TY  - INPR
ID  - SisLab3166
UR  - https://eprints.uet.vnu.edu.vn/eprints/id/eprint/3166/
A1  - Mac, Hieu
A1  - Truong, Dung
A1  - Nguyen, Lam
A1  - Nguyen, Ngoc Hoa
A1  - Tran, Hai Anh
A1  - Tran, Quang Duc
Y1  - 2018/12//
N2  - Web attacks have become a real threat to the Internet. This paper proposes the use of autoencoder to detect malicious pattern in the HTTP/HTTPS requests. The autoencoder is able to operate on the raw data and thus, does not require the hand-crafted features to be extracted. We evaluate the original autoencoder and its variants and end up with the Regularized Deep Autoencoder, which can achieve an F1-score of 0.9463 on the CSIC 2010 dataset. It also produces a better performance with respect to OWASP Core Rule Set and other one-class methods, reported in the literature. The Regularized Deep Autoencoder is then combined with Modsecurity in order to protect a website in real time. This algorithm proves to be comparable to the original Modsecurity in terms of computation time and is ready to be deployed in practice.
TI  - Detecting Atacks on Web Applications using Autoencoder
M2  - Da Nang
AV  - none
T2  - The Ninth International Symposium on Information and Communication Technology (SoICT 2018)
ER  -