IEEE Access (Jan 2021)

A Novel Data Augmentation Technique and Deep Learning Model for Web Application Security

  • Hacer Karacan,
  • Mehmet Sevri

DOI
https://doi.org/10.1109/ACCESS.2021.3125785
Journal volume & issue
Vol. 9
pp. 150781 – 150797

Abstract

Read online

Web applications are often exposed to attacks because of the critical information and valuable assets they host. In this study, Bi-LSTM based web application security models were developed in order to detect web attacks and classify them into binary or multiple classes using HTTP requests. A novel data augmentation technique based on the self-adapting noise adding method (DA-SANA) was developed. The DA-SANA method solves the low sensitivity problem caused by imbalanced data and the complex structure of multi-class classification in web attack detection. Experimental evaluations are carried out in detail using two benchmark web security datasets and a newly created dataset within the scope of the study. The achieved worst case detection rates are 98.34% and 93.91% for binary-class and multi-class classifications, respectively. The proposed DA-SANA technique provides an average of 6.52% improvement in multi-class classification for two datasets. These results revealed that the best classification performance values were achieved when compared with previous studies.

Keywords