Abstract
With the increasing information sharing and other activities conducted on the World Wide Web, the Web has become the main venue for attackers to make troubles. The effective methods to detect Web attacks are critical and significant to guarantee the Web security. In recent years, many machine learning methods have been applied to detect Web attacks. We present a deep learning method to detect Web attacks by using a specially designed CNN. The method is based on analyzing the HTTP request packets, to which only some preprocessing is needed whereas the tedious feature extraction is done by the CNN itself. The experimental results on dataset HTTP DATASET CSIC 2010 show that the designed CNN has a good performance and the method achieves satisfactory results in detecting Web attacks, having a high detection rate while keeping a low false alarm rate.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Symantec Internet Security Threat Report: Trends for July–December 2007. http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_exec_summary_internet_security_threat_report_xiii_04-2008.en-us.pdf
Application Vulnerability Trends Report 2014. http://www.cenzic.com/downloads/Cenzic_Vulnerability_Report_2014.pdf
Axelsson, S.: Research in intrusion-detection systems: a survey. Technical report 98–17, Department of Computer Engineering, Chalmers University of Technology (1998)
Garcia, T.P., Diaz, V.J., Macia, F.G., et al.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(1), 18–28 (2009)
Kruegel, C., Vigna, G., Robertson, W.: A multi-model approach to the detection of web-based attacks. Comput. Netw. 48(5), 717–738 (2005)
Ma, J., Saul, L.K., Savage, S., et al.: Identifying suspicious URLs: an application of large-scale online learning. In: Proceedings of 26th Annual International Conference on Machine Learning, pp. 681–688 (2009)
Torrano, G.Z., Perez, V.A., Maranon, G.A.: An anomaly-based approach for intrusion detection in web traffic. J. Inf. Assur. Secur. 5(4), 446–454 (2010)
Corona, I., Tronci, R., Giacinto, G.: SuStorID: a multiple classifier system for the protection of web services. In: Proceedings of IEEE 21st International Conference on Pattern Recognition (ICPR), pp. 2375–2378 (2012)
Zolotukhin, M., Hamalainen, T., Kokkonen, T., et al.: Analysis of http requests for anomaly detection of web attacks. In: Proceedings of IEEE 12th International Conference on Dependable, Autonomic and Secure Computing (DASC), pp. 406–411 (2014)
Choras, M., Kozik, R.: Machine learning techniques applied to detect cyber attacks on web applications. Log. J. IGPL 23(1), 45–56 (2015)
Saxe, J., Berlin, K.: eXpose: a character-level convolutional neural network with embeddings for detecting malicious URLs, file paths and registry keys. arXiv preprint arXiv:1702.08568 (2017)
HTTP DATASET CSIC 2010. http://www.isi.csic.es/dataset/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Zhang, M., Xu, B., Bai, S., Lu, S., Lin, Z. (2017). A Deep Learning Method to Detect Web Attacks Using a Specially Designed CNN. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, ES. (eds) Neural Information Processing. ICONIP 2017. Lecture Notes in Computer Science(), vol 10638. Springer, Cham. https://doi.org/10.1007/978-3-319-70139-4_84
Download citation
DOI: https://doi.org/10.1007/978-3-319-70139-4_84
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-70138-7
Online ISBN: 978-3-319-70139-4
eBook Packages: Computer ScienceComputer Science (R0)