Research And Application Of Web Attack Detection Model Based On Deep Learning

With the advancement of science and technology,the Internet industry has developed rapidly.A large part of online services are provided by Web applications,which extend to almost every area of people's daily lives.In the era of big data development,the number of Web pages has increased dramatically.And the personal privacy and other sensitive data need to be provided,when using the online services based on Web applications,this operation results in a large amount of sensitive data being transmitted and processed by Web pages.There are vulnerabilities in the web application,owing to incomplete consideration in the development process of the web application or failure to do a good job in security testing when the program is launched.The existence of vulnerabilities gives the attacker an opportunity that they can exploit the web vulnerability to attack the user,which will cause huge losses to users.Therefore,the detection of Web application attacks is particularly important.Traditional Web attack detection methods often have some questions,such as extracting signatures of attack data is not easy,the coverage of attack detection is not comprehensive,and high requirements on the technical capabilities of the testing person.Although shallow machine learning has some advantages over traditional detection methods,the extraction of statistical features still requires rich practical experience,and machine learning methods are not suitable for large amounts of data detection.In view of the shortcomings of these detection methods,this paper proposes a web attack detection method based on deep learning.The one-dimensional DCNN could process timing problem quickly,and the GRU model could process context problems which have long time dependence relationship.In order to improve the efficiency of detection of the Web attack,these two deep learning models was combined based on their ability,and a Web attack detection method is proposed based on DCNN-GRU model.Among the types of web attacks,the most frequent attacks are XSS attacks and SQL injection attacks,these two web attack types account for the heaviest proportion.So,in order to verify the feasibility and practical significance of the DCNN-GRU model in web attack detection,the article uses data sets of XSS attacks and SQL injection attacks.Firstly,the raw data was standardized,and it could transform into feature vectors aim to fit the deep learning network models.Secondly,disposing feature vectors by the convolutional layer and the pooling layer.And the GRU layer is used as a gating mechanism to preserve the dependencies between the codes.Finally,using the fully connected layer to complete the normalization process,and achieve the attack detection by using the softmax classifier to realize classification.The experimental results prove the effectiveness of the attack detection method proposed in this paper.The specific work is as follows:The attack principle and attack method of XSS and SQL injection are introduced in detail.Simultaneously,research on the detection principle and practical application of traditional Web attack detection methods.And studied the algorithm principle of convolutional neural network,recurrent neural network,long-short-term memory network and gated recurrent network.a hybrid neural network DCNN-GRU model for research on Web attack detection is proposed,Based on the advantages and disadvantages of these four deep learning algorithms in the process of text classification.Describe the network structure of the DCNN-GRU model and the evaluation indicators used to test the performance of the model in detail.Get the data set of XSS attack and SQL injection attack from the Git Hub open source project.The data set is subjected to normalization,word segmentation,and vectorize with the Word2 vec model,and finally get a vector data set that can be input into the DCNN-GRU model.Use the training data to train the DCNN-GRU model,and adjust the training parameters during the training process,and at last verify the detection effect of the model with the test data.Making the comparative experiments with DCNN,LSTM,and GRU models using the same data in this paper,and the experimental results show that the detection results of the DCNN-GRU model are better than the single model of DCNN,LSTM,and GRU,with the shortest training time and the highest score of accuracy,precision,recall and F1 values.In order to verify the performance of the deep learning model in attack detection,also make the comparative experiments with the support vector machine and k-Nearest Neighbor algorithm in machine learning,and compare the evaluation indicators value.Finally,it proves the feasibility and effectiveness of the deep learning model proposed for Web attack detection in this paper.