Auto-Encoder LSTM Methods for Anomaly-Based Web Application Firewall
Publish place: International Journal of Information and Communication Technology Research (IJICT، Vol: 11، Issue: 3
Publish Year: 1398
نوع سند: مقاله ژورنالی
زبان: English
View: 270
This Paper With 8 Page And PDF Format Ready To Download
- Certificate
- من نویسنده این مقاله هستم
استخراج به نرم افزارهای پژوهشی:
شناسه ملی سند علمی:
JR_ITRC-11-3_006
تاریخ نمایه سازی: 23 بهمن 1399
Abstract:
Web Application Firewall (WAF) is known as one of the Intrusion Detection System (IDS) solutions for protecting web servers from HTTP attacks. WAF is a tool to identify and prevent many types of attacks, such as XSS and SQL-injection. In this paper, deep machine learning algorithms are used for enriching the WAF based on the anomaly detection method. Firstly, we construct attributes from HTTP data, to do so we consider two models namely n-gram and one-hot. Then, according to Auto-Encoder LSTM (AE-LSTM) as an unsupervised deep leaning method, we should extract informative features and then reduce them. Finally, we use ensemble isolation forest to train only normal data for the classifier. We apply the proposed model on CSIC 2010 and ECML/ PKDD 2007 datasets. The results show AE-LSTM has higher performance in terms of accuracy and generalization compared with naïve methods on CSIC dataset; the proposed method also have acceptable detection rate on ECML/PKDD dataset using n-gram model.
Keywords:
Authors
Ali Moradi Vartouni
Faculty of Electrical and Computer Engineering K.N. Toosi University of Technology
Soheil Mehralian
Faculty of Electrical and Computer Engineering K.N. Toosi University of Technology
Mohammad Teshnehlab
Faculty of Electrical and Computer Engineering K.N. Toosi University of Technology
Saeed Sedighian Kashi
Faculty of Electrical and Computer Engineering K.N. Toosi University of Technology