期刊
NEURAL NETWORK WORLD
卷 29, 期 4, 页码 189-206出版社
ACAD SCIENCES CZECH REPUBLIC, INST COMPUTER SCIENCE
DOI: 10.14311/NNW.2019.29.013
关键词
anomaly-based detection; artificial neural networks; hybrid web application firewall; web-based attacks; web application security
资金
- SAN-TEZ projects of the Republic of Turkey, Ministry of Science, Industry, and Technology [0235.STZ.201-1]
Attacks on web applications and web-based services were conducted using Hyper-Text Transfer Protocol (HTTP), which is also used as the communication protocol of web-based applications. Due to the dynamic structure of web applications and the fact that they have many variables, detection and prevention of web-based attacks are made more difficult. In this study, a hybrid learning-based web application firewall (WAF) model is proposed to prevent web-based attacks, by using signature-based detection (SBD) and anomaly-based detection (ABD). Detection of known web-based attacks is done by using SBD, while detection of anomaly HTTP requests is done by using ABD. Learning-based ABD is implemented by using Artificial Neural Networks (ANN). Thus, an adaptation of the model against zero-day attacks is ensured by learning-based ABD by using ANN. The proposed model is tested by using WAF 2015, CSIC 2010 and ECML-PKDD datasets which are open source datasets. According to the test results, a high mean achievement percentage (96.59%) was obtained. Detection results are also compared to previous studies. After comparison, the proposed model promises higher performance than what the existing studies until now have to offer.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据