Web application and services are essential part of the internet. They automate many people activities such as purchasing goods, communica- tion, socialization, and political voting. Those applications are usually written and developed by programmers who might not be fully aware of cybersecurity aspects which leaves the applications vulnerable to web application attacks. The best way to mitigate such risks is to write secure code any add multi- ple security layers in the application architecture to ensure security in-depth, however, this comes with great cost and write perfectly secured source code is near to impossible. This is why researchers and engineers invented more exter- nal systems to help in protecting web applications and services, e.g., intrusion detection systems, firewalls, anti-fraud systems.
Despite the improvements such systems add to the application security stack, however more challenges came to the surface, ignoring these challenges might risk the entire setup and leave the environment in worse state (e.g., bad implementation of intrusion detection system can cause high false positive rates resulting in blocking users from executing transactions).
As the problem of intrusion detection is related to analysis of previous HTTP log to know discriminate normal traffic from malicious, machine and deep learning are playing profound role in solving many of intrusion detection problems.
In this survey article we provide systematic review of the recent develop- ments of applying deep learning methods in Web Intrusion Detection Systems (WIDS). The article starts by introduction of intrusion detection in both network and web environments and the difference between Anomaly based and signature based methods. Then we highlight the contribution, review meth- ods, and search strategy are discussed in follower sections. Then the reviewing selected papers and comparing their methods are introduced. Finally, the ar- ticle conclude with discussion section highlighting the future trends of WIDS research.