research-article

Detecting Attacks on Web Applications using Autoencoder

Authors:

Duc TranAuthors Info & Claims

SoICT '18: Proceedings of the 9th International Symposium on Information and Communication Technology

Pages 416 - 421

https://doi.org/10.1145/3287921.3287946

Published: 06 December 2018 Publication History

Abstract

Web attacks have become a real threat to the Internet. This paper proposes the use of autoencoder to detect malicious pattern in the HTTP/HTTPS requests. The autoencoder is able to operate on the raw data and thus, does not require the hand-crafted features to be extracted. We evaluate the original autoencoder and its variants and end up with the Regularized Deep Autoencoder, which can achieve an F1-score of 0.9463 on the CSIC 2010 dataset. It also produces a better performance with respect to OWASP Core Rule Set and other one-class methods, reported in the literature. The Regularized Deep Autoencoder is then combined with Modsecurity in order to protect a website in real time. This algorithm proves to be comparable to the original Modsecurity in terms of computation time and is ready to be deployed in practice.

References

[1]

Guillaume Alain and Yoshua Bengio. 2014. What regularized auto-encoders learn from the data-generating distribution. The Journal of Machine Learning Research 15, 1 (2014), 3563--3593.

Digital Library

[2]

François Chollet et al. 2015. Keras.

[3]

Symantec Corproration. 2016. Internet security threat report.

[4]

Carmen Torrano Giménez, Alejandro Pérez Villegas, and Gonzalo Álvarez Marañón. 2010. HTTP data set CSIC 2010.

[5]

Ian Goodfellow, Yoshua Bengio, Aaron Courville, and Yoshua Bengio. 2016. Deep learning. Vol. 1. MIT press Cambridge.

Digital Library

[6]

Kenneth L Ingham and Hajime Inoue. 2007. Comparing anomaly detection techniques for http. In International Workshop on Recent Advances in Intrusion Detection. Springer, 42--62.

Digital Library

[7]

Rafał Kozik, Michał Choraś, Rafał Renk, and Witold Hołubowicz. 2015. Patterns extraction method for anomaly detection in HTTP traffic. In International Joint Conference. Springer, 227--236.

[8]

Christopher Kruegel, Giovanni Vigna, and William Robertson. 2005. A multi-model approach to the detection of web-based attacks. Computer Networks 48, 5 (2005), 717--738.

Digital Library

[9]

Jingxi Liang, Wen Zhao, and Wei Ye. 2017. Anomaly-Based Web Attack Detection: A Deep Learning Approach. In Proceedings of the 2017 VI International Conference on Network, Communication and Computing. ACM, 80--85.

Digital Library

[10]

Hai Thanh Nguyen, Carmen Torrano-Gimenez, Gonzalo Alvarez, Slobodan Petrović, and Katrin Franke. 2011. Application of the generic feature selection measure in detection of web attacks. In Computational Intelligence in Security for Information Systems. Springer, 25--32.

Digital Library

[11]

Top OWASP. 10. Application Security Risks-2017. Open Web Application Security Project (OWASP).

[12]

Yao Pan, Fangzhou Sun, Jules White, Douglas C Schmidt, Jacob Staples, and Lee Krause. 2018. Detecting Web Attacks with End-to-End Deep Learning. (2018).

[13]

Fabian Pedregosa, Gaël Varoquaux, Alexandre Gramfort, Vincent Michel, Bertrand Thirion, Olivier Grisel, Mathieu Blondel, Peter Prettenhofer, Ron Weiss, Vincent Dubourg, et al. 2011. Scikit-learn: Machine learning in Python. Journal of machine learning research 12, Oct (2011), 2825--2830.

Digital Library

[14]

Konrad Rieck and Pavel Laskov. 2006. Detecting unknown network attacks using language models. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, 74--90.

Digital Library

[15]

Trustwave Spiderlabs. {n. d.}. Modsecurity 3.0 - Open Source Web Application Firewall. Retrieved September 2, 2018 from http://www.modsecurity.org/

[16]

Carmen Torrano-Gimenez, Hai Thanh Nguyen, Gonzalo Alvarez, and Katrin Franke. 2015. Combining expert knowledge with automatic feature extraction for reliable web attack detection. Security and Communication Networks 8, 16 (2015), 2750--2767.

Digital Library

[17]

Ali Moradi Vartouni, Saeed Sedighian Kashi, and Mohammad Teshnehlab. 2018. An anomaly detection method to detect web attacks using Stacked Auto-Encoder. In Fuzzy and Intelligent Systems (CFIS), 2018 6th Iranian Joint Congress on. IEEE, 131--134.

[18]

Jiabao Wang, Zhenji Zhou, and Jun Chen. 2018. Evaluating CNN and LSTM for Web Attack Detection. In Proceedings of the 2018 10th International Conference on Machine Learning and Computing. ACM, 283--287.

Digital Library

[19]

Portwigger web security. {n. d.}. Burp Suite Professional. Retrieved September 2, 2018 from https://portswigger.net/burp

[20]

Guiqin Yuan, Bo Li, Yiyang Yao, and Simin Zhang. 2017. A deep learning enabled subspace spectral ensemble clustering approach for web anomaly detection. In Neural Networks (IJCNN), 2017 International Joint Conference on. IEEE, 3896--3903.

Cited By

Rahman SMotiur Rahman MFaezipour MRastgaar MRidelman EKlein JAngst BShanti C(2024)Enhancing Burn Severity Assessment With Deep Learning: A Comparative Analysis and Computational Efficiency EvaluationIEEE Access10.1109/ACCESS.2024.347611012(147249-147268)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3476110
Gong YWang CLi JMahyuddin MSeman M(2024)Application of deep learning in iron ore sintering process: a reviewJournal of Iron and Steel Research International10.1007/s42243-024-01197-331:5(1033-1049)Online publication date: 16-Mar-2024
https://doi.org/10.1007/s42243-024-01197-3
Huu Hieu NQuang Sang NVan Hoai T(2024)A Low-Resource Convolutional Autoencoder Approach for Anomaly Detection in Web-Based ApplicationsIntelligence of Things: Technologies and Applications10.1007/978-3-031-75596-5_30(328-338)Online publication date: 24-Dec-2024
https://doi.org/10.1007/978-3-031-75596-5_30
Show More Cited By

Recommendations

Detecting Web Attacks using Stacked Denoising Autoencoder and Ensemble Learning Methods
SoICT '19: Proceedings of the 10th International Symposium on Information and Communication Technology

Web-based anomalies remains a serious security threat on the Internet. This paper proposes the use of Sum Rule and Xgboost to combine the outputs related to various Stacked Denoising Autoencoders (SDAEs) in order to detect abnormal HTTP queries. Sum ...
Defense against Adversarial Attacks on Image Recognition Systems Using an Autoencoder
Abstract
Adversarial attacks on artificial neural network systems for image recognition are considered. To improve the security of image recognition systems against adversarial attacks (evasion attacks), the use of autoencoders is proposed. Various attacks ...
Neutralizing Cross-Site Scripting Attacks Using Open Source Technologies
ICTCS '16: Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies

Exploiting the security vulnerabilities in web browsers, web applications and firewalls is a fundamental trait of cross-site scripting (XSS) attacks. Majority of web population with basic web awareness are vulnerable and even expert web users may not ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

SoICT '18: Proceedings of the 9th International Symposium on Information and Communication Technology

December 2018

496 pages

ISBN:9781450365390

DOI:10.1145/3287921

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

SOICT: School of Information and Communication Technology - HUST
NAFOSTED: The National Foundation for Science and Technology Development

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 December 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

SoICT 2018

SoICT 2018: The Ninth International Symposium on Information and Communication Technology

December 6 - 7, 2018

Danang City, Viet Nam

Acceptance Rates

Overall Acceptance Rate 147 of 318 submissions, 46%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

23
Total Citations
View Citations
456
Total Downloads

Downloads (Last 12 months)36
Downloads (Last 6 weeks)4

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Rahman SMotiur Rahman MFaezipour MRastgaar MRidelman EKlein JAngst BShanti C(2024)Enhancing Burn Severity Assessment With Deep Learning: A Comparative Analysis and Computational Efficiency EvaluationIEEE Access10.1109/ACCESS.2024.347611012(147249-147268)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3476110
Gong YWang CLi JMahyuddin MSeman M(2024)Application of deep learning in iron ore sintering process: a reviewJournal of Iron and Steel Research International10.1007/s42243-024-01197-331:5(1033-1049)Online publication date: 16-Mar-2024
https://doi.org/10.1007/s42243-024-01197-3
Huu Hieu NQuang Sang NVan Hoai T(2024)A Low-Resource Convolutional Autoencoder Approach for Anomaly Detection in Web-Based ApplicationsIntelligence of Things: Technologies and Applications10.1007/978-3-031-75596-5_30(328-338)Online publication date: 24-Dec-2024
https://doi.org/10.1007/978-3-031-75596-5_30
Santos FAcosta N(2023)An Approach Based on Web Scraping and Denoising Encoders to Curate Food Security DatasetsAgriculture10.3390/agriculture1305101513:5(1015)Online publication date: 6-May-2023
https://doi.org/10.3390/agriculture13051015
Anh Nguyen MTong VSouihi SSouihi S(2023)Deep Learning in NLP for Anomalous HTTP Requests Detection2023 19th International Conference on Network and Service Management (CNSM)10.23919/CNSM59352.2023.10327888(1-8)Online publication date: 30-Oct-2023
https://doi.org/10.23919/CNSM59352.2023.10327888
Janjua JPatankar AShetty MPoojary S(2023)Experimental Comparison of Autoencoder Variants in Content-Based Image Retrieval2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT)10.1109/ICCCNT56998.2023.10308062(1-6)Online publication date: 6-Jul-2023
https://doi.org/10.1109/ICCCNT56998.2023.10308062
Rao BKarande A(2023)Friend Recommendation System Using Transfer Learning in the AutoencoderAdvances in Data Science and Artificial Intelligence10.1007/978-3-031-16178-0_10(113-127)Online publication date: 14-May-2023
https://doi.org/10.1007/978-3-031-16178-0_10
Amouei MRezvani MFateh M(2022)RAT: Reinforcement-Learning-Driven and Adaptive Testing for Vulnerability Discovery in Web Application FirewallsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.309541719:5(3371-3386)Online publication date: 1-Sep-2022
https://doi.org/10.1109/TDSC.2021.3095417
Chu TLabiod MTran HMellouk A(2022)GADaM: Generic Adaptive Deep-learning-based Multipath Scheduler Selector for Dynamic Heterogeneous EnvironmentICC 2022 - IEEE International Conference on Communications10.1109/ICC45855.2022.9838658(4908-4913)Online publication date: 16-May-2022
https://doi.org/10.1109/ICC45855.2022.9838658
Seyyar YYavuz AUnver H(2022)An Attack Detection Framework Based on BERT and Deep LearningIEEE Access10.1109/ACCESS.2022.318574810(68633-68644)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3185748
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten