The possibility of applying machine learning for the classification of malicious requests to a Web application is considered. This approach excludes the use of deterministic analysis systems (for example, expert systems), and is based on the application of a cascade of neural networks or perceptrons on anKeywords: Neural network, machine learning, intrusion detection system, protection of web applications, information security. IntroductionToday, the security of web applications is one of the key tasks of the information security area. Most sites available on the Internet have different vulnerabilities and are regularly exposed to various types of attacks. And if an untargeted attack can be recognized by most of the intrusion detection systems on the market, targeted attacks prepared by malicious user rather than bot attacks are difficult to recognize at times because of the impossibility of predicting all possible vectors of attacks and the tools used.In view of the fact that the task of detecting attacks can be considered as a classification (or recognition) task, neural networks are increasingly being used to solve it. As a method for detecting malicious actions against a web system, neural networks are trained on examples of attacks of each class and, in the sequel, are used to recognize whether the observed actions belong to any attack classes. One of the problems of constructing such systems with the use of neural networks is that it is necessary to build a feature space that will allow us to separate the classes of attacks among themselves, as well as separate them from normal behavior. The second problem is the detection of attacks during their non-standard conduct, when applying an attack unknown to the neural network (a bunch of attacks), as well as deliberately "tricking" the network with a malicious user [1].At this point in time in commercial intrusion detection systems, adaptability to unknown attacks is virtually nonexistent. And the identification of an attack happens(possible) on final stage, and not at the stage of possible prevention.When using neural networks to recognize something, the question of vectorization and normalization is always acute.
The possibility of applying machine learning is considered for the classification of malicious requests to a Web application. This approach excludes the use of deterministic analysis systems (for example, expert systems), and based on the application of a cascade of neural networks or perceptrons on anKeywords: Neural network, machine learning, intrusion detection system, protection of web applications, information security. IntroductionThe security of web applications today is one of the key tasks in the context of information security. Most sites which are available at the Internet have different vulnerabilities and are periodically attacked.The main source of security threats for web applications are malicious users. That is, people motivated, as usual, by commercial interests. Attacks on web applications can be divided into targeted and untargeted groups. Targeted attack is an attack with a pre-selected goal and task (for example, to get a database of the prices of a product from a competitor that has not yet gone on sale, or personal data on credit cards of users of this competitor). An untargeted attack differs in that there is a definite statement of the problem, but the goal is maximally flexible (for example, any sites on which credit card data can be in a certain geo-segment of the Internet).One of the urgent tasks in the field of information security is the creation the system for detecting non-standard, zero day attacks vector. The implementation of this task is complicated by the fact that in carrying out targeted attacks, it is almost impossible to predict all possible bundles of attack vectors and tools for impact on network objects, which leads to errors in the operation of intrusion detection systems. Another complication is that targeted attacks are mainly carried out by intruders. Highly qualified in the field of web security [4][5][6].The spread of attacks on web applications is associated with two main factors: the lack of proper support for site security and a low threshold for the entry of potential attackers. In most cases, the site does not use specialized means of monitoring, detecting and preventing intrusions, the quality of design and software implementation is not paid enough attention, there are no specialists in information security in the application support staff. The proliferation of a variety of utilities and security
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.