Abstract
The paper focuses on usage of computational intelligence for detecting web system intrusions. We analyze existing researches in intrusion detection with computational intelligence and web attacks, primarily HTTP request and response-based web attacks. We propose and implement detection system with ensemble classification model that includes a set of classifiers. It’s composed of LSTM autoencoder, text classifier, Linear SVM (Linear Support Vector Classification), Extreme Random Forest and Logistic regression, which have statistical and extracted text features of web communication as input, and Linear SVM, Extreme Random Forest, which have just extracted text features of web communication as input.
We designed flexible and extendable modular architecture and ensemble classification model where we can add another classification submodels in the future.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
New attacks that have not yet been discovered.
- 2.
Support Vector Machine.
- 3.
Mahalanobis Distances Map.
- 4.
Term frequency, inverse document frequency.
- 5.
True positive.
- 6.
False positive.
- 7.
Convolution neural network.
- 8.
False acceptance rate.
- 9.
Super Learner.
- 10.
Stratified cross validation is cross validation that use stratified folds. The folds are made by preserving the percentage of samples for each class.
- 11.
Stratified split of dataset works on same principle as stratified folds in stratified cross validation.
- 12.
Recall.
References
Aburomman, A.A., Reaz, M.B.I.: A survey of intrusion detection systems based on ensemble and hybrid classifiers. Comput. Secur. 65, 135–152 (2017)
Scully, P.: Csic 2010 http dataset in csv format (for weka analysis). https://petescully.co.uk/research/csic-2010-http-dataset-in-csv-format-for-weka-analysis/. Accessed 16 Apr 2019
Althubiti, S., Yuan, X., Esterline, A.: Analyzing HTTP requests for web intrusion detection (2017)
Reutov, A., Stepanyuk, I., Sakharov, F., Murzina, A.: Seq2Seq for Web Attack Detection. https://github.com/PositiveTechnologies/seq2seq-web-attack-detection. Accessed 8 Dec 2018
Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Network anomaly detection: methods, systems and tools. IEEE Commun. Surv. Tutor. 16(1), 303–336 (2014)
Kim, Y.: Convolutional neural networks for sentence classification. In: Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP), Association for Computational Linguistics, pp. 1746–1751 (2014)
Kozik, R., Choras, M.: Adapting an ensemble of one-class classifiers for a web-layer anomaly detection system. In: 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), pp. 724–729 (2015)
Kozik, R., Choraś, M., Holubowicz, W., Renk, R.: Extreme learning machines for web layer anomaly detection. In Choraś, R.S. (ed.) Image Processing and Communications Challenges 8, Cham, Springer International Publishing, pp. 226–233 (2017)
Langin, C., Rahimi, S.: Soft computing in intrusion detection: the state of the art. J. Ambient Intell. Humaniz. Comput. 1(2), 133–145 (2010)
Löffler, M.: Improvement of intrusion detection using multiple classifier model. Diploma thesis. FIIT STU (2017)
Min, E., Long, J., Liu, Q., Cui, J., Chen, W.: TR-IDS: anomaly-based intrusion detection through text-convolutional neural network and random forest. Secur. Commun. Netw. 2018, 1–9 (2018)
Kakavand, M., Mustapha, N., Mustapha, A., Abdullah, M.T.: A text mining-based anomaly detection model in network security. Glob. J. Comput. Sci. Technol. 14(1), 22–31 (2015)
Nguyen, H.T., Torrano-Gimenez, C., Álvarez, G., Petrovic, S., Franke, K.: Application of the generic feature selection measure in detection of web attacks. In: CISIS (2011)
Wu, S.X., Banzhaf, W.: The use of computational intelligence in intrusion detection systems: a review. Appl. Soft Comput. 10(1), 1–35 (2010)
Šoltés, F.: Improving security of a web system using biology inspired methods. Diploma thesis. FIIT STU (2016)
Acknowledgement
This work was partially supported by Eset Research Centre.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Mišík, D., Hudec, L. (2020). Detection of Intrusions to Web System Using Computational Intelligence. In: Borzemski, L., Świątek, J., Wilimowska, Z. (eds) Information Systems Architecture and Technology: Proceedings of 40th Anniversary International Conference on Information Systems Architecture and Technology – ISAT 2019. ISAT 2019. Advances in Intelligent Systems and Computing, vol 1050. Springer, Cham. https://doi.org/10.1007/978-3-030-30440-9_19
Download citation
DOI: https://doi.org/10.1007/978-3-030-30440-9_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30439-3
Online ISBN: 978-3-030-30440-9
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)