Detecting Web Attacks Based on Clustering Algorithm and Multi-branch CNN

09:40 | 21/05/2021

CSKH-02.2020. Abstract—This paper proposes and develops a web attack detection model that combines a clustering algorithm and a multi-branch convolutional neural network (CNN). The original feature set was clustered into clusters of similar features. Each cluster of similar features was generalized in a convolutional structure of a branch of the CNN. The component feature vectors are assembled into a synthetic feature vector and included in a fully connected layer for classification. Using K-fold cross-validation, the accuracy of the proposed method 98.8%, F1-score is 98.9% and the improvement rate of accuracy is 1.479%.

Tóm tắtBài báo đề xuất và phát triển mô hình phát hiện tấn công Web dựa trên kết hợp thuật toán phân cụm và mạng nơ-ron tích chập (CNN) đa nhánh. Tập đặc trưng ban đầu được phân cụm thành các nhóm đặc trưng tương ứng. Mỗi nhóm đặc trưng được khái quát hoá trong một nhánh của mạng CNN đa nhánh để tạo thành một vector đặc trưng thành phần. Các vector đặc trưng thành phần được ghép lại thành một vector đặc trưng tổng hợp và đưa vào lớp liên kết đầy đủ để phân lớp. Sử dụng phương pháp kiểm thử chéo trên mô hình đề xuất, độ chính xác đạt 98,8%, F1-score đạt 98,8% và tỉ lệ cải tiến độ chính xác là 1,479%.

Xem toàn bộ bài báo tại đây.

References

  1. Ozgur Koray Sahingoz, Ebubekir Buber, Onder Demir, Banu Diri, Machine learning based phishing detection from URLs, Expert Systems With Applications 117, 2019, pp. 345–357.
  2. Ankit Kumar Jain1 · B. B. Gupta, A Machine Learning based Approach for phishing detection using hyperlinks information, © Springer-Verlag GmbH Germany, part of Springer Nature 2018.
  3. Anamika Joshi, Geetha V, SQL Injection Detection using Machine Learning, 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT), 2014.
  4. Yuchun Tang, Zhenyu Zhong, Yuanchen He, System and Method for Detection of DoS Attacks, Apr. 25, 2013.
  5. Ming Zhang, Boyi Xu, Shuai Bai, Shuaibing Lu, and Zhechao Lin, A Deep Learning Method to Detect Web Attacks Using a Specially Designed CNN, ICONIP 2017, Part V, LNCS 10638, 2017, pp. 828–836.
  6. Ali Moradi Vartouni, Saeed Sedighian Kashi, Mohammad Teshnehlab, An Anomaly Detection Method to Detect Web Attacks Using Stacked Auto-Encoder, 6th Iranian Joint Congress on Fuzzy and Intelligent Systems (CFIS), 2018.
  7. Ruibo Yan, Xi Xiao, Guangwu Hu, Sancheng Peng, Yong Jiang, New deep learning method to detect code injection attacks on hybrid applications, The Journal of Systems and Software 137, 2018, pp. 67–77.
  8. Yadigar Imamverdiyev, Fargana Abdullayeva, Deep Learning Method for Denial of Service Attack Detection Based on Restricted Boltzmann Machine, Mary Ann Liebert, Inc., Big Data, Volume 6 Number 2, 2018.
  9. Coenen, F., Goulbourne, G. and Leng, P., Tree Structures for Mining association Rules, Journal of Data Mining and Knowledge Discovery, Vol 8, No 1, 2003, pp. 25-51.
  10. Asantha Thilina, Shakthi Attanayake, Sacith Samarakoon, Dahami Nawodya, Lakmal Rupasinghe, Nadith Pathirage, Tharindu Edirisinghe, Kesavan Krishnadeva, Intruder Detection Using Deep Learning and Association Rule Mining, IEEE International Conference on Computer and Information Technology, 2016.
  11. Martin Ester, Hans-Peter Kriegel, Jörg Sander, and Xiaowei Xu, A density-based algorithm for discovering clusters in large spatial databases with noise, In Proceedings of the 2nd ACM International Conference on Knowledge Discovery and Data Mining (KDD), 1996, pp. 226–231.
  12. Junhao Gan, Yufei Tao, DBSCAN revisited: Mis-Claim, Un-fixability and Approximation, SIGMODE 2015.
  13. Erich Schubert, Jorg Sander, Martin Ester, Hans-Peter Kriegel, Xiaowei Xu, DBSCAN Revisited, Revisited: Why and How You Should (Still) Use DBSCAN, ACM Trans. Database Syst. 42, 3, Article 19, 2017.
  14. 14. Bin Li, Hu Luo, Haoxin Zhang, Shunquan Tan, Zhongzhou Ji, A multi-branch convolutional neural network for detecting double JPEG compression, Arxiv, 2017.
  15. Shahab Aslani, Michael Dayan, Loredana Storelli, Massimo Filippi, Vittorio Murino, Maria A Rocca, Diego Sona, Multi-branch Convolutional Neural Network for Multiple Sclerosis Lesion Segmentation, Arxiv, April 2019.
  16. Pengyi Hao, Xiang Gao, Zhihe Li, Jinglin Zhang, Fuli Wu, Cong Bai, Multi-branch fusion network for Myocardial infarction screening from 12-lead ECG images, Computer Methods and Programs in Biomedicine 184, 2020.
  17. Web attack detection dataset: https://github.com/DuckDuckBug/cnn_waf
  18. Pan Yao, Sun Fangzhou, Teng Zhongwei, White Jules, Schmidt Douglas, Staples Jacob and Krause Lee, Detecting web attacks with end-to-end deep learning. Journal of Internet Services and Applications, 2019.

Thông tin trích dẫn: Pham Van Huong, Le Thi Hong Van, Pham Sy Nguyen, “Detecting Web Attacks Based on Clustering Algorithm and Multi-branch CNN”, Journal of Science and Technology on Information Security, ISSN 2615-9570, Vol. 12, No. 02, 2020, pp. 31-37.