"The logic exists, data is useless."
AxiomWAF is a next-generation Web Application Firewall engine built on a proprietary mathematical framework that prioritizes deterministic security logic over raw data volume. While the industry is obsessed with "Big Data" and black-box neural networks that require millions of samples to learn basic patterns, AxiomWAF proves that when your logic is correct, data is merely a supporting witness.
In traditional machine learning, models are "data-hungry" because they lack a fundamental understanding of what an attack is. They guess based on probability.
AxiomWAF is different. We don't care about the size of the dataset; we care about the hypotheses the model discovers. Our math framework extracts the "Universal Laws" of security. Once a law is discovered (e.g., how entropy correlates with evasion in a SQL context), it remains true whether you have 200 samples or 200 million.
- Impossible to Overfit: Because we train on "laws" and not "pixels," our results remain consistent regardless of training size.
- Data Independence: The data only supports the model. If there is no data, the logic remains. If there is more data, the logic merely becomes more refined, not different.
We tested 3 versions of the Axiom engine across a massive real-world dataset containing complex bypasses, encoding layers, and advanced injection techniques.
| Model Tier | Training Samples | Model Size | MCC (Matthews Correlation) | Accuracy |
|---|---|---|---|---|
| Axiom-Nano | 200 | 199 KB | 0.9712 | 99.50% |
| Axiom-Mini | 15,000 | 1.01 MB | 0.9712 | 99.50% |
| Axiom-Full | 60,000 | 28.7 MB | 0.9712 | 99.50% |
As shown above, the Axiom-Nano (trained on only 200 samples) achieves the exact same performance as the 60,000-sample model on a test set of over 300,000 requests.
This is the Axiom advantage. Most models would fail or wildly overfit with 200 samples. AxiomWAF identifies the core security hypotheses so efficiently that it reaches "Logic Saturation" almost instantly.
At only 1 MB, the Axiom-Mini model outperforms multi-gigabyte neural networks. It is designed for edge deployment where memory is scarce but security is non-negotiable. It handles real-world bypasses (double-encoding, comment injection, whitespace obfuscation) with mathematical precision.
The 28 MB Full Model is our "Statistical Absolute." It doesn't just find the laws; it proves them across 60,000 real-world interactions. It is designed for enterprise-grade throughput and zero-compromise stability.
Below are the results from our Massive Test run (313k samples):
Figure 1: Near-perfect classification across 300,000+ requests.
Figure 2: Exceptional recall across diverse attack vectors (SQLi, XSS, RCE, Cmdi).
AxiomWAF is built on a diverse and comprehensive dataset that mirrors the actual threat landscape. Unlike academic datasets that are often sterile or outdated, our training data is derived from the front lines of web security.
- SecLists Integration: Direct ingestion of curated payload banks from the industry-standard SecLists repository, including specialized lists for SQLi, XSS, XXE, and NoSQL.
- Real Benign Traffic: 100% real benign URLs fetched from verified GitHub sources and common discovery lists, ensuring the model understands the nuances of legitimate API endpoints and complex web structures.
- Advanced Evasion Transforms: Every attack sample is subjected to 12 distinct evasion techniques (e.g., double-URL encoding, case variation, comment-based obfuscation) to ensure the model cannot be bypassed by simple encoding tricks.
- Global Threat Context: Integration of payloads from high-fidelity sources like
payload-box,FuzzDB, and specialized WAF-bypass repositories.
AxiomWAF is currently available for:
- Research Partnerships: Academic and independent security research.
- Commercial Licensing: Enterprise integration for high-performance WAF solutions.
For inquiries regarding partnerships or commercial usage, please reach out through the email zs.01117875692@gmail.com