The general objective of this project is to build machine learning-assisted web application firewall mechanisms for the identification, analysis and prevention of computer attacks on web applications. The main idea is to combine the flexibility provided by the classification procedures obtained from machine learning models with the codified knowledge integrated in the specification of the OWASP Core Rule Set used by the ModSecurity WAF to detect attacks, while reducing false positives. The next figure shows a high-level overview of the architecture:
This repository contains WACE itself, the core component of the solution. It connects ModSecurity to the machine learning models.
Please see the Apache module repo and the machine learning model repo for the rest of the components.
You can find more information about the project, including published research articles, at the WAF Mind site
RPM packages for Red Hat Enterprise Linux 8 (or any compatible distribution) are provided in the releases page.
For compilation and manual installation instructions, please see the docs directory.
Build RPM from source
cd ~/waceserver
rsync -av --progress . wace-{version} --exclude .git
tar -czvf {user}/rpmbuild/SOURCES/wace-{version}.tar.gz ./wace-{version}/
cd wace-{version}/
rpmbuild -ba wace.spec
Copyright (c) 2022 Tilsor SA, Universidad de la República and Universidad Católica del Uruguay. All rights reserved.
WACE and its components are distributed under Apache Software License (ASL) version 2. Please see the enclosed LICENSE file for full details.