Approaches to Anomaly Detection in Web Application Intrusion Detection Systems

Dmitry, Dik; Elena, Polyakova; Человечкова, А В; Zmyzgova, T. R.; Elena, Ponomareva

doi:10.1109/usbereit48449.2020.9117745

Cited by 4 publications

(3 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Article [11] is the only one in the list found to follow a systematic review approach, it discusses the implementation of deep learning in network IDS, and does not focus on web related intrusion detection methods. Articles [12], [13], [14] are dedicated for web intrusion detection however they are neither discussing the implementation of deep learning methods, nor following a systematic approach.…”

Section: Building Interpretable and Explainable Model 1 Contributionmentioning

confidence: 99%

Deep Learning Methods in Web Intrusion Detection: A Systematic Review

Halim

Kholief

Maghraby

2022

Preprint

View full text Add to dashboard Cite

Web application and services are essential part of the internet. They automate many people activities such as purchasing goods, communica- tion, socialization, and political voting. Those applications are usually written and developed by programmers who might not be fully aware of cybersecurity aspects which leaves the applications vulnerable to web application attacks. The best way to mitigate such risks is to write secure code any add multi- ple security layers in the application architecture to ensure security in-depth, however, this comes with great cost and write perfectly secured source code is near to impossible. This is why researchers and engineers invented more exter- nal systems to help in protecting web applications and services, e.g., intrusion detection systems, firewalls, anti-fraud systems. Despite the improvements such systems add to the application security stack, however more challenges came to the surface, ignoring these challenges might risk the entire setup and leave the environment in worse state (e.g., bad implementation of intrusion detection system can cause high false positive rates resulting in blocking users from executing transactions). As the problem of intrusion detection is related to analysis of previous HTTP log to know discriminate normal traffic from malicious, machine and deep learning are playing profound role in solving many of intrusion detection problems. In this survey article we provide systematic review of the recent develop- ments of applying deep learning methods in Web Intrusion Detection Systems (WIDS). The article starts by introduction of intrusion detection in both network and web environments and the difference between Anomaly based and signature based methods. Then we highlight the contribution, review meth- ods, and search strategy are discussed in follower sections. Then the reviewing selected papers and comparing their methods are introduced. Finally, the ar- ticle conclude with discussion section highlighting the future trends of WIDS research.

show abstract

Section: Building Interpretable and Explainable Model 1 Contributionmentioning

confidence: 99%

Deep Learning Methods in Web Intrusion Detection: A Systematic Review

Halim

Kholief

Maghraby

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…The security of the web from various types of malicious it is needful by using anomaly detection systems. Many systems build it to secure the web, such as anomaly detection in the HTTP request parameters [59]. Simultaneously by growing internet services, the number of threats increased [60].…”

Section: Ids For Web Applicationsmentioning

confidence: 99%

Deep Learning Approaches for Intrusion Detection

Salih

Ameen

Zeebaree

et al. 2021

AJRCoS

View full text Add to dashboard Cite

Recently, computer networks faced a big challenge, which is that various malicious attacks are growing daily. Intrusion detection is one of the leading research problems in network and computer security. This paper investigates and presents Deep Learning (DL) techniques for improving the Intrusion Detection System (IDS). Moreover, it provides a detailed comparison with evaluating performance, deep learning algorithms for detecting attacks, feature learning, and datasets used to identify the advantages of employing in enhancing network intrusion detection.

show abstract

“…A BAD-based security solution could be relevant for multiple cyber systems and environments such as web applications and databases [31]. In particular, it is meant to deal with multiple security threats such as malicious insider and compromised user account.…”

Section: Existing Behavioral Anomaly Detection-based Security Approachesmentioning

confidence: 99%