Skip to main content
SpringerLink
Log in

Weighted transformer neural network for web attack detection using request URL

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

Web application firewalls (WAFs) and other Intrusion Detection Systems (IDS) techniques are employed to defend the network against web attacks. Even so, attacks may succeed since most WAFs demand extensive configuration expertise that depends on filters. Despite notable successes, deep information has been utilized in varied applications. Still, it’s crucial to have a reliable method for detecting the attack due to the attacker’s various ways of concealment of the URLs. Several methods were introduced for detecting the attacks in web applications; still, the accuracy of detection and the computation burden are challenging aspects. Hence, a web attack detection mechanism is introduced in this research using the deep learning framework using the URL request. The proposed method utilizes a three-fold attack detection strategy to detect the attack with minimal computation complexity. Initially, the profile is checked to determine the genuinity of a user, and then, the bot scanners are identified using the generalized adversarial network (GAN). Finally, the attack detection is employed using the transformer neural network, wherein the adjustable parameters are modified using the weighted mean of vectors (INFO) optimization technique. The performance of a proposed method is evaluated based on various assessment measures like Accuracy, Precision, Recall, F-Measure, TPR, FPR, FNR and TNR and acquired the values of 99.97%, 99.96%, 99.97%, 99.97%, 99.97%, 0.03%, 0.03%, and 99.97% respectively.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Algorithm 1
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Data Availability

Data sharing is not applicable to this article.

References

  1. Inayat U, Zia MF, Mahmood S, Khalid HM, Benbouzid M (2022) Learning-based methods for cyber-attacks detection in IoT systems: a survey on methods, analysis, and future prospects. Electronics 11(9):1502

    Article  Google Scholar 

  2. Tian Z, Luo C, Qiu J, Du X, Guizani M (2019) A distributed deep learning system for web attack detection on edge devices. IEEE Trans Industr Inf 16(3):1963–1971

    Article  Google Scholar 

  3. Bozic J, Wotawa F (2020) Planning-based security testing of web applications with attack grammars. Software Qual J 28(1):307–334

    Article  Google Scholar 

  4. Ramotsoela DT, Hancke GP, Abu-Mahfouz AM (2023) Practical Challenges of Attack Detection in Microgrids Using Machine Learning. J Sens Actuator Netw 12(1):7

    Article  Google Scholar 

  5. Sadqi Y, Maleh Y (2022) A systematic review and taxonomy of web applications threats. Inf Secur J A Global Perspect 31(1):1–27

    Article  Google Scholar 

  6. Chakir O, Rehaimi A, Sadqi Y, Krichen M, Gaba GS, Gurtov A (2023) An empirical assessment of ensemble methods and traditional machine learning techniques for web-based attack detection in industry 50. J King Saud Univ-Comput Inf Sci 35(3):103–19

    Google Scholar 

  7. Liu T, Qi Y, Shi L, Yan J (2019) Locate-then-detect: real-time web attack detection via attention-based deep neural networks. In: Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence. AAAI Press, Macao, China, pp 4725–4731

  8. Mokbal FMM, Dan W, Imran A, Jiuchuan L, Akhtar F, Xiaoxi W (2019) MLPXSS: an integrated XSS-based attack detection scheme in web applications using multi-layer perceptron technique. IEEE Access 7:100567–100580

    Article  Google Scholar 

  9. Wu Y, Wei D, Feng J (2020) Network attacks detection methods based on deep learning techniques: a survey. Secur Commun Netw 2020:1–7

    Google Scholar 

  10. Mahmoud MS, Hamdan MM, Baroudi UA (2019) Modeling and control of cyber-physical systems subject to cyber-attacks: A survey of recent advances and challenges. Neurocomputing 338:101–115

    Article  Google Scholar 

  11. Cirillo S, Desiato D, Breve B (2019) CHRAVAT-chronology awareness visual analytic tool. In: 2019 23rd International Conference Information Visualisation (IV). IEEE, Paris, France, pp 255–260

  12. Breve B, Caruccio L, Cirillo S, Desiato D, Deufemia V, Polese G (2020) Enhancing user awareness during internet browsing. In: Italian Conference on Cybersecurity. ICC, Ancona, Italy, pp 71–81

  13. Cirillo S, Desiato D, Scalera M, Solimando G (2023) A visual privacy tool to help users in preserving social network data. In: Joint Proceedings of the Workshops, 9th International Symposium on End-User Development (IS-EUD 2023), Cagliari, Italy, June 6-8, 2023, vol 3408. CEUR, Cagliari, Italy

  14. Ustebay S, Turgut Z, Aydin MA (2019) Cyber attack detection by using neural network approaches: shallow neural network, deep neural network and autoencoder. In: International Conference on Computer Networks, CN 2019, Kamień Śląski, Poland, June 25–27, 2019, Proceedings In book: Computer Networks, vol 26. Springer International Publishing, Kamień Śląski, Poland, pp 144–155

  15. Pan Y, Sun F, Teng Z, White J, Schmidt DC, Staples J, Krause L (2019) Detecting web attacks with end-to-end deep learning. J Int Serv Appl 10(1):1–22

    Google Scholar 

  16. Wankhede S, Kshirsagar D (2018) DoS attack detection using machine learning and neural network. In: 2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA). IEEE, Pune, India, pp 1–5

  17. Alidoosti M, Nowroozi A, Nickabadi A (2020) Evaluating the web-application resiliency to business-layer DoS attacks. ETRI J 42(3):433–445

    Article  Google Scholar 

  18. Ch R, Gadekallu TR, Abidi MH, Al-Ahmari A (2020) Computational system to classify cyber crime offenses using machine learning. Sustain 12(10):4087

    Article  Google Scholar 

  19. Bout E, Loscri V, Gallais A (2021) How Machine Learning changes the nature of cyberattacks on IoT networks: A survey. IEEE Commun Surv Tutor 24(1):248–279

    Article  Google Scholar 

  20. Shaukat K, Luo S, Varadharajan V, Hameed IA, Xu M (2020) A survey on machine learning techniques for cyber security in the last decade. IEEE Access 8:222310–222354

    Article  Google Scholar 

  21. Asharf J, Moustafa N, Khurshid H, Debie E, Haider W, Wahab A (2020) A review of intrusion detection systems using machine and deep learning in Internet of things: Challenges, solutions and future directions. Electronics 9(7):1177

    Article  Google Scholar 

  22. Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for Internet of Things. Futur Gener Comput Syst 82:761–768

    Article  Google Scholar 

  23. Alaoui RL, Nfaoui EH (2022) Deep learning for vulnerability and attack detection on web applications: A systematic literature review. Fut Int 14(4):118

    Google Scholar 

  24. Shahid WB, Aslam B, Abbas H, Khalid SB, Afzal H (2022) An enhanced deep learning based framework for web attacks detection, mitigation and attacker profiling. J Netw Comput Appl 198:103270

    Article  Google Scholar 

  25. Tekerek A (2021) A novel architecture for web-based attack detection using convolutional neural network. Comput Secur 100:102096

    Article  Google Scholar 

  26. Seyyar YE, Yavuz AG, Ünver HM (2022) An attack detection framework based on BERT and deep learning. IEEE Access 10:68633–68644

    Article  Google Scholar 

  27. Gong X, Lu J, Zhou Y, Qiu H, He R (2021) Model uncertainty based annotation error fixing for web attack detection. J Signal Process Syst 93:187–199

    Article  Google Scholar 

  28. Luo C, Tan Z, Min G, Gan J, Shi W, Tian Z (2020) A novel web attack detection system for Internet of things via ensemble classification. IEEE Trans Industr Inf 17(8):5810–5818

    Article  Google Scholar 

  29. CSIC web application attack detection dataset. https://www.kaggle.com/datasets/ispangler/csic-2010-web-application.attacks?select=csic_database.csv. Accessed August 2023

  30. Sikder MNK, Nguyen MB, Elliott ED, Batarseh FA (2023) Deep H2O: Cyber attacks detection in water distribution systems using deep learning. J Water Process Eng 52:103568

    Article  Google Scholar 

  31. Diaba SY, Anafo T, Tetteh LA, Oyibo MA, Alola AA, Shafie-Khah M, Elmusrati M (2023) SCADA securing system using deep learning to prevent cyber infiltration. Neural Netw 165:321–332

    Article  Google Scholar 

  32. Ahmadianfar I, Heidari AA, Noshadian S, Chen H, Gandomi AH (2022) INFO: An efficient optimization algorithm based on weighted mean of vectors. Expert Syst Appl 195:116516

    Article  Google Scholar 

Download references

Funding

No funding is provided for the preparation of the manuscript.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Om Parkash Jogender Singh University, Churu, Rajasthan, 331303, India

    Kirti V. Deshpande & Jaibir Singh

Authors
  1. Kirti V. Deshpande
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jaibir Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors read and approved the final manuscript.

Corresponding author

Correspondence to Kirti V. Deshpande.

Ethics declarations

Conflict of Interest

Authors declare that they have no conflict of interest.

Ethical Approval

This article does not contain any studies with human participants or animals performed by any authors.

Consent to participate

All authors have agreed to participate in this submitted article.

Consent to Publish

All the authors involved in this manuscript give full consent for publication of this submitted article.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Deshpande, K.V., Singh, J. Weighted transformer neural network for web attack detection using request URL. Multimed Tools Appl 83, 43983–44007 (2024). https://doi.org/10.1007/s11042-023-17356-9

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-023-17356-9

Keywords

Search

Navigation