Skip to main content
SpringerLink
Log in

Model Uncertainty Based Annotation Error Fixing for Web Attack Detection

  • Published:
Journal of Signal Processing Systems Aims and scope Submit manuscript

Abstract

Deep learning (DL) techniques have been widely used in web attack detection domain. With the stronger ability to fit data, DL models are also more sensitive to the training data, annotation errors can mislead the model training very easily. In our work, we propose model uncertainty to evaluate the prediction made by the DL based web attack model. Model uncertainty helps to find the annotation errors and also the misclassification caused by these errors. Experiments on two real web log datasets and a public benchmark dataset prove that our method can find more annotation errors than the traditional DL method. We also prove the efficiency of our detection model: with the aid of GPU acceleration, it is capable of tackling attacks on the fly.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12
Figure 13
Figure 14
Figure 15
Figure 16

Similar content being viewed by others

Notes

  1. https://github.com/PHPIDS/PHPIDS/blob/master/lib/IDS/default_filter.xml

  2. https://www.alexa.com

References

  1. Qiu, H., Noura, H., Qiu, M., Ming, Z., Memmi, G. (2019). A user-centric data protection method for cloud storage based on invertible dwt. IEEE Transactions on Cloud Computing.

  2. Gai, K., Qiu, M., Zhao, H., Xiong, J. (2016). Privacy-aware adaptive data encryption strategy of big data in cloud computing. In 2016 IEEE 3Rd International Conference on Cyber Security and Cloud Computing (CSCloud) (pp. 273–278). IEEE.

  3. Shan, S. (2014). Big data classification: Problems and challenges in network intrusion prediction with machine learning. Acm Sigmetrics Performance Evaluation Review, 41(4), 70–73.

    Article  Google Scholar 

  4. Stein, G., Chen, B., Annie, S.W., Hua, K.A. (2005). Decision tree classifier for network intrusion detection with ga-based feature selection. In Southeast Regional Conference (pp. 136–141).

  5. Mukkamala, S., Janoski, G., Sung, A. (2002). Intrusion detection using neural networks and support vector machines. In International Joint Conference on Neural Networks (pp. 1702–1707).

  6. Barlow, H.B. (1989). Unsupervised learning. Neural Computation, 1(3), 295–311.

    Article  Google Scholar 

  7. Hendry, G.R., & Yang, S.J. (2008). Intrusion signature creation via clustering anomalies. Proc Spie, 6973, 69–730.

    Google Scholar 

  8. Kalchbrenner, N., Grefenstette, E., Blunsom, P. (2014). A convolutional neural network for modelling sentences. Eprint Arxiv, 1.

  9. Kim, Y., Jernite, Y., Sontag, D., Rush, A.M. (2015). Character-aware neural language models. Computer Science.

  10. Donahue, J., Hendricks, L.A., Guadarrama, S., Rohrbach, M., Venugopalan, S., Saenko, K., Darrell, T. (2015). Long-term recurrent convolutional networks for visual recognition and description. In The IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

  11. Le, T.T.H., Kim, J., Kim, H. (2017). An effective intrusion detection classifier using long short-term memory with gradient descent optimization. In 2017 International Conference on Platform Technology and Service (platcon) (pp. 1–6).

  12. Vartouni, A.M., Kashi, S.S., Teshnehlab, M. (s2018). An anomaly detection method to detect web attacks using stacked auto-encoder. In 2018 6Th Iranian Joint Congress on Fuzzy and Intelligent Systems (CFIS) (pp. 131–134).

  13. Chen, Y., Fang, H., Xu, B., Yan, Z., Kalantidis, Y., Rohrbach, M., Yan, S., Feng, J. (2019). Drop an octave: Reducing spatial redundancy in convolutional neural networks with octave convolution. arXiv:1904.05049.

  14. Kim, Y. (2014). Convolutional neural networks for sentence classification. Eprint Arxiv.

  15. Lin, M.-S., Chiu, C.-Y., Lee, Y.-J., Pao, H.-K. (2013). Malicious url filtering—a big data application. In 2013 IEEE International Conference on Big Data (pp. 589–596). IEEE.

  16. Lee, W., Stolfo, S.J., Mok, K.W. (1999). A data mining framework for building intrusion detection models. In Proceedings of the IEEE Symposium on Security and Privacy (pp. 120–132). IEEE.

  17. Zhang, M., Xu, B., Bai, S., Lu, S., Lin, Z. (2017). A deep learning method to detect web attacks using a specially designed cnn. In Neural Information Processing (pp. 828–836).

  18. Saxe, J., & Berlin, K. (2017). Expose: A character-level convolutional neural network with embeddings for detecting malicious urls, file paths and registry keys. arXiv:1702.08568.

  19. Zheng, H., Wang, Y., Han, C., Le, F., He, R., Lu, J. (2018). Learning and applying ontology for machine learning in cyber attack detection. In 17Th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (trustcom), 2018.

  20. Goodfellow, I.J., Shlens, J., Szegedy, C. (2014). Explaining and harnessing adversarial examples. arXiv:1412.6572.

  21. Bishop, C.M. (2006). Pattern Recognition and Machine Learning (Information Science and Statistics). Springer.

  22. Gal, Y. (2016). Uncertainty in deep learning. Phd thesis, PhD thesis, University of Cambridge.

  23. Kingma, D.P., Salimans, T., Welling, M. (2015). Variational dropout and the local reparameterization trick. In Advances in Neural Information Processing Systems (pp. 2575–2583).

  24. Kumar, S., & Spafford, E.H. (1994). A pattern matching model for misuse intrusion detection. Computers & Security.

  25. Yin, C., Zhu, Y., Fei, J., He, X. (2017). A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access, 5, 21954–21961.

    Article  Google Scholar 

  26. Qiu, H, Qiu, M, Lu, Z, Memmi, G. (2019). An efficient key distribution system for data fusion in v2X heterogeneous networks. Information Fusion, 50, 212–220.

    Article  Google Scholar 

  27. Sung, A.H., & Mukkamala, S. (2003). Identifying important features for intrusion detection using support vector machines and neural networks. In Null, (p 209). IEEE.

  28. Farnaaz, N., & Jabbar, M.A. (2016). Random forest modeling for network intrusion detection system. Procedia Computer Science, 89, 213–217.

    Article  Google Scholar 

  29. Pham, T. S., Hoang, T. H., Vu, V. C. (Oct 2016). Machine learning techniques for web intrusion detection #x2014; a comparison. In 2016 Eighth International Conference on Knowledge and Systems Engineering (KSE) (pp. 291–297).

  30. Csic 2010 http dataset. http://www.isi.csic.es/dataset/.

  31. Gao, Y., Ma, Y., Li, D. (2017). Anomaly detection of malicious users’ behaviors for web applications based on web logs. In 2017 IEEE 17Th International Conference on Communication Technology (ICCT) (pp. 1352–1355).

  32. Yu, J., Tao, D., Lin, Z. (2016). A hybrid web log based intrusion detection model. In: 2016 4Th International Conference on Cloud Computing and Intelligence Systems (CCIS) (pp. 356–360).

  33. Krizhevsky, A., Sutskever, I., Hinton, G.E. (2012). Imagenet classification with deep convolutional neural networks. In Advances in Neural Information Processing Systems (pp. 1097–1105).

  34. Srivastava, N., Hinton, G., Krizhevsky, A., Sutskever, I., Salakhutdinov, R. (2014). Dropout: a simple way to prevent neural networks from overfitting. The Journal of Machine Learning Research, 15(1), 1929–1958.

    MathSciNet  MATH  Google Scholar 

  35. Gal, Y., & Ghahramani, Z. (2016). Dropout as a bayesian approximation: representing model uncertainty in deep learning. In International Conference on International Conference on Machine Learning.

  36. Gong, X., Zhou, Y., Bi, Y., He, M., Sheng, S., Qiu, H., He, R., Lu, J. (2019). Estimating web attack detection via model uncertainty from inaccurate annotation. In The 6th IEEE International Conference on Cyber Security and Cloud Computing 2019, June 2019.

  37. Kingma, D.P., & Adam, J.B. (2014). A method for stochastic optimization. arXiv:1412.6980.

Download references

Author information

Authors and Affiliations

  1. SJTU-ParisTech Elite Institute of Technology, Shanghai Jiao Tong University, Minhang, China

    Xinyu Gong, Jialiang Lu & Yuefu Zhou

  2. Telecom-ParisTech, Palaiseau, France

    Han Qiu

  3. Tencent, Shenzhen, China

    Ruan He

Authors
  1. Xinyu Gong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jialiang Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yuefu Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Han Qiu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ruan He
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jialiang Lu.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gong, X., Lu, J., Zhou, Y. et al. Model Uncertainty Based Annotation Error Fixing for Web Attack Detection. J Sign Process Syst 93, 187–199 (2021). https://doi.org/10.1007/s11265-019-01494-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11265-019-01494-1

Keywords

Search

Navigation