Web Application Attacks Detection Using Deep Learning

Nicolás Montes, Gustavo Betarte, Rodrigo Martínez, Alvaro Pardo

Producción científica: Capítulo del libro/informe/acta de congresoContribución a la conferenciarevisión exhaustiva

5 Citas (Scopus)

Resumen

This work investigates the use of deep learning techniques to improve the performance of web application firewalls (WAFs), systems that are used to detect and prevent attacks to web applications. Typically, a waf inspects the http requests that are exchanged between client and server to spot attacks and block potential threats. We model the problem as a one-class supervised case and build a feature extractor using deep learning techniques. We treat the http requests as text and train a deep language model with a transformer encoder architecture which is a self-attention based neural network. The use of pre-trained language models has yielded significant improvements on a diverse set of NLP tasks because they are capable of doing transfer learning. We use the pre-trained model as a feature extractor to map a http request into a feature vector. These vectors are then used to train a one-class classifier. We also use a performance metric to automatically define an operational point for the one-class model. The experimental results show that the proposed approach outperforms the ones of the classic rule-based ModSecurity configured with a vanilla owasp crs and does not require the participation of a security expert to define the features.

Idioma originalInglés
Título de la publicación alojadaProgress in Pattern Recognition, Image Analysis, Computer Vision, and Applications - 25th Iberoamerican Congress, CIARP 2021, Revised Selected Papers
EditoresJoão Manuel Tavares, João Paulo Papa, Manuel González Hidalgo
EditorialSpringer Science and Business Media Deutschland GmbH
Páginas227-236
Número de páginas10
ISBN (versión impresa)9783030934194
DOI
EstadoPublicada - 2021
Evento25th Iberoamerican Congress on Progress in Pattern Recognition, Image Analysis, Computer Vision, and Applications, CIARP 2021 - Virtual, Online
Duración: 10 may. 202113 may. 2021

Serie de la publicación

NombreLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volumen12702 LNCS
ISSN (versión impresa)0302-9743
ISSN (versión digital)1611-3349

Conferencia

Conferencia25th Iberoamerican Congress on Progress in Pattern Recognition, Image Analysis, Computer Vision, and Applications, CIARP 2021
CiudadVirtual, Online
Período10/05/2113/05/21

Huella

Profundice en los temas de investigación de 'Web Application Attacks Detection Using Deep Learning'. En conjunto forman una huella única.

Citar esto