Research And Implementation Of Web Injection Attack Detection System Based On Deep Learning

In the context of the new era of highly digitalization and information,new Internet technologies and artificial intelligence have profoundly changed people's production and lifestyles.Traditional network security detection technology has become weaker and weaker in the context of increasingly complex network environments in the new era.Deep learning technology has begun to play an important role in the field of network security.Web technology has brought great convenience to human development,and it has also caused endless security problems.There are many types of attacks against Web applications,and they are very harmful.Common injection attacks include SQL injection,XSS attack,and Command injection.Based on the attack detection of SQL injection and XSS attacks,this thesis adds the research and detection of Command injection attacks,which are also very harmful and common,and proposes a multi-class detection method for Web injection attacks,and designs and implements a set of web attack detection system.The specific content includes:In this thesis,we use URL and POST Body in web request traffic to extract features and combine deep learning technology to detect and multi-classify web injection attacks.First of all,in view of the uneven distribution of training samples for Command injection attacks and low detection accuracy,a sample generation method is proposed.This method can formally model Command injection attacks and generate effective samples,which effectively solves the problem of training.Overfitting caused by unbalanced samples.Experimental results prove that this method improves the accuracy of Command injection attack detection and reduces the false alarm rate.Secondly,a feature fusion model with stronger expressive ability is proposed to effectively fuse the features extracted by deep learning and the discrete features extracted manually.The experimental results show that compared with the traditional deep learning model,the accuracy of the feature fusion model proposed in this paper is improved by about 1%,and it has a better classification effect.This thesis designs and implements a complete attack detection system that can collect,store,and real-time Web injection attack detection on traffic request data in a real network environment.In order to test the detection effect of the detection system in actual scenes,this thesis carries out distributed deployment in real machines and network environments,and uses multiple network security tools to carry out real attacks on the target system.The system test results show that the attack detection rate is close Less than 100%,indicating that the detection system has excellent Web injection attack detection capabilities in the actual network environment.