Abstract
Code injection-based attacks like cross-site scripting (XSS) and Structured Query Language Injection (SQLi) are among the most critical security issues for web applications. Web application firewalls (WAFs) are installed to defend against injection attacks. The WAF has a predefined rule set to detect malicious content in HTTP requests. Nevertheless, attackers use cleverly crafted payload modifications to evade such rule sets. This project presents a novel approach that extracts user inputs from HTTP requests to find sophisticated XSS and SQLi attack vectors. The proposed solution is a two-tier securing mechanism that uses both a deep learning model called Bidirectional Encoder Representations from Transformers (BERT), which is fine-tuned to classify SQLi and XSS attacks, and a context-aware classifier which looks for a change in the structure of the intended query to detect SQL injections. This work is a server-side solution and implemented as a reverse proxy thus requiring no changes in the server code. The BERT model achieves detection accuracy of 98.98% and a precision rate of 99.14% on a real-world dataset after fivefold cross-validation. Also, the context-aware classifier produced zero false positives and false negatives during testing.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
T. Beery, N. Niv, Web Application Attack Report (2013)
O.C. Abikoye, A. Abubakar, A. Haruna Dokoro, O. Noah Akande, A. Anthonia Kayode, A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm. EURASIP J. Inform. Secur. 2020(1), 1–14 (2020)
F.M.M. Mokbal, W. Dan, A. Imran, L. Jiuchuan, F. Akhtar, W. Xiaoxi, MLPXSS: an integrated XSS-based attack detection scheme in web applications using multilayer perceptron technique. IEEE Access 7, 100567–110058 (2019)
Y. Zhou, P. Wang, An ensemble learning approach for XSS attack detection with domain knowledge and threat intelligence. Comput. Secur. 82, 261–269 (2019)
N. Galbreath, Libinjection. Blackhat (2012). https://github.com/client9/libinjection
T. Liu, Y. Qi, L. Shi, J. Yan, Locate-then-detect: real-time web attack detection via attention-based deep neural networks. IJCAI 4725–4731 (2019)
S.F. Hidhaya, A. Geetha, Intrusion protection against SQL injection and cross site scripting attacks using a reverse proxy, in International Conference on Security in Computer Networks and Distributed Systems (Springer, Berlin, Heidelberg, 2012), pp. 252–263
A. Makiou, Y. Begriche, A. Serhrouchni, Improving web application firewalls to detect advanced SQL injection attacks, in 2014 10th International Conference on Information Assurance and Security. IEEE (2014), pp. 35–40
S. Nagasundari, P.B. Honnavali, SQL injection attack detection using ResNet, in 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT). IEEE (2019), pp. 1–7
J. Devlin, M.W. Chang, K. Lee, K. Toutanova, BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding (2018). arXiv preprint arXiv:1810.04805
D. Chen, Q. Yan, C. Wu, J. Zhao, School of Cyberspace Security, Chengdu University of Information Technology, Chengdu, China
Y. Fang, Y. Li, L. Liu, C. Huang, DeepXSS: cross site scripting detection based on deep learning, in Proceedings of the 2018 International Conference on Computing and Artificial Intelligence (2018), pp. 47–51
https://github.com/crawl3r/PortswiggerXSS/blob/master/payloads.txt
https://github.com/grananqvist/Machine-Learning-Web-Application-Firewall-and-Dataset/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Matam, V., Shankaranarayana Hebbar, H.S., Jha, P., Bhat, A., Nagasundari, S., Honnavalli, P.B. (2022). Two-Tier Securing Mechanism Against Web Application Attacks. In: Peter, J.D., Fernandes, S.L., Alavi, A.H. (eds) Disruptive Technologies for Big Data and Cloud Applications. Lecture Notes in Electrical Engineering, vol 905. Springer, Singapore. https://doi.org/10.1007/978-981-19-2177-3_73
Download citation
DOI: https://doi.org/10.1007/978-981-19-2177-3_73
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-2176-6
Online ISBN: 978-981-19-2177-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)