Web Attack Classification Model Based on Payload Embedding Pre-Training |
Kim, Yeonsu
(Chonnam National University)
Ko, Younghun (Chonnam National University) Euom, Ieckchae (Chonnam National University) Kim, Kyungbaek (Chonnam National University) |
1 | Sennrich, Rico, Barry Haddow, and Alexandra Birch, "Neural machine translation of rare words with subword units," arXiv preprint arXiv:1508.07909, Jun. 2016. |
2 | Armand Joulin, Edouard Grave, Piotr Bojanowski, Matthijs Douze, Herve Jegou and Tomas Mikolov, "Fasttext. zip: Compressing text classification models," arXiv preprint arXiv:1612.03651, Dec. 2016. |
3 | Vandana Dwivedi, Himanshu Yadav and Anurag Jain, "SQLAS: Tool to detect and prevent attacks in php web applications," International Journal of Security Privacy and Trust Management, vol. 4, no. 1, pp. 21-30 Feb. 2015. DOI |
4 | Sahu, Divya Rishi, and Deepak Singh Tomar, "Analysis of web application code vulnerabilities using secure coding standards," Arabian Journal for Science and Engineering, vol. 42, no. 2, pp. 885-895, Feb. 2017. DOI |
5 | Jason Bau, Elie Bursztein, Divij Gupta and John Mitchell, "State of the art: Automated black-box web application vulnerability testing," 2010 IEEE Symposium on Security and Privacy, pp. 332-345, May. 2010. |
6 | Priyank Bhojak, Kanu Patel, Vikram Agrawal and Vatsal Shah, "SQL Injection and XSS Vulnerability Detection in Web Application," International Journal of Advanced Research in Computer Science and Software Engineering, vol. 5, no. 12, pp. 110-115, Dec. 2015. |
7 | Roesch and Martin, "Snort: Lightweight intrusion detection for networks," Proceedings of the 13th USENIX conference on System administration, pp. 229-238, Nov. 1999. |
8 | Modsecurity, "Open Source Web Application Firewall," https://modsecurity.org/ |
9 | Ren, Fangli, Zhengwei Jiang, and Jian Liu, "A Bi-Directional LSTM Model with Attention for Malicious URL Detection," 2019 IEEE 4th Advanced Information Technology, Electronic and Automation Control Conference, pp. 300-305, Dec. 2019. |
10 | Mikhail Zolotukhin, Timo Hämäläinen, Tero Kokkonen and Jarmo Siltanen, "Analysis of http requests for anomaly detection of web attacks," Proceedings of IEEE 12th International Conference on Dependable, Autonomic and Secure Computing, pp. 406-411, Aug. 2014. |
11 | Abdelhamid Makiou. Youcef Begriche and Ahmed Serhrouchni, "Improving Web Application Firewalls to detect advanced SQL injection attacks," Information Assurance and Security 2014 10th International Conference, pp. 35-40, Nov. 2014. |
12 | Zhang, Zhaoxuan, Roy George, and Khalil Shujaee, "Efficient detection of anomolous HTTP payloads in networks," SoutheastCon 2016, pp. 1-3, Mar. 2016. |
13 | "Most advanced XSS scanner," https://github.com/s0md3v/XSStrike |
14 | Baojiang Cui, Shanshan He, Xi Yao and Peilin Shi, "Malicious URL detection with feature extraction based on machine learning," International Journal of High Performance Computing and Networking vol. 12, no. 2, pp. 166-178, Sep. 2018. DOI |
15 | Damele, Bernardo, and M. Stampar, "Sqlmap," Online at http://sqlmap.org, 2012. |
16 | Stasinopoulos, Anastasios, Christoforos Ntantogian and Christos Xenakis, "Commix: Detecting and exploiting command injection flaws," The Black hat Europe 2015, Nov. 2015. |
17 | "URL dataset(ISCX-URL-2016)," https://www.unb.ca/cic/datasets/url-2016.html |
18 | Nilesh Khochare and B. B. Meshram, "Tool to Detect and Prevent Web Attacks," International Journal of Advanced Research in Computer Engineering & Technology, vol. 1, no. 4, pp. 375-378, 2012. |
19 | Hsiu-Chuan Huang, Zhi-Kai Zhang, Hao-Wen Cheng and Shiuhpyng Winston Shieh, "Web Application Security: Threats, Countermeasures, and Pitfalls," in Computer, vol. 50, no. 6, pp. 81-85, Jun. 2017. DOI |
20 | Symantec, "Internet Security Threat Report," volume 24, Feb. 2019. |
21 | Hung Le, Quang Pham, Doyen Sahoo and Steven C.H. Hoi, "URLnet: Learning a URL representation with deep learning for malicious URL detection," arXiv preprint arXiv:1802.03162, Mar. 2018. |
22 | Saiyu Hao, Jun Long and Yingchuan Yang, "BL-IDS: Detecting Web Attacks Using Bi-LSTM Model Based on Deep Learning," International Conference on Security and Privacy in New Computing Environments, pp. 551-563, Apr. 2019. |
23 | Michiaki Ito and Hitoshi Iyatomi, "Web application firewall using character-level convolutional neural network," 2018 IEEE 14th International Colloquium on Signal Processing & Its Applications, pp. 103-106, Mar. 2018. |
24 | Yang, Wenchuan, Wen Zuo, and Baojiang Cui, "Detecting malicious urls via a keyword-based convolutional gated-recurrent-unit neural network," IEEE Access 7, pp. 29891-29900, Feb. 2019. DOI |