Web Application Attacks Detection Using Machine Learning Techniques

Gustavo Betarte, Alvaro Pardo, Rodrigo Martinez

Producción científica: Capítulo del libro/informe/acta de congresoContribución a la conferenciarevisión exhaustiva

31 Citas (Scopus)

Resumen

Web applications are permanently being exposed to attacks that exploit their vulnerabilities. In this work we investigate the use of machine learning techniques to leverage the performance of Web Application Firewalls (WAFs), systems that are used to detect and prevent attacks. We propose a characterization of the problem by defining different scenarios depending if we have valid and/or attack data available for training. We also propose two solutions: first a multi-class approach for the scenario when valid and attack data is available; and second a one-class solution when only valid data is at hand. We present results using both approaches that outperform MODSECURITY configured with the OWASP Core Rule Set out of the box, which is the baseline configuration setting of a widely deployed WAF technology. We also propose a tagged dataset based on the DRUPAL content management framework.

Idioma originalInglés
Título de la publicación alojadaProceedings - 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018
EditoresM. Arif Wani, Mehmed Kantardzic, Moamar Sayed-Mouchaweh, Joao Gama, Edwin Lughofer
EditorialInstitute of Electrical and Electronics Engineers Inc.
Páginas1065-1072
Número de páginas8
ISBN (versión digital)9781538668047
DOI
EstadoPublicada - 2 jul. 2018
Evento17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018 - Orlando
Duración: 17 dic. 201820 dic. 2018

Serie de la publicación

NombreProceedings - 17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018

Conferencia

Conferencia17th IEEE International Conference on Machine Learning and Applications, ICMLA 2018
País/TerritorioUnited States
CiudadOrlando
Período17/12/1820/12/18

Huella

Profundice en los temas de investigación de 'Web Application Attacks Detection Using Machine Learning Techniques'. En conjunto forman una huella única.

Citar esto