Abstract
With the increasing complexity of cyberspace infrastructure and its applications, cyberattack is becoming ubiquitous and evolving rapidly. As one of the basic techniques to cyberattack awareness, network traffic anomaly detection has been facing diverse challenges such as low detection ability, huge cost of training data collection, weak generalization of classification model. In this paper, we present WebSmell, a framework that conducts malicious HTTP traffic detection using deep learning with data augmentation based on keywords library avoidance. The proposed method can improve the cross-dataset detection ability, reduce the input cost of training dataset, and make deep learning model have strong generalization even with a small training dataset.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ahmed, M., Mahmood, A., Hu, J., et al.: A survey of network anomaly detection techniques. J. Netw. Comput. Appl. 19–31(2016)
Zhong, Z., Zheng, L., et al.: Random erasing data augmentation. In: AAAI, vol. 34, no. 7 (2017)
Taylor, L., Nitschke, G.: Improving deep learning using generic data augmentation (2017)
Zhao, A., Balakrishnan, G., et al.: Data augmentation using learned transformations for one-shot medical image segmentation. In: IEEE CVPR, pp. 8543–8553 (2019)
Sprengel, E., Jaggi, M., et al.: Audio based bird species identification using deep learning techniques (2016)
Zhu, T., Weng, Z., et al.: A hybrid deep learning system for real-world mobile user authentication using motion sensors. Sensors 20(14), 3876 (2020)
Zhu, T., Weng, Z., et al.: ESPIALCOG: General, Efficient and Robust Mobile User Implicit Authentication in Noisy Environment. IEEE TMC(2020).
Zolotukhin, M., Hämäläinen, T., et al.: Analysis of HTTP requests for anomaly detection of web attacks. In: 2014 IEEE 12th DASC, pp. 406–411. IEEE (2014)
Arzhakov, A., Troitskiy, S., et al.: Development and implementation a method of detecting an attacker with use of HTTP network protocol. In: 2017 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering, pp. 100–104. IEEE (2017)
Cavnar, W., Trenkle, J.: N-gram-based text categorization. In: Proceedings of SDAIR-94, 3rd Annual Symposium on Document Analysis and Information Retrieval, vol. 161175 (1994)
Park, S., Kim, M., Lee, S.: Anomaly detection for http using convolutional autoencoders. IEEE Access 6, 70884–70901 (2018)
Zolotukhin, M., Hämäläinen, T., et al.: Analysis of HTTP requests for anomaly detection of web attacks. In: 2014 IEEE 12th International Conference on Dependable, Autonomic and Secure Computing, pp. 406–411. IEEE (2014)
Yang, W., Zuo, W., Cui, B.: Detecting malicious URLs via a keyword-based convolutional gated-recurrent-unit neural network. IEEE Access 7, 29891–29900 (2019)
Yu, Y., Liu, G., Yan, H., et al.: Attention-based Bi-LSTM model for anomalous HTTP traffic detection. In: 2018 ICSSSM, pp. 1–6. IEEE (2018)
Cretu-Ciocarlie, G.F., Stavrou, A., Locasto, M.E., Stolfo, S.J.: Adaptive anomaly detection via self-calibration and dynamic updating. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 41–60. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04342-0_3
Lee, E., Paek, S., et al.: Apparatus and method for detecting anomalous traffic: U.S. Patent (2010)
McQueen, M., McQueen, T., et al.: Empirical estimates and observations of 0day vulnerabilities. In: 42nd Hawaii International Conference on System Sciences, pp. 1–12. IEEE (2009)
Xie, Q., Dai, Z., et al.: Unsupervised data augmentation for consistency training. arXiv preprint arXiv:1904.12848 (2019)
Acknowledgments
This work is supported in part by the following grants: National Natural Science Foundation of China under Grant (No. 61772026 and U1936215); Industrial Internet innovation and development project in 2019 (TC190H3WN); 2020 industrial Internet innovation and development project (TC200H01V); Wenzhou key scientific and technological projects (No. ZG2020031); Wenzhou Polytechnic research projects (No. WZY2020001).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Chen, T. et al. (2021). WebSmell: An Efficient Malicious HTTP Traffic Detection Framework Using Data Augmentation. In: Wu, Y., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2020. Lecture Notes in Computer Science(), vol 12612. Springer, Cham. https://doi.org/10.1007/978-3-030-71852-7_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-71852-7_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-71851-0
Online ISBN: 978-3-030-71852-7
eBook Packages: Computer ScienceComputer Science (R0)