A Distributed Deep Learning System for Web Attack Detection on Edge Devices

With the development of Internet of Things (IoT) and cloud technologies, numerous IoT devices and sensors transmit huge amounts of data to cloud data centers for further processing. While providing us considerable convenience, cloud-based computing and storage also bring us many security problems, such as the abuse of information collection and concentrated web servers in the cloud. Traditional intrusion detection systems and web application firewalls are becoming incompatible with the new network environment, and related systems with machine learning or deep learning are emerging. However, cloud-IoT systems increase attacks against web servers, since data centralization carries a more attractive reward. In this article, based on distributed deep learning, we propose a web attack detection system that takes advantage of analyzing URLs. The system is designed to detect web attacks and is deployed on edge devices. The cloud handles the above challenges in the paradigm of the Edge of Things. Multiple concurrent deep models are used to enhance the stability of the system and the convenience in updating. We implemented experiments on the system with two concurrent deep models and compared the system with existing systems by using several datasets. The experimental results with 99.410% in accuracy, 98.91% in true positive rate (TPR), and 99.55% in detection rate of normal requests (DRN) demonstrate the system is competitive in detecting web attacks.

[1]  Hua Liu,et al.  Watch Me, but Don't Touch Me! Contactless Control Flow Monitoring via Electromagnetic Emanations , 2017, CCS.

[2]  Abien Fred Agarap A Neural Network Architecture Combining Gated Recurrent Unit (GRU) and Support Vector Machine (SVM) for Intrusion Detection in Network Traffic Data , 2017, ICMLC.

[3]  Mohsen Guizani,et al.  Transactions papers a routing-driven Elliptic Curve Cryptography based key management scheme for Heterogeneous Sensor Networks , 2009, IEEE Transactions on Wireless Communications.

[4]  William J. Buchanan,et al.  Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention , 2017, 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM).

[5]  Jiankun Hu,et al.  Cloud-Based Approximate Constrained Shortest Distance Queries Over Encrypted Graphs With Privacy Protection , 2018, IEEE Transactions on Information Forensics and Security.

[6]  Shen Su,et al.  Real-Time Lateral Movement Detection Based on Evidence Reasoning Network for Edge Computing Environment , 2019, IEEE Transactions on Industrial Informatics.

[7]  Gonzalo Álvarez,et al.  Combining expert knowledge with automatic feature extraction for reliable web attack detection , 2015, Secur. Commun. Networks.

[8]  Feifei Li,et al.  DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning , 2017, CCS.

[9]  Ke Zhang,et al.  Artificial Intelligence Inspired Transmission Scheduling in Cognitive Vehicular Communications and Networks , 2019, IEEE Internet of Things Journal.

[10]  Mohsen Guizani,et al.  A data-driven method for future Internet route decision modeling , 2019, Future Gener. Comput. Syst..

[11]  Danny Hendler,et al.  Detecting Malicious PowerShell Commands using Deep Neural Networks , 2018, AsiaCCS.

[12]  P. C. Gopi,et al.  A Survey Of Key Management Schemes In Wireless Sensor Networks , 2013 .

[13]  Jason R. C. Nurse,et al.  A New Take on Detecting Insider Threats: Exploring the Use of Hidden Markov Models , 2016, MIST@CCS.

[14]  Wei Ye,et al.  Anomaly-Based Web Attack Detection: A Deep Learning Approach , 2017, ICNCC.

[15]  Xiaojiang Du,et al.  Internet Protocol Television (IPTV): The Killer Application for the Next-Generation Internet , 2007, IEEE Communications Magazine.

[16]  Muhammad Ejaz Ahmed,et al.  Poster: Adversarial Examples for Classifiers in High-Dimensional Network Data , 2017, CCS.

[17]  Hitoshi Iyatomi,et al.  Web application firewall using character-level convolutional neural network , 2018, 2018 IEEE 14th International Colloquium on Signal Processing & Its Applications (CSPA).

[18]  Konstantin Berlin,et al.  Deep neural network based malware detection using two dimensional binary program features , 2015, 2015 10th International Conference on Malicious and Unwanted Software (MALWARE).

[19]  Jian Sun,et al.  Deep Residual Learning for Image Recognition , 2015, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[20]  Mark A. Hall,et al.  Correlation-based Feature Selection for Machine Learning , 2003 .

[21]  Xiaojiang Du,et al.  Security in wireless sensor networks , 2008, IEEE Wireless Communications.

[22]  Ming Zhang,et al.  A Deep Learning Method to Detect Web Attacks Using a Specially Designed CNN , 2017, ICONIP.

[23]  Liehuang Zhu,et al.  Reliable and Privacy-Preserving Truth Discovery for Mobile Crowdsensing Systems , 2021, IEEE Transactions on Dependable and Secure Computing.

[24]  Dong Hoon Lee,et al.  Data-mining based SQL injection attack detection using internal query trees , 2014, Expert Syst. Appl..

[25]  Mohsen Guizani,et al.  Privacy-Preserving DDoS Attack Detection Using Cross-Domain Traffic in Software Defined Networks , 2018, IEEE Journal on Selected Areas in Communications.

[26]  Jeffrey Dean,et al.  Efficient Estimation of Word Representations in Vector Space , 2013, ICLR.

[27]  Ananthram Swami,et al.  Practical Black-Box Attacks against Machine Learning , 2016, AsiaCCS.

[28]  Zhenlong Yuan,et al.  Droid-Sec: deep learning in android malware detection , 2015, SIGCOMM 2015.