A new multi-label dataset for Web attacks CAPEC classification using machine learning techniques
Autor:
Sureda Riera, Tomás
; Bermejo Higuera, Juan Ramón
; Bermejo-Higuera, Javier
; Martínez Herraiz, José-Javier
; Sicilia, Juan Antonio
Fecha:
2022Palabra clave:
Revista / editorial:
Computers & SecurityCitación:
Riera, T. S., Higuera, J. R. B., Higuera, J. B., Herraiz, J. J. M., & Montalvo, J. A. S. (2022). A new multi-label dataset for Web attacks CAPEC classification using machine learning techniques. Computers & Security, 120, 102788Tipo de Ítem:
Articulo Revista IndexadaResumen:
Context: There are many datasets for training and evaluating models to detect web attacks, labeling each request as normal or attack. Web attack protection tools must provide additional information on the type of attack detected, in a clear and simple way. Objectives: This paper presents a new multi-label dataset for classifying web attacks based on CAPEC classification, a new way of features extraction based on ASCII values, and the evaluation of several combinations of models and algorithms. Methods: Using a new way to extract features by computing the average of the sum of the ASCII values of each of the characters in each field that compose a web request, several combinations of algorithms (LightGBM and CatBoost) and multi-label classification models are evaluated, to provide a complete CAPEC classification of the web attacks that a system is suffering. The training and test data used for training and evaluating the models come from the new SR-BH 2020 multi-label dataset. Results: Calculating the average of the sum of the ASCII values of the different characters that make up a web request shows its usefulness for numeric encoding and feature extraction. The new SR-BH 2020 multi-label dataset allows the training and evaluation of multi-label classification models, also allowing the CAPEC classification of the various attacks that a web system is undergoing. The combination of the two-phase model with the MultiOutputClassifier module of the scikit-learn library, together with the CatBoost algorithm shows its superiority in classifying attacks in the different criticality scenarios. Conclusion: Experimental results indicate that the combination of machine learning algorithms and multi-phase models leads to improved prediction of web attacks. Also, the use of a multi-label dataset is suitable for training learning models that provide information about the type of attack. (c) 2022 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license ( http://creativecommons.org/licenses/by/4.0/ )
Ficheros en el ítem
Este ítem aparece en la(s) siguiente(s) colección(es)
Estadísticas de uso
Año |
2012 |
2013 |
2014 |
2015 |
2016 |
2017 |
2018 |
2019 |
2020 |
2021 |
2022 |
2023 |
2024 |
Vistas |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
117 |
158 |
Descargas |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
256 |
297 |
Ítems relacionados
Mostrando ítems relacionados por Título, autor o materia.
-
Prevention and fighting against web attacks through anomaly detection technology. A systematic review
Sureda Riera, Tomás; Bermejo Higuera, Juan Ramón ; Bermejo-Higuera, Javier ; Martínez Herraiz, José-Javier; Sicilia, Juan Antonio (Sustainability (Switzerland), 01/06/2020)Numerous techniques have been developed in order to prevent attacks on web servers. Anomaly detection techniques are based on models of normal user and application behavior, interpreting deviations from the established ... -
Systematic Approach for Web Protection Runtime Tools’ Effectiveness Analysis
Sureda Riera, Tomás; Bermejo Higuera, Juan Ramón; Bermejo-Higuera, Javier; Sicilia, Juan Antonio; Martínez Herraiz, José-Javier (CMES - Computer Modeling in Engineering and Sciences, 2022)Web applications represent one of the principal vehicles by which attackers gain access to an organization’s network or resources. Thus, different approaches to protect web applications have been proposed to date. Of them, ... -
Combinatorial method with static analysis for source code security in web applications
Bermejo Higuera, Juan Ramón ; Bermejo-Higuera, Javier ; Sicilia, Juan Antonio ; Sureda Riera, Tomás; Argyros, Christopher I.; Magreñán, Á. Alberto (Tech Science Press, 2021)Security weaknesses in web applications deployed in cloud architectures can seriously affect its data confidentiality and integrity. The construction of the procedure utilized in the static analysis tools of source code ...