Abstract
Web applications are often exposed to attacks because of the critical information and valuable assets they host. In this study, Bi-LSTM based web application security models were developed in order to detect web attacks and classify them into binary or multiple classes using HTTP requests. A novel data augmentation technique based on the self-adapting noise adding method (DA-SANA) was developed. The DA-SANA method solves the low sensitivity problem caused by imbalanced data and the complex structure of multi-class classification in web attack detection. Experimental evaluations are carried out in detail using two benchmark web security datasets and a newly created dataset within the scope of the study. The achieved worst case detection rates are 98.34% and 93.91% for binary-class and multi-class classifications, respectively. The proposed DA-SANA technique provides an average of 6.52% improvement in multi-class classification for two datasets. These results revealed that the best classification performance values were achieved when compared with previous studies.
Highlights
Significant attacks such as SQL injection (SQLi), cross-site scripting (XSS), remote code execution (RCE), local file inclusion (LFI), broken authentication, sensitive data exposure, XML external entities (XXE), and cross-site request forgery (CSRF) can be performed against web applications
In this study, we proposed web attack detection models with data augmentation based on the self-adapting noise adding (DA-SANA) method and Bi-Long Short Term Memory (LSTM) architecture
Binaryclass and multi-class classification models based on the BIDIRECTIONAL LONG SHORT TERM MEMORY (BiLSTM) structure were successfully trained and tested with web anomalous datasets
Summary
Significant attacks such as SQL injection (SQLi), cross-site scripting (XSS), remote code execution (RCE), local file inclusion (LFI), broken authentication, sensitive data exposure, XML external entities (XXE), and cross-site request forgery (CSRF) can be performed against web applications Because of these web attacks, critical data can be exposed, systems can be hijacked, and significant privacy violations or financial losses can occur. According to the Owasp report, the most dangerous of these security risks are injection attacks and the best-known are SQLi, XSS and command injection attacks Using these injection vulnerabilities, it is possible to leak critical information or run the application unexpectedly by executing unwanted codes on the web server or user browser by using attackersupplied data that are non-validated, non-filtered or nonsanitized.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
