Abstract
In the context of the new era of high digitization and informatization, the emergence of the internet and artificial intelligence technologies has profoundly changed people’s lifestyles. The traditional cyber attack detection has become increasingly weak in the context of the increasingly complex network environment in the new era, and deep learning technology has begun to play a significant role in the field of network security. There are many kinds of attacks against web applications, which are very harmful, including SQL (Structured Query Language) injection, XSS (Cross-Site Scripting), and command injection. Based on the detection of SQL injection and XSS attacks, this paper combines the detection of command injection attacks, which are also very harmful, and proposes a multi-classification detection method for web injection attacks. We extract features in the URL (Uniform Resource Locator) and request body of HTTP (Hyper Text Transfer Protocol) requests and combine deep learning technology to build a multi-classification model for injection attacks. Firstly, aiming at the problem of imbalanced distribution of training samples and low detection accuracy of command injection attack, a sample generation method is proposed. The experimental results show that the proposed method ensures a higher detection rate of command injection attacks and lower false alarms. Secondly, we propose a more expressive feature fusion model, which effectively combines the features extracted by deep learning with the discrete features extracted manually. The experimental results show that the feature fusion model proposed in this work is more effective compared with a single deep learning model. The accuracy of the model is improved by about 1%.
Subject
General Mathematics,Engineering (miscellaneous),Computer Science (miscellaneous)
Reference33 articles.
1. SQL Injection,2022
2. Cross Site Scripting (XSS) Software Attack,2022
3. FlexBooker Discloses Data Breach, over 3.7 Million Accounts Impacted,2022
4. Croatian Phone Carrier A1 Hrvatska Has Disclosed a Data Breach that Has Impacted Roughly 200,000 Customers,2022
5. Toyota Halts Production after Reported Cyberattack on Supplier,2022
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献