research-article

Detection of Malicious Web Requests Using Neural Networks with Multi Granularity Features

Authors:

Zhifeng LiangAuthors Info & Claims

ICBDT '22: Proceedings of the 5th International Conference on Big Data Technologies

Pages 83 - 89

https://doi.org/10.1145/3565291.3565304

Published: 16 December 2022 Publication History

Abstract

Web attacks have long been a serious threat to network security. At present, malicious web requests are flooding in the network environment. Traditional detection methods need expert rules or a large number of Feature Engineering, and are not good at detecting new malicious requests. In order to overcome the above problems, we propose a neural network based on deep learning and multi granularity feature fusion to detect malicious web requests. Specifically, we use multi-layer CNN to extract the requests character level features, and use BiLSTM based on attention mechanism to extract word level features. Then the two granularity features are fused to construct a more accurate feature representation of web requests. Finally, the web requests are classified by a linear classifier to identify malicious. The experimental results show that compared with the existing methods, this method has significant advantages.

References

[1]

Nguyen, Hai Thanh, "Application of the generic feature selection measure in detection of web attacks." Computational Intelligence in Security for Information Systems. Springer, Berlin, Heidelberg, 2011. 25-32.

[2]

HTTP dataset CSIC 2010 [EB/OL].http://www.isi.csic.es/dataset/.

[3]

Smitha, Rajagopal, K. S. Hareesha, and Poornima Panduranga Kundapur. "A machine learning approach for web intrusion detection: MAMLS perspective." Soft Computing and Signal Processing. Springer, Singapore, 2019. 119-133.

[4]

Kim Y.Convolutional neural networks for sentence classification[J].arXix:1408.5882,2014.

[5]

RONG, Wei; ZHANG, Bowen; LV, Xixiang. Malicious web request detection using character-level CNN. In: International Conference on Machine Learning for Cyber Security. Springer, Cham, 2019. p. 6-16.

[6]

WU, Jiahong, Convolutional neural network with character embeddings for malicious web request detection. In: 2019 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom). IEEE, 2019. p. 622-627.

[7]

Tekerek, Adem. “A novel architecture for web-based attack detection using convolutional neural network.” Comput. Secur. 100 .2021: 102096.

[8]

LIU, Hongyu, CNN and RNN based payload classification methods for attack detection. Knowledge-Based Systems, 2019, 163: 332-341.

[9]

Jemal, Ines “ASCII Embedding: An Efficient Deep Learning Method for Web Attacks Detection.” Pattern Recognition and Artificial Intelligence 1322. 2021. 286 - 297.

[10]

Xiu, W. Malicious URL Detection Algorithm Based on Multi Neural Network Series. CONVERTER, 2021.p. 579 - 590.

[11]

JEMAL, Ines, M-CNN: a new hybrid deep learning model for web security. In: 2020 IEEE/ACS 17th International Conference on Computer Systems and Applications (AICCSA). IEEE, 2020. p. 1-7.

[12]

W. B. Shahid, H. Abbas, B. Aslam, H. Afzal and S. B. Khalid, "A Framework to Optimize Deep Learning based Web Attack Detection Using Attacker Categorization," 2021 IEEE 19th International Conference on Embedded and Ubiquitous Computing (EUC), 2021, pp. 95-101.

[13]

Seyyar, Yunus Emre “An Attack Detection Framework Based on BERT and Deep Learning.” IEEE Access 10. 2022: 68633-68644.

[14]

YU, Lian, Detecting malicious web requests using an enhanced textcnn. In: 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC). IEEE, 2020. p. 768-777.

[15]

KUANG, Xiaohui, DeepWAF: detecting web attacks based on CNN and LSTM models. In: International Symposium on Cyberspace Safety and Security. Springer, Cham, 2019. p. 121-136.

[16]

NIU, Qiangqiang; LI, Xiaoyong. A high-performance web attack detection method based on CNN-GRU model. In: 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). IEEE, 2020. p. 804-808.

[17]

MOHAMMADI, Shahriar; NAMADCHIAN, Amin. Anomaly-based Web Attack Detection: The Application of Deep Neural Network Seq2Seq With Attention Mechanism. The ISC International Journal of Information Security, 2020, 12.1: 44-54.

[18]

Ahmad, Rasheed “A Deep Learning Ensemble Approach to Detecting Unknown Network Attacks.” Journal of Information Security and Applications 2022. 2214-2126.

[19]

LE, Hung, URLNet: Learning a URL representation with deep learning for malicious URL detection. arXiv preprint arXiv:1802.03162, 2018.

[20]

LIANG, Depeng; ZHANG, Yongdong. AC-BLSTM: asymmetric convolutional bidirectional LSTM networks for text classification. arXiv preprint arXiv:1611.01884, 2016.

[21]

ZHOU, Peng, Text classification improved by integrating bidirectional LSTM with two-dimensional max pooling. arXiv preprint arXiv:1611.06639, 2016.

[22]

Mnih V, Heess N, Graves A, Recurrent Models of Visual Attention[J]. Advances in Neural Information Processing Systems, 2014,2204-2212.

[23]

Vaswani A, Shazeer N, Parmar N, Attention Is All You Need[C]// arXiv. arXiv, 2017.

[24]

faizann24,et al.https://github.com/faizann24/Fwaf-Machine-Learning-driven-Web-Application-Firewall

Cited By

Su BHuang XZhang JDong Y(2023)A key code detection model based on semantic convolutional memory fusion networkFourth International Conference on Signal Processing and Computer Science (SPCS 2023)10.1117/12.3012088(12)Online publication date: 21-Dec-2023
https://doi.org/10.1117/12.3012088
Ismail MAlrabaee SHarous SChoo K(2023)Empirical Evaluations of Machine Learning Effectiveness in Detecting Web Application AttacksFuture Access Enablers for Ubiquitous and Intelligent Infrastructures10.1007/978-3-031-50051-0_8(99-116)Online publication date: 15-Dec-2023
https://doi.org/10.1007/978-3-031-50051-0_8

Index Terms

Detection of Malicious Web Requests Using Neural Networks with Multi Granularity Features
1. Computing methodologies
  1. Machine learning
    1. Machine learning approaches
      1. Neural networks

Recommendations

Anomaly-Based Web Attack Detection: A Deep Learning Approach
ICNCC '17: Proceedings of the 2017 VI International Conference on Network, Communication and Computing

As the era of cloud technology arises, more and more people are beginning to migrate their applications and personal data to the cloud. This makes web-based applications an attractive target for cyber-attacks. As a result, web-based applications now ...
Effective Malicious URL Detection by Using Generative Adversarial Networks
Web Engineering
Abstract
Malicious URL, a.k.a. malicious website, pose a great threat to Web security. In particular, concept drift caused by variants of malicious URL degrades the performance of existing detection methods based on the available attack patterns. In this ...
Image Retrieval Using Fused Deep Convolutional Features

This paper proposes an image retrieval using fused deep convolutional features to solve the semantic gap between low-level features and high-level semantic features of traditional contend-based image retrieval method. Firstly, the improved network ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICBDT '22: Proceedings of the 5th International Conference on Big Data Technologies

September 2022

454 pages

ISBN:9781450396875

DOI:10.1145/3565291

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 December 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICBDT 2022

ICBDT 2022: 2022 5th International Conference on Big Data Technologies

September 23 - 25, 2022

Qingdao, China

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
63
Total Downloads

Downloads (Last 12 months)18
Downloads (Last 6 weeks)1

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Su BHuang XZhang JDong Y(2023)A key code detection model based on semantic convolutional memory fusion networkFourth International Conference on Signal Processing and Computer Science (SPCS 2023)10.1117/12.3012088(12)Online publication date: 21-Dec-2023
https://doi.org/10.1117/12.3012088
Ismail MAlrabaee SHarous SChoo K(2023)Empirical Evaluations of Machine Learning Effectiveness in Detecting Web Application AttacksFuture Access Enablers for Ubiquitous and Intelligent Infrastructures10.1007/978-3-031-50051-0_8(99-116)Online publication date: 15-Dec-2023
https://doi.org/10.1007/978-3-031-50051-0_8

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents