A novel model for detecting web defacement attacks transformer using plain text features

Abstract

Over the last decade, web defacements and other types of web attacks have been considered serious security threats to web-based services and systems of many enterprises and organizations. A website defacement attack can bring severe repercussions to the website owner, such as immediate discontinuance of the website operations and damage to the owner’s reputation, which may lead to enormous monetary losses. Several solutions and tools for monitoring and detecting web defacements have been designed and developed. Some solutions and tools are limited to static web pages, while others can handle dynamic ones but demand significant computational power. The existing proposals’ other issues are relatively low detection rates and high false alarm rates because many crucial elements of web pages, including embedded code and images are not properly processed. This paper proposes a novel model for detecting web defacements to address these issues. The model is based on the bidirectional long-short term memory (Bi-LSTM) deep learning method using features of the plain text content extracted from web pages. Comprehensive testing on over 96,000 web pages dataset demonstrates that the proposed Bi-LSTM-based web defacement detection model outperforms earlier methods, achieving a 96.04% overall accuracy and a 2.03% false positive rate.