4thwall WAF Model
This model is a custom Web Application Firewall (WAF) classifier built by fine-tuning the distilbert (DistilBertForSequenceClassification) architecture. It is designed to identify and classify HTTP requests as either safe or potentially malicious (similarly to ModSecurity).
Model Details
- Model Type: Text Classification (DistilBERT)
- Task: Identifying Malicious HTTP Requests (Web Application Firewall)
- Use Case: Can be used as a standalone classifier or inline ML-based proxy to analyze real-time HTTP traffic and reject high-risk requests (e.g., 403 Forbidden).
Intended Uses & Limitations
- Intended Use: Inspecting HTTP paths, headers, and payloads for malicious intent (e.g., SQL Injection, XSS, etc.). Ideal for use within an ML pipeline integrating with services like Nginx or a customized inline WAF proxy.
- Limitations: The model acts as a learning proxy and can still result in False Positives or False Negatives. Continuous learning and manual feedback over time can help improve model confidence.
Metrics
During evaluation, the model achieved the following metrics:
- Accuracy: 94.23%
- Precision: 92.50%
- Recall: 93.10%
- F1 Score: 92.80%
How to Get Started with the Model
from transformers import pipeline
# Load the WAF classifier
waf_classifier = pipeline("text-classification", model="your-username/my-waf-model")
# Example request payload
payload = "GET /index.php?id=1 UNION SELECT 1,2,3-- HTTP/1.1"
# Predict if malicious or benign
result = waf_classifier(payload)
print(result)
- Downloads last month
- 29