Computer Science

Computer Science ›› 2020, Vol. 47 ›› Issue (2): 281-286.doi: 10.11896/jsjkx.181202455

• Information Security • Previous Articles     Next Articles

Malicious Web Request Detection Technology Based on CNN

CUI Yan-peng1,2,LIU Mi1,HU Jian-wei1,2   

  1. (School of Cyber Engineering,Xidian University,Xi’an 710071,China)1;
    (Network Behavior Research Center,Xidian University,Xi’an 710071,China)2
  • Received:2018-12-31 Online:2020-02-15 Published:2020-03-18
  • About author:CUI Yan-peng,born in 1978,Ph.D,associate professor.Her main research interests include network attack and defense.

PDF (PC)

1102

Abstract: At present,in the field of Web malicious requests detection technology based on convolutional neural network,malicious requests are detected only for the URL part,and each research has different digital representation methods for the original data,which will result in low detection efficiency and detection accuracy.In order to improve the performance of the convolutional neural network in web malicious request detection,this paper introduced other HTTP request parameters to be merged with URLs,and used the dataset HTTP data set CSIC 2010 and DEV_ACCESS as the raw data.The comparative experiment first used six digital representation methods to represent the raw input of the string format,and then put them to the designed convolutional neural network to obtain six different models.At the same time,the classical algorithms HMM,SVM and RNN were trained on the same training data set to obtain the control models.Finally,the nine models were evaluated on the same test data set.The experimental results show that in the multi-parameter Web malicious request detection method,the convolutional neural network using the combination of the vocabulary mapping and the internal embedding layer to represent the original data achieves 99.87% accuracy and 98.92.% F1 score,therefore,the accuracy is improved by 0.4~7.7 percentage points and the F1 value is improved by 0.3~13 percentage points.The experiment fully demonstrate that the multi-parameter Web malicious request detection technology based on convolutional neural network has obvious advantages,and using the vocabulary mapping and the internal embedding layer of the network to represent the original data can make the model achieve the best detection performance.

Key words: Convolutional neural network, Deep learning, Malicious Web request detection, Web security

CLC Number: 

  • TP183
[1]ATIENZA D,HERRERO Á,CORCHADO E.Neural analysis of http traffic for web attack detection[C]∥Computational Intelligence in Security for Information Systems Conference.Cham:Springer,2015:201-212.
[2]ZHANG M,XU B,BAI S,et al.A Deep Learning Method to Detect Web Attacks Using a Specially Designed CNN[C]∥International Conference on Neural Information Processing.Springer,2017:828-836.
[3]SAXE J,BERLIN K.eXpose:A character-level convolutional neural network with embeddings for detecting malicious URLs,file paths and registry keys[J].arXiv:1702.08568,2017.
[4]KUSEY A.Detecting Malicious Requests with Keras & Tensorflow[EB/OL].(2017-09-12)[2018-06-10].https://medium.com/slalom-engineering/detecting-malicious-requests-with-keras-tensorflow-5d5db06b4f28.
[5]LE H,PHAM Q,SAHOO D,et al.URLNet:Learning a URL Representation with Deep Learning for Malicious URL Detection[J].arXiv:1802.03162,2018.
[6]CHEN Y C,LI Y J,TSENG A,et al.Deep learning for malicious flow detection[C]∥Personal,Indoor,and Mobile Radio Communications.2017:1-7.
[7]KRIZHEVSKY A,SUTSKEVER I,HINTON G E.Imagenet classification with deep convolutional neural networks[C]∥Advances in Neural Information Processing Systems.2012:1097-1105.
[8]SZEGEDY C,LIU W,JIA Y,et al.Going deeper with convolutions[C]∥Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.IEEE,2015:1-9.
[9]KIM Y.Convolutional neural networks for sentence classification[J].arXiv:1408.5882,2014.
[10]KALCHBRENNER N,GREFENSTETTE E,BLUNSOM P.A convolutional neural network for modelling sentences[J].arXiv:1404.2188,2014.
[11]ZHANG X,ZHAO J,LECUN Y.Character-level convolutional networks for text classification[C]∥Advances in Neural Information Processing Systems.2015:649-657.
[12]DOS SANTOS C,GATTI M.Deep convolutional neural net-works for sentiment analysis of short texts[C]∥Proceedings of COLING 2014,the 25th International Conference on Computational Linguistics:Technical Papers.2014:69-78.
[13]SEVERYN A,MOSCHITTI A.Unitn:Training deep convolutional neural network for twitter sentiment classification[C]∥Proceedings of the 9th International Workshop on Semantic Evaluation (SemEval 2015).2015:464-469.
[14]KINGMA D P,BA J.Adam:A method for stochastic optimization[J].arXiv:1412.6980,2014.
[15]SRIVASTAVA N,HINTON G,KRIZHEVSKY A,et al.Dropout:a simple way to prevent neural networks from overfitting[J].The Journal of Machine Learning Research,2014,15(1):1929-1958.
[16]ATHIWARATKUN B,STOKES J W.Malware classification with LSTM and GRU language models and a character-level CNN[C]∥IEEE International Conference on Acoustics,Speech and Signal Processing (ICASSP).IEEE,2017:2482-2486.
[17]HENDLER D,KELS S,RUBIN A.Detecting Malicious PowerShell Commands using Deep Neural Networks[C]∥Proceedings of the 2018 on Asia Conference on Computer and Communications Security.ACM,2018:187-197.
[18]JOHNSON R,ZHANG T.Effective use of word order for text categorization with convolutional neural networks[J].arXiv:1412.1058,2014.
[19]MIKOLOV T,SUTSKEVER I,CHEN K,et al.Distributed representations of words and phrases and their compositionality[C]∥Advances in Neural Information Processing Systems.2013:3111-3119.
[20]GIMÉNEZ C T,VILLEGAS A P,MARAÑÓ N G Á.HTTP data set CSIC 2010[J].Information Security Institute of CSIC (Spanish Research National Council),2010.
[21]JOSEPH A D,LASKOV P,ROLI F,et al.Machine learning methods for computer security (Dagstuhl Perspectives Workshop 12371)[C]∥Dagstuhl Manifestos.Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik.2013:3.
[1] ZHOU Le-yuan, ZHANG Jian-hua, YUAN Tian-tian, CHEN Sheng-yong. Sequence-to-Sequence Chinese Continuous Sign Language Recognition and Translation with Multi- layer Attention Mechanism Fusion [J]. Computer Science, 2022, 49(9): 155-161.
[2] XU Yong-xin, ZHAO Jun-feng, WANG Ya-sha, XIE Bing, YANG Kai. Temporal Knowledge Graph Representation Learning [J]. Computer Science, 2022, 49(9): 162-171.
[3] RAO Zhi-shuang, JIA Zhen, ZHANG Fan, LI Tian-rui. Key-Value Relational Memory Networks for Question Answering over Knowledge Graph [J]. Computer Science, 2022, 49(9): 202-207.
[4] TANG Ling-tao, WANG Di, ZHANG Lu-fei, LIU Sheng-yun. Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy [J]. Computer Science, 2022, 49(9): 297-305.
[5] WANG Jian, PENG Yu-qi, ZHAO Yu-fei, YANG Jian. Survey of Social Network Public Opinion Information Extraction Based on Deep Learning [J]. Computer Science, 2022, 49(8): 279-293.
[6] HAO Zhi-rong, CHEN Long, HUANG Jia-cheng. Class Discriminative Universal Adversarial Attack for Text Classification [J]. Computer Science, 2022, 49(8): 323-329.
[7] JIANG Meng-han, LI Shao-mei, ZHENG Hong-hao, ZHANG Jian-peng. Rumor Detection Model Based on Improved Position Embedding [J]. Computer Science, 2022, 49(8): 330-335.
[8] CHEN Yong-quan, JIANG Ying. Analysis Method of APP User Behavior Based on Convolutional Neural Network [J]. Computer Science, 2022, 49(8): 78-85.
[9] ZHU Cheng-zhang, HUANG Jia-er, XIAO Ya-long, WANG Han, ZOU Bei-ji. Deep Hash Retrieval Algorithm for Medical Images Based on Attention Mechanism [J]. Computer Science, 2022, 49(8): 113-119.
[10] SUN Qi, JI Gen-lin, ZHANG Jie. Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection [J]. Computer Science, 2022, 49(8): 172-177.
[11] HU Yan-yu, ZHAO Long, DONG Xiang-jun. Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification [J]. Computer Science, 2022, 49(7): 73-78.
[12] DAI Zhao-xia, LI Jin-xin, ZHANG Xiang-dong, XU Xu, MEI Lin, ZHANG Liang. Super-resolution Reconstruction of MRI Based on DNGAN [J]. Computer Science, 2022, 49(7): 113-119.
[13] CHENG Cheng, JIANG Ai-lian. Real-time Semantic Segmentation Method Based on Multi-path Feature Extraction [J]. Computer Science, 2022, 49(7): 120-126.
[14] LIU Yue-hong, NIU Shao-hua, SHEN Xian-hao. Virtual Reality Video Intraframe Prediction Coding Based on Convolutional Neural Network [J]. Computer Science, 2022, 49(7): 127-131.
[15] XU Ming-ke, ZHANG Fan. Head Fusion:A Method to Improve Accuracy and Robustness of Speech Emotion Recognition [J]. Computer Science, 2022, 49(7): 132-141.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.