar University of Technology, Iran"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Malek-Ashtar University of Technology,Faculty of Electrical and Computer Engineering,Iran","institution_ids":["https://openalex.org/I78323350"]},{"raw_affiliation_string":"Faculty of Electrical and Computer Engineering, Malek-Ashtar University of Technology, Iran","institution_ids":["https://openalex.org/I78323350"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5048341186","display_name":"Mohammad Ali Hadavi","orcid":null},"institutions":[{"id":"https://openalex.org/I78323350","display_name":"Malek Ashtar University of Technology","ror":"https://ror.org/0043ezw98","country_code":"IR","type":"education","lineage":["https://openalex.org/I78323350"]}],"countries":["IR"],"is_corresponding":false,"raw_author_name":"Mohammad Ali Hadavi","raw_affiliation_strings":["Malek-Ashtar University of Technology,Faculty of Electrical and Computer Engineering,Iran","Faculty of Electrical and Computer Engineering, Malek-Ashtar University of Technology, Iran"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Malek-Ashtar University of Technology,Faculty of Electrical and Computer Engineering,Iran","institution_ids":["https://openalex.org/I78323350"]},{"raw_affiliation_string":"Faculty of Electrical and Computer Engineering, Malek-Ashtar University of Technology, Iran","institution_ids":["https://openalex.org/I78323350"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5108781330"],"corresponding_institution_ids":["https://openalex.org/I78323350"],"apc_list":null,"apc_paid":null,"fwci":1.1211,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.80209864,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"35","last_page":"41"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/reinforcement-learning","display_name":"Reinforcement learning","score":0.8649691343307495},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8103315234184265},{"id":"https://openalex.org/keywords/sql-injection","display_name":"SQL injection","score":0.7294744253158569},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.6648629307746887},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.555860698223114},{"id":"https://openalex.org/keywords/payload","display_name":"Payload (computing)","score":0.5424739122390747},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.5230525732040405},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.52113276720047},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.47202935814857483},{"id":"https://openalex.org/keywords/application-firewall","display_name":"Application firewall","score":0.4570688009262085},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.45616206526756287},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.45194366574287415},{"id":"https://openalex.org/keywords/retraining","display_name":"Retraining","score":0.4390026926994324},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4033217430114746},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4010379910469055},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.3737097382545471},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.23420441150665283},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.18033325672149658},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.16736358404159546}],"concepts":[{"id":"https://openalex.org/C97541855","wikidata":"https://www.wikidata.org/wiki/Q830687","display_name":"Reinforcement learning","level":2,"score":0.8649691343307495},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8103315234184265},{"id":"https://openalex.org/C150451098","wikidata":"https://www.wikidata.org/wiki/Q506059","display_name":"SQL injection","level":5,"score":0.7294744253158569},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.6648629307746887},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.555860698223114},{"id":"https://openalex.org/C134066672","wikidata":"https://www.wikidata.org/wiki/Q1424639","display_name":"Payload (computing)","level":3,"score":0.5424739122390747},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.5230525732040405},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.52113276720047},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.47202935814857483},{"id":"https://openalex.org/C86444895","wikidata":"https://www.wikidata.org/wiki/Q451816","display_name":"Application firewall","level":4,"score":0.4570688009262085},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.45616206526756287},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.45194366574287415},{"id":"https://openalex.org/C2778712577","wikidata":"https://www.wikidata.org/wiki/Q3505966","display_name":"Retraining","level":2,"score":0.4390026926994324},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4033217430114746},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4010379910469055},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.3737097382545471},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.23420441150665283},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.18033325672149658},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.16736358404159546},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.0},{"id":"https://openalex.org/C194222762","wikidata":"https://www.wikidata.org/wiki/Q114486","display_name":"Query by Example","level":4,"score":0.0},{"id":"https://openalex.org/C97854310","wikidata":"https://www.wikidata.org/wiki/Q19541","display_name":"Search engine","level":2,"score":0.0},{"id":"https://openalex.org/C155202549","wikidata":"https://www.wikidata.org/wiki/Q178803","display_name":"International trade","level":1,"score":0.0},{"id":"https://openalex.org/C164120249","wikidata":"https://www.wikidata.org/wiki/Q995982","display_name":"Web search query","level":3,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.0},{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.0},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/iscisc53448.2021.9720473","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iscisc53448.2021.9720473","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 18th International ISC Conference on Information Security and Cryptology (ISCISC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6299999952316284,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W1522301498","https://openalex.org/W2095577883","https://openalex.org/W2145339207","https://openalex.org/W2155968351","https://openalex.org/W2156387975","https://openalex.org/W2201581102","https://openalex.org/W2493916176","https://openalex.org/W2736601468","https://openalex.org/W2746553466","https://openalex.org/W2784452215","https://openalex.org/W2932977083","https://openalex.org/W2942437031","https://openalex.org/W2946127746","https://openalex.org/W2964067469","https://openalex.org/W2999097465","https://openalex.org/W3021693099","https://openalex.org/W3030336008","https://openalex.org/W3188417193","https://openalex.org/W3204700857","https://openalex.org/W4214717370","https://openalex.org/W6631190155","https://openalex.org/W6682889407","https://openalex.org/W6687681856","https://openalex.org/W6741002519","https://openalex.org/W6748325151","https://openalex.org/W6756303580","https://openalex.org/W6778735030"],"related_works":["https://openalex.org/W4320496375","https://openalex.org/W2955734438","https://openalex.org/W2167752994","https://openalex.org/W2775081089","https://openalex.org/W2504194819","https://openalex.org/W2407701912","https://openalex.org/W4256450364","https://openalex.org/W4238821156","https://openalex.org/W1982746004","https://openalex.org/W4245700610"],"abstract_inverted_index":{"Web":[0],"application":[1,15],"firewalls":[2],"(WAF)":[3],"are":[4,31],"the":[5,45,52,78,128,134,146],"last":[6],"line":[7],"of":[8,123],"defense":[9],"in":[10,68,154],"protecting":[11],"web":[12],"applications":[13],"from":[14,29],"layer":[16],"security":[17],"threats":[18],"like":[19],"SQL":[20],"injection":[21],"and":[22,119,140,157],"cross-site":[23],"scripting.":[24],"Currently,":[25],"most":[26],"evasion":[27,111],"techniques":[28],"WAFs":[30,46,53],"still":[32],"developed":[33],"manually.":[34],"In":[35],"this":[36,85],"work,":[37],"we":[38,87],"propose":[39],"a":[40,89,121],"solution,":[41],"which":[42,51,63],"automatically":[43],"scans":[44],"to":[47,108,126],"find":[48],"payloads":[49],"through":[50],"can":[54,64,76],"be":[55,65],"bypassed.":[56],"Our":[57,150],"solution":[58,151],"finds":[59],"out":[60],"rules":[61],"defects,":[62],"further":[66],"used":[67],"rule":[69],"tuning":[70],"for":[71,82,105],"rule-based":[72],"WAFs.":[73,160],"Also,":[74],"it":[75],"enrich":[77],"machine":[79,158],"learning-based":[80,159],"dataset":[81],"retraining.":[83],"To":[84],"purpose,":[86],"provide":[88],"framework":[90,114],"based":[91],"on":[92],"reinforcement":[93],"learning":[94],"with":[95,99,145],"an":[96,117],"environment":[97],"compatible":[98],"OpenAI":[100],"gym":[101],"toolset":[102],"standards,":[103],"employed":[104],"training":[106],"agents":[107],"implement":[109],"WAF":[110],"tasks.":[112],"The":[113],"acts":[115],"as":[116],"adversary":[118],"exploits":[120],"set":[122],"mutation":[124],"operators":[125],"mutate":[127],"malicious":[129],"payload":[130],"syntactically":[131],"without":[132],"affecting":[133],"original":[135],"semantics.":[136],"We":[137],"use":[138],"Q-learning":[139],"proximal":[141],"policy":[142],"optimization":[143],"algorithms":[144],"deep":[147],"neural":[148],"network.":[149],"is":[152],"successful":[153],"evading":[155],"signature-based":[156]},"counts_by_year":[{"year":2026,"cited_by_count":4},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":3}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}