摘要
当前,网络空间安全形势日益严重,这是因为网络攻击手段层出不穷。其中,跨站脚本(cross-site scripting,XSS)攻击和结构化查询语言(structured query language,SQL)注入攻击是2种较为常见的网络攻击方式。由于它们的有效载荷样式多样,导致传统的基于规则的检测以及基于特征的机器学习难以对其进行检测。为了提高对Web攻击的检测效果,降低人工提取特征的繁杂度,提出了一种基于双向长短期记忆神经网络的Web攻击检测方法:使用字符向量化提取Web攻击有效特征的序列,并映射到特征向量,嵌入向量到神经网络中,然后使用双向长短期记忆递归神经网络训练和测试模型。结果表明,该检测方法在真实数据集中的检测准确率达到99.35%,召回率达到99.49%,可以同时检测XSS攻击和SQL注入攻击。证明了这种基于深度学习的检测方法可以较大规模地应用于Web攻击感知平台中。
Currently,the network security situation is becoming increasingly severe because various methods of network attacks continue to emerge.Cross-site scripting(XSS)attacks and structured query language(SQL)injection attacks have been listed as two of the most common Web security vulnerabilities.The payload styles of these attacks are diverse,and traditional rule-based detection and feature-based machine learning are difficult to detect them.In order to improve the detection effect of Web attacks and reduce the complexity of manually extracting features,an approach to detect Web attacks based on bi-directional Long Short Term Memory(LSTM).We use character embedding to extract the sequence of web attack effective features,map them to feature vectors,embed the vectors into a neural network.Subsequently,we utilize a bidirectional long short-term memory recurrent neural network to train and test the model.The results show that the accuracy in the real dataset is 99.35%,and the recall reaches 99.49%.Moreover,this method could detect XSS and SQL Injection Attacks at the same time,which proves that this deep learning-based method can be applied to Web attack-aware platforms on a large scale.
作者
江一民
罗星宇
于淼
刘月铧
张玉彬
JIANG Yimin;LUO Xingyu;YU Miao;LIU Yuehua;ZHANG Yubin(Unit 31307 of the PLA,Chengdu 610051,China;Command&Control Engineering College,Army Engineering University of PLA,Nanjing 210007,China)
出处
《信息对抗技术》
2023年第1期55-65,共11页
Information Countermeasures Technology
关键词
XSS攻击
SQL注入攻击
双向长短期记忆神经网络
Web安全漏洞
深度学习
XSS attack
SQL injection attack
bi-directional long short term memory neural network
Web security vulnerabilities
deep learning
