| 基于CNN的恶意Web请求检测技术 |
| |
| 引用本文: | 崔艳鹏,刘咪,胡建伟.基于CNN的恶意Web请求检测技术[J].计算机科学,2020,47(2):281-286. |
| |
| 作者姓名: | 崔艳鹏 刘咪 胡建伟 |
| |
| 作者单位: | 西安电子科技大学网络与信息安全学院 西安 710071;西安电子科技大学网络行为研究中心 西安 710071;西安电子科技大学网络与信息安全学院 西安 710071 |
| |
| 摘 要: | 目前,基于卷积神经网络的Web恶意请求检测技术领域内只有针对URL部分进行恶意检测的研究,并且各研究对原始数据的数字化表示方法不同,这会造成检测效率和检测准确率较低。为提高卷积神经网络在Web恶意请求检测领域的性能,在现有工作的基础上将其他多个HTTP请求参数与URL合并,将数据集HTTP data set CSIC 2010和DEV_ACCESS作为原始数据,设计对比实验。首先采用6种数据数字向量化方法对字符串格式的原始输入进行处理;然后将其分别输入所设计的卷积神经网络,训练后可得到6个不同的模型,同时使用相同的训练数据集对经典算法HMM,SVM和RNN进行训练,得到对照组模型;最后在同一验证集上对9个模型进行评估。实验结果表明,采用多参数的Web恶意请求检测方法将词汇表映射与卷积神经网络内部嵌入层相结合对原始数据进行表示,可使卷积神经网络取得99.87%的准确率和98.92%的F1值。相比其他8个模型,所提方法在准确率上提升了0.4~7.7个百分点,在F1值上提升了0.3~13个百分点。实验充分说明,基于卷积神经网络的多参数Web恶意请求检测技术具有明显的优势,且使用词汇表映射和网络内部嵌入层对原始数据进行处理能使该模型取得最佳的检测效果。
|
| 关 键 词: | 卷积神经网络 深度学习 WEB安全 恶意Web请求检测 |
Malicious Web Request Detection Technology Based on CNN |
| |
| CUI Yan-peng,LIU Mi,HU Jian-wei.Malicious Web Request Detection Technology Based on CNN[J].Computer Science,2020,47(2):281-286. |
| |
| Authors: | CUI Yan-peng LIU Mi HU Jian-wei |
| |
| Affiliation: | (School of Cyber Engineering,Xidian University,Xi’an 710071,China;Network Behavior Research Center,Xidian University,Xi’an 710071,China) |
| |
| Abstract: | At present,in the field of Web malicious requests detection technology based on convolutional neural network,malicious requests are detected only for the URL part,and each research has different digital representation methods for the original data,which will result in low detection efficiency and detection accuracy.In order to improve the performance of the convolutional neural network in web malicious request detection,this paper introduced other HTTP request parameters to be merged with URLs,and used the dataset HTTP data set CSIC 2010 and DEV_ACCESS as the raw data.The comparative experiment first used six digital representation methods to represent the raw input of the string format,and then put them to the designed convolutional neural network to obtain six different models.At the same time,the classical algorithms HMM,SVM and RNN were trained on the same training data set to obtain the control models.Finally,the nine models were evaluated on the same test data set.The experimental results show that in the multi-parameter Web malicious request detection method,the convolutional neural network using the combination of the vocabulary mapping and the internal embedding layer to represent the original data achieves 99.87%accuracy and 98.92.%F1 score,therefore,the accuracy is improved by 0.4~7.7 percentage points and the F1 value is improved by 0.3~13 percentage points.The experiment fully demonstrate that the multi-parameter Web malicious request detection technology based on convolutional neural network has obvious advantages,and using the vocabulary mapping and the internal embedding layer of the network to represent the original data can make the model achieve the best detection performance. |
| |
| Keywords: | Convolutional neural network Deep learning Web security Malicious Web request detection |
| 本文献已被 维普 万方数据 等数据库收录! |
|
