Detecting web attacks with end-to-end deep learning

Abstract: Web applications are popular targets for cyber-attacks because they are network-accessible and often contain vulnerabilities. An intrusion detection system monitors web applications and issues alerts when an attack attempt is detected. Existing implementations of intrusion detection systems usually extract features from network packets or string characteristics of input that are manually selected as relevant to attack analysis. Manually selecting features, however, is time-consuming and requires in-depth secur… Show more

“…Researchers have applied deep learning based on SAE for the implementation of WAF [34], denoising SAE [35], recurrent neural network including long-short-term-memory and gated-recurrentunit [36], and character-level convolutional neural network for web attacks detection [37].…”

Leveraging deep neural networks for anomaly‐based web application firewall

“…Researchers have applied deep learning based on SAE for the implementation of WAF [34], denoising SAE [35], recurrent neural network including long-short-term-memory and gated-recurrentunit [36], and character-level convolutional neural network for web attacks detection [37].…”

Leveraging deep neural networks for anomaly‐based web application firewall

“…In [31] More specifically, applying this method to the detection of malicious access of patient records by Trusted System Users would require significant redesign, as the method focuses on the detection of technical attacks against the system (SQL injection or XSS attacks) rather than the detection of valid system credentials being used to access patient records under specific abnormal scenarios.…”

“…However, two findings from [31] are relevant; firstly, the confirmation that collecting labelled training data in large scale production systems can be difficult, and secondly, identification that the Autoencoder algorithm requires about items of unlabelled training data to achieve performance. This particular finding highlights the difficulty in obtaining sufficient data in a Healthcare setting.…”

ML-based cyber incident detection for Electronic Medical Record (EMR) systems

“…Building a model requires attribute categorization, fitting, and validation. All those activities should be carried out in timely sequence otherwise slipping risky packets undetected is inevitable [ 8 ]. On the other hand, integrating ML within embedded systems operation should consider the diversity of their computing resources such as the CPU architecture, the provision of graphical processing unit (GPU), the size of the physical memory, and the network connectivity [ 2 ].…”

Study of Machine Learning for Cloud Assisted IoT Security as a Service