Visible to the public Research and Implementation of Intelligent Detection for Deserialization Attack Traffic

TitleResearch and Implementation of Intelligent Detection for Deserialization Attack Traffic
Publication TypeConference Paper
Year of Publication2022
AuthorsChen, Jianhua, Yang, Wenchuan, Cui, Can, Zhang, Yang
Conference Name2022 4th International Academic Exchange Conference on Science and Technology Innovation (IAECST)
Date Publisheddec
KeywordsAnalytical models, command injection attacks, composability, Deep Learning, Intrusion detection, intrusion traffic detection, Metrics, Network security, Prototypes, pubcrawl, resilience, Resiliency, SQL Injection, Technological innovation
AbstractIn recent years, as an important part of the Internet, web applications have gradually penetrated into life. Now enterprises, units and institutions are using web applications regardless of size. Intrusion detection to effectively identify malicious traffic has become an inevitable requirement for the development of network security technology. In addition, the proportion of deserialization vulnerabilities is increasing. Traditional intrusion detection mostly focuses on the identification of SQL injection, XSS, and command execution, and there are few studies on the identification of deserialization attack traffic. This paper use a method to extracts relevant features from the deserialized traffic or even the obfuscated deserialized traffic by reorganizing the traffic and running the relevant content through simulation, and combines deep learning technology to make judgments to efficiently identify deserialization attacks. Finally, a prototype system was designed to capture related attacks in real-world. The technology can be used in the field of malicious traffic detection and help combat Internet crimes in the future.
DOI10.1109/IAECST57965.2022.10061969
Citation Keychen_research_2022