Skip to main content
SpringerLink
Log in
Book cover

International Conference on Algorithms and Architectures for Parallel Processing

ICA3PP 2020: Algorithms and Architectures for Parallel Processing pp 459–474Cite as

Web Attack Detection Based on User Behaviour Semantics

  • Conference paper
  • First Online:

  • 1904 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12454))

Abstract

With the development of the Internet and the increased popularity of web applications, the web has become one of the main venues for attackers engaging in cybercrimes. While enjoying the convenience of web applications, consumers also face security problems, such as the leakage of sensitive information and Internet fraud. Security protection mechanisms, such as traditional intrusion detection systems (IDSs) and web application firewalls (WAFs), are becoming incompetent at defending against the new cyber-attacks. In this paper, we propose a web attack detection approach that takes advantage of analysing the malicious intentions hidden in user actions. First, after using the independent user behaviours to build a sequential behaviour model, the proposed approach extracts the hidden malicious intentions of attackers from normal and seemingly normal behaviours utilizing a Long Short-Term Memory (LSTM) network. Then, on the basis of the user intentions, the approach leverages ensemble learning techniques to integrate extra inherent features of abnormal behaviour, resulting in its efficient practicality. The experimental results show the effectiveness of the proposed approach on the CSIC 2010 dataset with 99.87% accuracy.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. OWASP Top Ten https://owasp.org/www-project-top-ten/. Accessed 02 July 2020

  2. Kar, D., Panigrahi, S., Sundararajan, S.: SQLiDDS: SQL injection detection using query transformation and document similarity. In: Natarajan, R., Barua, G., Patra, M.R. (eds.) ICDCIT 2015. LNCS, vol. 8956, pp. 377–390. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-14977-6_41

    Chapter  Google Scholar 

  3. Johari, R., Sharma, P.: A survey on web application vulnerabilities (SQLIA, XSS) exploitation and security engine for SQL injection. In: 2012 International Conference on Communication Systems and Network Technologies, Piscataway, pp. 453–458. IEEE (2012)

    Google Scholar 

  4. Kuang, X., et al.: DeepWAF: detecting web attacks based on CNN and LSTM models. In: Vaidya, J., Zhang, X., Li, J. (eds.) CSS 2019. LNCS, vol. 11983, pp. 121–136. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-37352-8_11

    Chapter  Google Scholar 

  5. Zhang, M., Xu, B., Bai, S., Lu, S., Lin, Z.: A deep learning method to detect web attacks using a specially designed CNN. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, E.-S.M. (eds.) ICONIP 2017. LNCS, vol. 10638, pp. 828–836. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70139-4_84

    Chapter  Google Scholar 

  6. Liang, J., Zhao, W., Ye, W.: Anomaly-based web attack detection: a deep learning approach. In: Proceedings of the 2017 VI International Conference on Network, Communication and Computing (ICNCC 2017), New York, pp. 80–85. ACM (2017)

    Google Scholar 

  7. Liu, T., Qi, Y., Shi, L., et al.: Locate-then-detect: real-time web attack detection via attention-based deep neural networks. In: Twenty-Eighth International Joint Conference on Artificial Intelligence IJCAI-19, Morgan Kaufmann, San Francisco, pp. 4725–4731 (2019)

    Google Scholar 

  8. Corona, I., Ariu, D., Giacinto, G.: HMM-Web: a framework for the detection of attacks against web applications. In: 2009 IEEE International Conference on Communications, Piscataway, pp. 1–6. IEEE (2009)

    Google Scholar 

  9. Ito, M., Iyatomi, H.: Web application firewall using character-level convolutional neural network. In: 2018 IEEE 14th International Colloquium on Signal Processing & Its Applications (CSPA), Piscataway, pp. 103–106. IEEE (2018)

    Google Scholar 

  10. Tian, Z., Luo, C., Qiu, J., Du, X., Guizani, M.: A distributed deep learning system for web attack detection on edge devices. IEEE Trans. Ind. Inform. 16(3), 1963–1971 (2020)

    Article  Google Scholar 

  11. HTTP DATASET CSIC 2010. https://www.isi.csic.es/dataset/. Accessed 02 July 2020

  12. Mikolov, T., Chen, K., Corrado, G., Dean, J.: Efficient estimation of word representations in vector space. In: 1st International Conference on Learning Representations, ICLR 2013 (2013)

    Google Scholar 

  13. Le, Q., Mikolov, T.: Distributed representations of sentences and documents. In: Proceedings of the 31st International Conference on International Conference on Machine Learning - Volume 32 (ICML 2014), pp. 1188–1196. ACM, New York (2014)

    Google Scholar 

  14. Pennington, J., Socher, R., Manning, C.: Glove: global vectors for word representation. In: Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing, Stroudsburg, pp. 1532–1543. ACL (2014)

    Google Scholar 

  15. Qiu, M., Ming, Z., Li, J., Liu, S., Wang, B., Lu, Z.: Three-phase time-aware energy minimization with DVFS and unrolling for chip multiprocessors. J. Syst. Arch. 58, 439–445 (2012)

    Article  Google Scholar 

  16. Qiu, M., Sha, H.M., Liu, M., et al.: Energy minimization with loop fusion and multi-functional-unit scheduling for multidimensional DSP. J. Parallel Distrib. Comput. 68, 443–455 (2008)

    Article  Google Scholar 

  17. Shao, Z., Xue, C., Zhuge, Q., et al.: Security protection and checking in embedded system integration against buffer overflow attacks. IEEE Trans. Comput. 55, 443–453 (2006)

    Article  Google Scholar 

  18. Qiu, M., Chen, Z., Niu, J., et al.: Data allocation for hybrid memory with genetic algorithm. IEEE Trans. Emerg. Top. Comput. 3, 544–555 (2015)

    Article  Google Scholar 

  19. Li, J., Ming, Z., Qiu, M., et al.: Resource allocation robustness in multi-core embedded systems with inaccurate information. J. Syst. Arch. 57(9), 840–849 (2011)

    Article  Google Scholar 

Download references

Acknowledgement

This work was supported by the National Natural Science Foundation of China (Grant No. 61672494), the National key research and development program of China (Grant No. 2018YFB1800705), the Key Research and Development Program for Guangdong Province (Grant No. 2019B010136001).

Author information

Authors and Affiliations

  1. School of Data and Computer Science, Sun Yat-sen University, Guangzhou, China

    Yunyi Zhang, Jintian Lu & Shuyuan Jin

  2. Cyberspace Security Research Center, Peng Cheng Laboratory, Shenzhen, China

    Yunyi Zhang, Jintian Lu & Shuyuan Jin

Authors
  1. Yunyi Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jintian Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shuyuan Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shuyuan Jin .

Editor information

Editors and Affiliations

  1. Columbia University, New York, NY, USA

    Meikang Qiu

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhang, Y., Lu, J., Jin, S. (2020). Web Attack Detection Based on User Behaviour Semantics. In: Qiu, M. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2020. Lecture Notes in Computer Science(), vol 12454. Springer, Cham. https://doi.org/10.1007/978-3-030-60248-2_31

Download citation

Publish with us

Policies and ethics

Search

Navigation