Mac, Hieu and Truong, Dung and Nguyen, Lam and Nguyen, Ngoc Hoa and Tran, Hai Anh and Tran, Quang Duc (2018) Detecting Atacks on Web Applications using Autoencoder. In: The Ninth International Symposium on Information and Communication Technology (SoICT 2018), 6-7 December 2018, Da Nang. (In Press)
Full text not available from this repository.Abstract
Web attacks have become a real threat to the Internet. This paper proposes the use of autoencoder to detect malicious pattern in the HTTP/HTTPS requests. The autoencoder is able to operate on the raw data and thus, does not require the hand-crafted features to be extracted. We evaluate the original autoencoder and its variants and end up with the Regularized Deep Autoencoder, which can achieve an F1-score of 0.9463 on the CSIC 2010 dataset. It also produces a better performance with respect to OWASP Core Rule Set and other one-class methods, reported in the literature. The Regularized Deep Autoencoder is then combined with Modsecurity in order to protect a website in real time. This algorithm proves to be comparable to the original Modsecurity in terms of computation time and is ready to be deployed in practice.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Subjects: | Information Technology (IT) |
| Divisions: | Faculty of Information Technology (FIT) |
| Depositing User: | Assoc.Prof Hoá NGUYỄN Ngọc |
| Date Deposited: | 15 Nov 2018 09:22 |
| Last Modified: | 15 Nov 2018 09:22 |
| URI: | http://eprints.uet.vnu.edu.vn/eprints/id/eprint/3166 |
Actions (login required)
 |
View Item |
