This paper proposes an anomaly detection model based on the reconstruction error to detect malicious requests in a Web application. Our model combines a multi-head attention network and gated convolution network to capture the pattern of a normal request. Moreover, we use a novel segmentation method to enhance the structural representation of a request and embed a raw request into a feature matrix. The result of this experiment indicates that our model has good ability to distinguish between normal and abnormal requests.
