Abstract
The outstanding usage of web applications across the globe has enabled people to access desired information online with a few clicks. This has also enabled skilled attackers to compromise the availability, integrity and confidentiality of the data and information available on these websites. This paper proposes a framework for detecting and obstructing a large number of web attacks and scanning probes based on features of an HTTP (Hyper Text Transfer Protocol) request packet and also caters for POST HTTP data. We first trained four traditional machine learning models i.e. Decision Tree, Support Vector Machine (SVM), Naive Bayesian and Linear Regression by using a well-known publicly available dataset. It was found out that Decision Tree outperforms the rest in terms of performance and accuracy. Finally, a Convolutional Neural Network (CNN) based deep learning approach was implemented and tested on a well-known publicly available dataset. It results in optimal performance and an accuracy of 99.94%. The deep learning approach was enhanced by the introduction of a User Categorization Feature which uses cookies to categorise malicious attackers.
Original language | English |
---|---|
Pages | 95-101 |
DOIs | |
Publication status | Published - 30 Mar 2022 |
Externally published | Yes |
Event | IEEE 19th International Conference on Embedded and Ubiquitous Computing (EUC) - Shenyang, China Duration: 20 Oct 2021 → 22 Oct 2021 http://10.1109/EUC53437.2021 |
Conference
Conference | IEEE 19th International Conference on Embedded and Ubiquitous Computing (EUC) |
---|---|
Country/Territory | China |
City | Shenyang |
Period | 20/10/21 → 22/10/21 |
Internet address |
Keywords
- Web Application Firewall
- Web Deception
- Deep Learning
- Attacker Categorization
- Cookies