Abstract
In recent years, attacks targeting websites have become a persistent threat. Therefore, web application security has become a significant issue. Dealing with unbalanced data is the biggest obstacle to providing security for web applications since there are fewer malicious requests despite a large number of benign requests. This paper suggests a novel Zero-Shot Learning method employing a Convolutional Neural Network (ZSL-CNN) to address unbalanced data problem and high false positive rates. This approach uses only benign data during training while predicting unseen malicious requests. Five web request datasets are used for validation on a diverse set of samples. The first dataset is a novel dataset containing Internet banking web request logs provided by Yapi Kredi Teknoloji. Other datasets are (i) an open-source WAF dataset, (ii) CSIC 2010 HTTP dataset, (iii) HTTP Params 2015 dataset, and (iv) a hybrid dataset. URIs are extracted from these datasets and fed to the ZSL-CNN model after code embedding. The same datasets are tested using other well-known models such as Isolation Forest, Autoencoder, Denoising Autoencoder with Dropout, and One-Class SVM. As per the comparison of the outcomes, it is seen that true positive rate of ZSL-CNN model is the greatest, reaching 99.29%.
Original language | English |
---|---|
Pages (from-to) | 91511-91525 |
Number of pages | 15 |
Journal | IEEE Access |
Volume | 11 |
DOIs | |
Publication status | Published - 2023 |
Bibliographical note
Publisher Copyright:© 2013 IEEE.
Keywords
- CNN
- Zero-shot learning
- anomaly detection
- attack detection
- web attacks
Fingerprint
Dive into the research topics of 'Web Based Anomaly Detection Using Zero-Shot Learning With CNN'. Together they form a unique fingerprint.Press/Media
-
Reports Outline Engineering Research from Istanbul Technical University (Web Based Anomaly Detection Using Zero-Shot Learning With CNN)
19/09/23
1 item of Media coverage
Press/Media