| Title | Anomaly-Based Web Attack Detection: A Deep Learning Approach |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Liang, Jingxi, Zhao, Wen, Ye, Wei |
| Conference Name | Proceedings of the 2017 VI International Conference on Network, Communication and Computing |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5366-3 |
| Keywords | anomaly detection, Collaboration, cyber physical systems, Deep Learning, HTTP requests, Metrics, neural networks security, policy, policy-based governance, Policy-Governed Secure Collaboration, pubcrawl, recurrent neural network, resilience, Resiliency, web security |
| Abstract | As the era of cloud technology arises, more and more people are beginning to migrate their applications and personal data to the cloud. This makes web-based applications an attractive target for cyber-attacks. As a result, web-based applications now need more protections than ever. However, current anomaly-based web attack detection approaches face the difficulties like unsatisfying accuracy and lack of generalization. And the rule-based web attack detection can hardly fight unknown attacks and is relatively easy to bypass. Therefore, we propose a novel deep learning approach to detect anomalous requests. Our approach is to first train two Recurrent Neural Networks (RNNs) with the complicated recurrent unit (LSTM unit or GRU unit) to learn the normal request patterns using only normal requests unsupervisedly and then supervisedly train a neural network classifier which takes the output of RNNs as the input to discriminate between anomalous and normal requests. We tested our model on two datasets and the results showed that our model was competitive with the state-of-the-art. Our approach frees us from feature selection. Also to the best of our knowledge, this is the first time that the RNN is applied on anomaly-based web attack detection systems. |
| URL | http://doi.acm.org/10.1145/3171592.3171594 |
| DOI | 10.1145/3171592.3171594 |
| Citation Key | liang_anomaly-based_2017 |
Anomaly-Based Web Attack Detection: A Deep Learning Approach