Semi-supervised based Unknown Attack Detection in EDR Environment

doi:10.3837/tiis.2020.12.016

Cited by 4 publications

(2 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The advantages, disadvantages, and challenges of the WAF approaches are presented in Table 1. Failing in detecting newly emerging attacks; Bypassing using encoding techniques [13] Updating the signature database Anomalybased WAFs [9][10][11][12][13] Effective in detecting known and newly emerging attacks High FP rate; high variance (overfitting) and high bias (underfitting) [16] Feature extraction and selection; Generalization for real-world Policybased WAFs [14] Elimination of the disadvantages of signature and anomalybased systems Vulnerabilities due to incorrect sequencing of policies [14] Requirement for domain experts, Difficulties in the operation of policies at large-scale systems Hybrid WAF systems [15] Combining the power of signature-based and anomaly-based systems The disadvantages of signature-based and anomaly-based systems Requirement for domain experts to the management of security rules [15] Two different web security studies have been carried out by Nguyen et al [9,10], one of which is based on feature selection, and the other is based on an ensemble model, using different traditional machine learning algorithms. The authors [10] developed WAF models based on generic feature selection (GeFS) and different machine learning.…”

Section: Related Workmentioning

confidence: 99%

Two Stage Deep Learning Based Stacked Ensemble Model for Web Application Security

2022

KSII TIIS

View full text Add to dashboard Cite

Detecting web attacks is a major challenge, and it is observed that the use of simple models leads to low sensitivity or high false positive problems. In this study, we aim to develop a robust two-stage deep learning based stacked ensemble web application firewall. Normal and abnormal classification is carried out in the first stage of the proposed WAF model. The classification process of the types of abnormal traffics is postponed to the second stage and carried out using an integrated stacked ensemble model. By this way, clients' requests can be served without time delay, and attack types can be detected with high sensitivity. In addition to the high accuracy of the proposed model, by using the statistical similarity and diversity analyses in the study, high generalization for the ensemble model is achieved. Within the study, a comprehensive, up-to-date, and robust multi-class web anomaly dataset named GAZI-HTTP is created in accordance with the real-world situations. The performance of the proposed WAF model is compared to state-of-the-art deep learning models and previous studies using the benchmark dataset. The proposed two-stage model achieved multi-class detection rates of 97.43% and 94.77% for GAZI-HTTP and ECML-PKDD, respectively.

show abstract

Section: Related Workmentioning

confidence: 99%

Two Stage Deep Learning Based Stacked Ensemble Model for Web Application Security

2022

KSII TIIS

View full text Add to dashboard Cite

show abstract

“…As the first layer of image processing, the convolutional layer aims to learn the feature representation of the input image. The convolutional layer consists of multiple filters that map different features [16,17]. In a convolutional neural network, an element in the output of a certain layer is determined when the region size of the corresponding input layer is called the receptive field.…”

Section: Convolutional Layermentioning

confidence: 99%

A Review of Convolutional Neural Network Development in Computer Vision

Zhang

2022

EAI Endorsed Trans IoT

View full text Add to dashboard Cite

Convolutional neural networks have made admirable progress in computer vision. As a fast-growing computer field, CNNs are one of the classical and widely used network structures. The Internet of Things (IoT) has gotten a lot of attention in recent years. This has directly led to the vigorous development of AI technology, such as the intelligent luggage security inspection system developed by the IoT, intelligent fire alarm system, driverless car, drone technology, and other cutting-edge directions. This paper first outlines the structure of CNNs, including the convolutional layer, the downsampling layer, and the fully connected layer, all of which play an important role. Then some different modules of classical networks are described, and these modules are rapidly driving the development of CNNs. And then the current state of CNNs research in image classification, object segmentation, and object detection is discussed.

show abstract