Home > CSC-OpenAccess Library > Manuscript Information
EXPLORE PUBLICATIONS BY COUNTRIES |
 |
 |
EUROPE |
|
MIDDLE EAST |
|
ASIA |
|
AFRICA |
| ............................. | |
|
United States of America |
|
United Kingdom |
|
Canada |
|
Australia |
|
Italy |
|
France |
|
Brazil |
|
Germany |
|
Malaysia |
|
Turkey |
|
China |
|
Taiwan |
|
Japan |
|
Saudi Arabia |
|
Jordan |
|
Egypt |
|
United Arab Emirates |
|
India |
|
Nigeria |
Enhancing Web Application Security through Browser-Native
WAF Integration
Hritesh Yadav, Ganapathy Subramanian Ramachandran
Pages - 127 - 135 | Revised - 30-06-2025 | Published - 31-08-2025
MORE INFORMATION
KEYWORDS
Web Application Firewall, Enterprise Browser Security, Application Security, Zero
Trust Architecture, Client-side Security, Browser Security Extensions.
ABSTRACT
The proliferation of web-based enterprise applications and the increasing sophistication of
application-layer attacks have exposed limitations in traditional Web Application Firewall (WAF)
deployments. This paper presents a novel approach to web application security by integrating
WAF capabilities directly into enterprise browsers, enabling context-aware, client-side security
controls. We propose a comprehensive architecture that addresses the challenges of traditional
network-based WAFs while introducing new capabilities for threat detection and mitigation.
Furthermore, our approach significantly reduces response latency while maintaining equivalent
security coverage. This paper details the technical implementation, evaluates performance
metrics, and discusses the implications for enterprise security architectures.
| Fass, A., Somé, D. F., Backes, M., & Stock, B. (2021, November). Doublex: Statically detecting vulnerable data flows in browser extensions at scale. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (pp. 1789-1804). | |
| Hoffman, A. (2024). Web application security. " O'Reilly Media, Inc.". | |
| Kariryaa, A., Savino, G. L., Stellmacher, C., & Schöning, J. (2021). Understanding users' knowledge about the privacy and security of browser extensions. In seventeenth symposium on usable privacy and security (SOUPS 2021) (pp. 99-118). | |
| Kaur, J., Garg, U., & Bathla, G. (2023). Detection of cross-site scripting (XSS) attacks using machine learning techniques: a review. Artificial Intelligence Review, 56(11), 12725-12769. | |
| Knittel, L., Mainka, C., Niemietz, M., Noß, D. T., & Schwenk, J. (2021, November). Xsinator. com: From a formal model to the automatic evaluation of cross-site leaks in web browsers. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (pp. 1771-1788). | |
| Li, X., & Xue, Y. (2014). A survey on server-side approaches to securing web applications. ACM Computing Surveys (CSUR), 46(4), 1-29. | |
| Lim, J., Jin, Y., Alharthi, M., Zhang, X., Jung, J., Gupta, R., ... & Kim, T. (2021). SoK: On the analysis of web browser security. arXiv preprint arXiv:2112.15561. | |
| Shahid, J., Hameed, M. K., Javed, I. T., Qureshi, K. N., Ali, M., & Crespi, N. (2022). A comparative study of web application security parameters: Current trends and future directions. Applied Sciences, 12(8), 4077. | |
| Weissbacher, M., Robertson, W., Kirda, E., Kruegel, C., & Vigna, G. (2015). {ZigZag}: Automatically hardening web applications against client-side validation vulnerabilities. In 24th USENIX Security Symposium (USENIX Security 15) (pp. 737-752). | |
| Wibowo, R. M., &Sulaksono, A. (2021). Web vulnerability through Cross Site Scripting (XSS) detection with OWASP security shepherd. Indonesian Journal of Information Systems, 3(2), 149-159. | |
Mr. Hritesh Yadav
Palo Alto Networks Inc - United States of America
hriteshyadav.2021@gmail.com
Mr. Ganapathy Subramanian Ramachandran
Independent Researcher
Sunnyvale, 94085 - United States of America
|
|
|
|
| View all special issues >> | |
|
|
