VNU-UET Repository

Detecting Atacks on Web Applications using Autoencoder

Mac, Hieu and Truong, Dung and Nguyen, Lam and Nguyen, Ngoc Hoa and Tran, Hai Anh and Tran, Quang Duc (2018) Detecting Atacks on Web Applications using Autoencoder. In: The Ninth International Symposium on Information and Communication Technology (SoICT 2018), 6-7 December 2018, Da Nang. (In Press)

Full text not available from this repository.


Web attacks have become a real threat to the Internet. This paper proposes the use of autoencoder to detect malicious pattern in the HTTP/HTTPS requests. The autoencoder is able to operate on the raw data and thus, does not require the hand-crafted features to be extracted. We evaluate the original autoencoder and its variants and end up with the Regularized Deep Autoencoder, which can achieve an F1-score of 0.9463 on the CSIC 2010 dataset. It also produces a better performance with respect to OWASP Core Rule Set and other one-class methods, reported in the literature. The Regularized Deep Autoencoder is then combined with Modsecurity in order to protect a website in real time. This algorithm proves to be comparable to the original Modsecurity in terms of computation time and is ready to be deployed in practice.

Item Type: Conference or Workshop Item (Paper)
Subjects: Information Technology (IT)
Divisions: Faculty of Information Technology (FIT)
Depositing User: Assoc.Prof Hoá NGUYỄN Ngọc
Date Deposited: 15 Nov 2018 09:22
Last Modified: 15 Nov 2018 09:22

Actions (login required)

View Item View Item