| With the development of the Internet,it has gradually become inseparable with everyone.At the same time,hacker technology is also evolving.Many criminals are destroying the Internet with all kinds of means,which brings unprecedented threats to people's property security and information security.The Web is the main carrier of malicious behavior.Of all the Web attacks,botnet is the most harmful and destructive,and SQL injection is the most common attack.Therefore,botnet and SQL injection have gradually become a hot research topic.This paper tries to detect botnet and SQL injection from massive HTTP traffic,and designs a Web threat intelligence system based on deep learning.The system integrates data acquisition,data analysis,deep learning,threat detection and threat display,and it is easy to implement and extensible.This paper focuses on two deep learning algorithms for threat detection.In the botnet detection,this paper proposes a MLP detection algorithm,and achieves good results;in the detection of SQL injection,this paper proposes a method based on two models of MLP and LSTM.Compared with LSTM,MLP performs better in precision,recall and rate of false positives;while LSTM model will also apply to detection of other threats because of its unique features. |
PDF Full Text Request