Enhancing Web Application Security: A Deep Learning and NLP-based Approach for Accurate Attack Detection
DOI:
https://doi.org/10.54654/isj.v3i20.1008Keywords:
Web attack detection, deep learning, natural language processing, web application securityTóm tắt
Abstract— Nowadays, web attacks have become more complicated, leading to the difficulty of traditional web application firewalls (WAFs) in recognizing those threats, especially when dealing with new attacks. Hence, machine learning/deep learning (ML/DL) approaches have been applied to the field of web attack detection with proven success. However, most existing ML/DL-based web attack detectors focus on a specific type of attack due to the difference in the payload of various attacks, which sets a border to the capability of those solutions in detecting new attack types. In this paper, we propose a novel DL-based solution for web attack detection, named DL-WAD, leveraging deep learning and natural language processing techniques. Moreover, DL-WAD is designed with a data preprocessing mechanism aimed at differentiating between regular web requests and malicious ones that carry attack payloads encompassing multiple types of web attacks. The experiment results indicate the effectiveness of our solution in protecting the target web services from a wide range of attacks with high accuracy.
Downloads
References
R. A. Muzaki, O. C. Briliyant, M. A. Hasditama and H. Ritchi, "Improving Security of Web-Based Application Using ModSecurity and Reverse Proxy in Web Application Firewall," in 2020 International Workshop on BigData and Information Security, 2020.
S. Prandl, M. Lazarescu and D.-S. Pham, "A Study of Web Application Firewall Solutions," in International Conference on Information Systems Security (ICISS 2015), 2015.
Dau, H. X., Trang, N. T. T., & Hung, N. T. (2022). A Survey of Tools and Techniques for Web Attack Detection. Journal of Science and Technology on Information Security, 1(15), 109-118. https://doi.org/10.54654/isj.v1i15.852.
S. O. Uwagbole, W. J. Buchanan and L. Fan, "Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention," in 2017 IFIP/IEEE (IM), 2017.
X. Kuang, M. Zhang, H. Li, G. Zhao, H. Cao, Z. Wu and X. Wang, "DeepWAF: Detecting Web Attacks Based on CNN and LSTM Models," in International Symposium on Cyberspace Safety and Security (CSS 2019), 2019.
W. B. Shahid, B. Aslam, H. Abbas, S. B. Khalid and H. Afzal, "An enhanced deep learning based framework for web attacks detection, mitigation and attacker profiling," Journal of Network and Computer Applications, vol. 198, 2022.
M. Zhang, B. Xu, S. Bai, S. Lu and Z. Lin, "A Deep Learning Method to Detect Web Attacks Using a Specially Designed CNN," in International Conference on Neural Information Processing (ICONIP 2017), 2017.
Z. Tian, C. Luo, J. Qiu, X. Du and M. Guizani, "A Distributed Deep Learning System for Web Attack Detection on Edge Devices," IEEE Transactions on Industrial Informatics, vol. 16, 2020.
H. Karacan and M. Sevri, "A Novel Data Argumentation Technique and Deep Learning model for Web Application Security," IEEE Access, vol. 9, 2021.
Y. E. Seyyar, A. G. Yavuz and H. M. Ünver, "Detection of Web Attacks Using the BERT Model," in 2022 30th Signal Processing and Communications Applications Conference (SIU), 2022.
T. Mikolov, K. Chen, G. Corrado and J. Dean, "Efficient Estimation of Word Representations in Vector Space," arXiv, 2013.
M. Schuster and K. Paliwal, "Bidirectional recurrent neural networks," IEEE Transactions on Signal Processing, vol. 45, 1997.
C. T. Giménez, A. P. Villegas and G. Á. Marañón, "HTTP DATASET CSIC 2010," Available: https://www.isi.csic.es/dataset/. [Accessed 2023].
"Fwaf Machine Learning driven Web Application Firewall," 2017. [Online]. Available: https://github.com/faizann24/Fwaf-Machine-Learning-driven-Web-Application-Firewall . [Accessed 2023].
"HttpParams Dataset," [Online]. Available: https://github.com/Morzeux/HttpParamsDataset. [Accessed 2023].
Downloads
Published
How to Cite
Issue
Section
License
Proposed Policy for Journals That Offer Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Proposed Policy for Journals That Offer Delayed Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).