A Novel Data Augmentation Technique and Deep Learning Model for Web Application Security

Hacer Karacan; Mehmet Sevri

doi:10.1109/ACCESS.2021.3125785

IEEE Access (Jan 2021)

A Novel Data Augmentation Technique and Deep Learning Model for Web Application Security

Hacer Karacan,
Mehmet Sevri

Affiliations

Hacer Karacan: ORCiD; Computer Engineering Department, Faculty of Engineering, Gazi University, Ankara, Turkey
Mehmet Sevri: ORCiD; Informatics Institute, Gazi University, Ankara, Turkey

DOI: https://doi.org/10.1109/ACCESS.2021.3125785
Journal volume & issue: Vol. 9
pp. 150781 – 150797

Abstract

Read online

Web applications are often exposed to attacks because of the critical information and valuable assets they host. In this study, Bi-LSTM based web application security models were developed in order to detect web attacks and classify them into binary or multiple classes using HTTP requests. A novel data augmentation technique based on the self-adapting noise adding method (DA-SANA) was developed. The DA-SANA method solves the low sensitivity problem caused by imbalanced data and the complex structure of multi-class classification in web attack detection. Experimental evaluations are carried out in detail using two benchmark web security datasets and a newly created dataset within the scope of the study. The achieved worst case detection rates are 98.34% and 93.91% for binary-class and multi-class classifications, respectively. The proposed DA-SANA technique provides an average of 6.52% improvement in multi-class classification for two datasets. These results revealed that the best classification performance values were achieved when compared with previous studies.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords