Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security and Cryptology

Inscrypt 2020: Information Security and Cryptology pp 193–201Cite as

WebSmell: An Efficient Malicious HTTP Traffic Detection Framework Using Data Augmentation

  • Conference paper
  • First Online:

  • 948 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12612))

Abstract

With the increasing complexity of cyberspace infrastructure and its applications, cyberattack is becoming ubiquitous and evolving rapidly. As one of the basic techniques to cyberattack awareness, network traffic anomaly detection has been facing diverse challenges such as low detection ability, huge cost of training data collection, weak generalization of classification model. In this paper, we present WebSmell, a framework that conducts malicious HTTP traffic detection using deep learning with data augmentation based on keywords library avoidance. The proposed method can improve the cross-dataset detection ability, reduce the input cost of training dataset, and make deep learning model have strong generalization even with a small training dataset.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Ahmed, M., Mahmood, A., Hu, J., et al.: A survey of network anomaly detection techniques. J. Netw. Comput. Appl. 19–31(2016)

    Google Scholar 

  2. Zhong, Z., Zheng, L., et al.: Random erasing data augmentation. In: AAAI, vol. 34, no. 7 (2017)

    Google Scholar 

  3. Taylor, L., Nitschke, G.: Improving deep learning using generic data augmentation (2017)

    Google Scholar 

  4. Zhao, A., Balakrishnan, G., et al.: Data augmentation using learned transformations for one-shot medical image segmentation. In: IEEE CVPR, pp. 8543–8553 (2019)

    Google Scholar 

  5. Sprengel, E., Jaggi, M., et al.: Audio based bird species identification using deep learning techniques (2016)

    Google Scholar 

  6. Zhu, T., Weng, Z., et al.: A hybrid deep learning system for real-world mobile user authentication using motion sensors. Sensors 20(14), 3876 (2020)

    Google Scholar 

  7. Zhu, T., Weng, Z., et al.: ESPIALCOG: General, Efficient and Robust Mobile User Implicit Authentication in Noisy Environment. IEEE TMC(2020).

    Google Scholar 

  8. Zolotukhin, M., Hämäläinen, T., et al.: Analysis of HTTP requests for anomaly detection of web attacks. In: 2014 IEEE 12th DASC, pp. 406–411. IEEE (2014)

    Google Scholar 

  9. Arzhakov, A., Troitskiy, S., et al.: Development and implementation a method of detecting an attacker with use of HTTP network protocol. In: 2017 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering, pp. 100–104. IEEE (2017)

    Google Scholar 

  10. Cavnar, W., Trenkle, J.: N-gram-based text categorization. In: Proceedings of SDAIR-94, 3rd Annual Symposium on Document Analysis and Information Retrieval, vol. 161175 (1994)

    Google Scholar 

  11. Park, S., Kim, M., Lee, S.: Anomaly detection for http using convolutional autoencoders. IEEE Access 6, 70884–70901 (2018)

    Article  Google Scholar 

  12. Zolotukhin, M., Hämäläinen, T., et al.: Analysis of HTTP requests for anomaly detection of web attacks. In: 2014 IEEE 12th International Conference on Dependable, Autonomic and Secure Computing, pp. 406–411. IEEE (2014)

    Google Scholar 

  13. Yang, W., Zuo, W., Cui, B.: Detecting malicious URLs via a keyword-based convolutional gated-recurrent-unit neural network. IEEE Access 7, 29891–29900 (2019)

    Article  Google Scholar 

  14. Yu, Y., Liu, G., Yan, H., et al.: Attention-based Bi-LSTM model for anomalous HTTP traffic detection. In: 2018 ICSSSM, pp. 1–6. IEEE (2018)

    Google Scholar 

  15. Cretu-Ciocarlie, G.F., Stavrou, A., Locasto, M.E., Stolfo, S.J.: Adaptive anomaly detection via self-calibration and dynamic updating. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 41–60. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04342-0_3

    Chapter  Google Scholar 

  16. Lee, E., Paek, S., et al.: Apparatus and method for detecting anomalous traffic: U.S. Patent (2010)

    Google Scholar 

  17. McQueen, M., McQueen, T., et al.: Empirical estimates and observations of 0day vulnerabilities. In: 42nd Hawaii International Conference on System Sciences, pp. 1–12. IEEE (2009)

    Google Scholar 

  18. Xie, Q., Dai, Z., et al.: Unsupervised data augmentation for consistency training. arXiv preprint arXiv:1904.12848 (2019)

Download references

Acknowledgments

This work is supported in part by the following grants: National Natural Science Foundation of China under Grant (No. 61772026 and U1936215); Industrial Internet innovation and development project in 2019 (TC190H3WN); 2020 industrial Internet innovation and development project (TC200H01V); Wenzhou key scientific and technological projects (No. ZG2020031); Wenzhou Polytechnic research projects (No. WZY2020001).

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Zhejiang University of Technology, Hangzhou, 310023, China

    Tieming Chen, Zhengqiu Weng, YunPeng Chen, Chenqiang Jin, Mingqi Lv & Tiantian Zhu

  2. Department of Information Technology, Wenzhou Polytechnic, Wenzhou, 325035, China

    Zhengqiu Weng

  3. Zhejiang Ponshine Technology Joint Stock Company, Hangzhou, 310010, China

    Jianhong Lin

Authors
  1. Tieming Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhengqiu Weng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. YunPeng Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chenqiang Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mingqi Lv
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Tiantian Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Jianhong Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zhengqiu Weng .

Editor information

Editors and Affiliations

  1. Jinan University, Guangzhou, China

    Yongdong Wu

  2. Computer Science Department, Columbia University, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chen, T. et al. (2021). WebSmell: An Efficient Malicious HTTP Traffic Detection Framework Using Data Augmentation. In: Wu, Y., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2020. Lecture Notes in Computer Science(), vol 12612. Springer, Cham. https://doi.org/10.1007/978-3-030-71852-7_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-71852-7_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-71851-0

  • Online ISBN: 978-3-030-71852-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation