Web Based Anomaly Detection Using Zero-Shot Learning With CNN

Dilek Yilmazer Demirel*, Mehmet Tahir Sandikkaya

*Bu çalışma için yazışmadan sorumlu yazar

Araştırma sonucu: Dergiye katkıMakalebilirkişi

2 Atıf (Scopus)

Özet

In recent years, attacks targeting websites have become a persistent threat. Therefore, web application security has become a significant issue. Dealing with unbalanced data is the biggest obstacle to providing security for web applications since there are fewer malicious requests despite a large number of benign requests. This paper suggests a novel Zero-Shot Learning method employing a Convolutional Neural Network (ZSL-CNN) to address unbalanced data problem and high false positive rates. This approach uses only benign data during training while predicting unseen malicious requests. Five web request datasets are used for validation on a diverse set of samples. The first dataset is a novel dataset containing Internet banking web request logs provided by Yapi Kredi Teknoloji. Other datasets are (i) an open-source WAF dataset, (ii) CSIC 2010 HTTP dataset, (iii) HTTP Params 2015 dataset, and (iv) a hybrid dataset. URIs are extracted from these datasets and fed to the ZSL-CNN model after code embedding. The same datasets are tested using other well-known models such as Isolation Forest, Autoencoder, Denoising Autoencoder with Dropout, and One-Class SVM. As per the comparison of the outcomes, it is seen that true positive rate of ZSL-CNN model is the greatest, reaching 99.29%.

Orijinal dilİngilizce
Sayfa (başlangıç-bitiş)91511-91525
Sayfa sayısı15
DergiIEEE Access
Hacim11
DOI'lar
Yayın durumuYayınlandı - 2023

Bibliyografik not

Publisher Copyright:
© 2013 IEEE.

Parmak izi

Web Based Anomaly Detection Using Zero-Shot Learning With CNN' araştırma başlıklarına git. Birlikte benzersiz bir parmak izi oluştururlar.

Alıntı Yap