Journal
NEURAL NETWORK WORLD
Volume 29, Issue 4, Pages 189-206Publisher
ACAD SCIENCES CZECH REPUBLIC, INST COMPUTER SCIENCE
DOI: 10.14311/NNW.2019.29.013
Keywords
anomaly-based detection; artificial neural networks; hybrid web application firewall; web-based attacks; web application security
Categories
Funding
- SAN-TEZ projects of the Republic of Turkey, Ministry of Science, Industry, and Technology [0235.STZ.201-1]
Ask authors/readers for more resources
Attacks on web applications and web-based services were conducted using Hyper-Text Transfer Protocol (HTTP), which is also used as the communication protocol of web-based applications. Due to the dynamic structure of web applications and the fact that they have many variables, detection and prevention of web-based attacks are made more difficult. In this study, a hybrid learning-based web application firewall (WAF) model is proposed to prevent web-based attacks, by using signature-based detection (SBD) and anomaly-based detection (ABD). Detection of known web-based attacks is done by using SBD, while detection of anomaly HTTP requests is done by using ABD. Learning-based ABD is implemented by using Artificial Neural Networks (ANN). Thus, an adaptation of the model against zero-day attacks is ensured by learning-based ABD by using ANN. The proposed model is tested by using WAF 2015, CSIC 2010 and ECML-PKDD datasets which are open source datasets. According to the test results, a high mean achievement percentage (96.59%) was obtained. Detection results are also compared to previous studies. After comparison, the proposed model promises higher performance than what the existing studies until now have to offer.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available