loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Rodrigo Branco ; Vinicius Cogo and Ibéria Medeiros

Affiliation: LASIGE, Departamento de Informática, Faculdade de Ciências, Universidade de Lisboa, Portugal

Keyword(s): Web Application Attacks, Netflows, Machine Learning, Natural Language Processing, Software Security.

Abstract: Web applications are the preferred means of accessing online services. They have been built quickly and can be left with vulnerabilities due to human error and inexperience, making them vulnerable to attacks. As a result, security analysts must analyse and react to countless threats and alerts. Such alerts can not provide sufficient information about the attack performed on the web application, which is crucial for a correct risk assessment and remediation measures. Network Intrusion Detection Systems (NIDS) have been used as a primary defence mechanism against web attacks. However, HTTPS, a widely adopted protocol in web applications, encrypts traffic, hindering NIDS’ efficiency in searching for network security threats and attacks. To enhance web application security, we present an approach that uses natural language processing (NLP) and machine learning (ML) algorithms to detect attacks through the analysis of network traffic (including HTTPS) and log-based payload contents. The a pproach employs anomaly detection by clustering netflows, and then NLP and supervised ML are used on the payload contents of anomalous netflows to identify attacks. Preliminary experiments have been made to detect SQL injection (SQLi), cross-site scripting (XSS), and directory traversal (DT) web attacks. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.144.249.63

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Branco, R. ; Cogo, V. and Medeiros, I. (2024). Towards a Web Application Attack Detection System Based on Network Traffic and Log Classification. In Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE; ISBN 978-989-758-696-5; ISSN 2184-4895, SciTePress, pages 692-699. DOI: 10.5220/0012722800003687

@conference{enase24,
author={Rodrigo Branco and Vinicius Cogo and Ibéria Medeiros},
title={Towards a Web Application Attack Detection System Based on Network Traffic and Log Classification},
booktitle={Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE},
year={2024},
pages={692-699},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012722800003687},
isbn={978-989-758-696-5},
issn={2184-4895},
}

TY - CONF

JO - Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE
TI - Towards a Web Application Attack Detection System Based on Network Traffic and Log Classification
SN - 978-989-758-696-5
IS - 2184-4895
AU - Branco, R.
AU - Cogo, V.
AU - Medeiros, I.
PY - 2024
SP - 692
EP - 699
DO - 10.5220/0012722800003687
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic