eprintid: 3166
rev_number: 10
eprint_status: archive
userid: 321
dir: disk0/00/00/31/66
datestamp: 2018-11-15 09:22:04
lastmod: 2018-11-15 09:22:04
status_changed: 2018-11-15 09:22:04
type: conference_item
metadata_visibility: show
creators_name: Mac, Hieu
creators_name: Truong, Dung
creators_name: Nguyen, Lam
creators_name: Nguyen, Ngoc Hoa
creators_name: Tran, Hai Anh
creators_name: Tran, Quang Duc
creators_id: ductq@soict.hust.edu.vn
creators_id: dung.tt150722@sis.hust.edu.vn
creators_id: lam.nt152131@sis.hust.edu.vn
creators_id: hoa.nguyen@vnu.edu.vn
creators_id: ductq@soict.hust.edu.vn
creators_id: ductq@soict.hust.edu.vn
title: Detecting Atacks on Web Applications using Autoencoder
ispublished: inpress
subjects: IT
divisions: fac_fit
abstract: Web attacks have become a real threat to the Internet. This paper proposes the use of autoencoder to detect malicious pattern in the HTTP/HTTPS requests. The autoencoder is able to operate on the raw data and thus, does not require the hand-crafted features to be extracted. We evaluate the original autoencoder and its variants and end up with the Regularized Deep Autoencoder, which can achieve an F1-score of 0.9463 on the CSIC 2010 dataset. It also produces a better performance with respect to OWASP Core Rule Set and other one-class methods, reported in the literature. The Regularized Deep Autoencoder is then combined with Modsecurity in order to protect a website in real time. This algorithm proves to be comparable to the original Modsecurity in terms of computation time and is ready to be deployed in practice.
date: 2018-12
date_type: published
full_text_status: none
pres_type: paper
event_title: The Ninth International Symposium on Information and Communication Technology (SoICT 2018)
event_location: Da Nang
event_dates: 6-7 December 2018
event_type: conference
refereed: FALSE
citation:   Mac, Hieu and Truong, Dung and Nguyen, Lam and Nguyen, Ngoc Hoa and Tran, Hai Anh and Tran, Quang Duc  (2018) Detecting Atacks on Web Applications using Autoencoder.  In: The Ninth International Symposium on Information and Communication Technology (SoICT 2018), 6-7 December 2018, Da Nang.    (In Press)