Modeling Intrusion Detection for Web Attacks using Deep Learning

  1. صفحه اصلی
  2. سعید حسن زاده اصل
  3. مقالات
  4. Modeling Intrusion Detection for Web Attacks using Deep Learning

Modeling Intrusion Detection for Web Attacks using Deep Learning

Saeed Hasanzadeh Asl1 Maryam Alizadeh2

1) Master of Science in Artificial Intelligence, University of Tabriz, Tabriz, Iran Email:
2) Bachelor of Science in Information Technology Engineering, Azarbayjan Shahid Madani University, Tabriz, Iran Email:

Publication : International Conference on Engineering & Technology - Norway (12icet.com)
Abstract :
Web applications are popular targets for cyber-attacks because they are network accessible and often contain vulnerabilities. An intrusion detection system monitors web applications and issues alerts when an attack attempt is detected. Existing implementations of intrusion detection systems usually extract features from network packets or string characteristics of input that are manually selected as relevant to attack analysis. Manual selection of features is time-consuming and requires in-depth security domain knowledge. Moreover, large amounts of labeled legitimate and attack request data is needed by supervised learning algorithms to classify normal and abnormal behaviors, which is often expensive and impractical to obtain for production web applications. This paper provides three contributions to the study of autonomic intrusion detection systems. First, we evaluate the feasibility of an unsupervised/semi-supervised approach for web attack detection based on the Robust Software Modeling Tool (RSMT), which autonomically monitors and characterizes the runtime behavior of web applications. Second, we describe how RSMT trains a stacked denoising autoencoder to encode and reconstruct the call graph for end-to-end deep learning, where a low-dimensional representation of the raw features with unlabeled request data is used to recognize anomalies by computing the reconstruction error of the request data. Third, we analyze the results of empirically testing RSMT on both synthetic datasets and production applications with intentional vulnerabilities. Our results show that the proposed approach can efficiently and accurately detect attacks, including SQL injection, cross-site scripting, and deserialization, with minimal domain knowledge and little labeled training data.
Keywords : Deep learning Web security Intrusion Detection Cyber Attacks

گواهی دیجیتال(دانلودی) گواهی چاپی لوح نمایه مقاله