A Novel Web Attack Detection System for Internet of Things via Ensemble Classification

Internet of Things (IoT) has become one of the fastest-growing technologies and has been broadly applied in various fields. IoT networks contain millions of devices with the capability of interacting with each other and providing functionalities that were never available to us before. These IoT networks are designed to provide friendly and intelligent operations through big data analysis of information generated or collected from an abundance of devices in real time. However, the diversity of IoT devices makes the IoT networks’ environments more complex and more vulnerable to various web attacks compared to traditional computer networks. In this article, we propose a novel ensemble deep learning based web attack detection system (EDL-WADS) to alleviate the serious issues that IoT networks faces. Specifically, we have designed three deep learning models to first detect web attacks separately. We then use an ensemble classifier to make the final decision according to the results obtained from the three deep learning models. In order to evaluate the proposed WADS, we have performed experiments on a public dataset as well as a real-word dataset running in a distributed environment. Experimental results show that the proposed system can detect web attacks accurately with low false positive and negative rates.

[1]  J. MacQueen Some methods for classification and analysis of multivariate observations , 1967 .

[2]  Lawrence K. Saul,et al.  Beyond blacklists: learning to detect malicious web sites from suspicious URLs , 2009, KDD.

[3]  Gonzalo Alvarez,et al.  Applying feature selection to payload-based Web Application Firewalls , 2011, 2011 Third International Workshop on Security and Communication Networks (IWSCN).

[4]  Michalis Faloutsos,et al.  PhishDef: URL names say it all , 2010, 2011 Proceedings IEEE INFOCOM.

[5]  Sang-Soo Yeo,et al.  A novel method for SQL injection attack detection based on removing SQL query attribute values , 2012, Math. Comput. Model..

[6]  Xiangjian He,et al.  RePIDS: A multi tier Real-time Payload-based Intrusion Detection System , 2013, Comput. Networks.

[7]  Hsing-Kuo Kenneth Pao,et al.  Malicious URL filtering — A big data application , 2013, 2013 IEEE International Conference on Big Data.

[8]  Yong Ho Hwang IoT Security & Privacy: Threats and Challenges , 2015, IoTPTS@AsiaCCS.

[9]  Debabrata Kar,et al.  SQLiDDS: SQL Injection Detection Using Query Transformation and Document Similarity , 2015, ICDCIT.

[10]  Avinash Devare,et al.  A System for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis , 2016 .

[11]  Debabrata Kar,et al.  SQLiGoT: Detecting SQL injection attacks using graph of tokens and SVM , 2016, Comput. Secur..

[12]  Muhammad Ejaz Ahmed,et al.  Poster: Adversarial Examples for Classifiers in High-Dimensional Network Data , 2017, CCS.

[13]  Wei Ye,et al.  Anomaly-Based Web Attack Detection: A Deep Learning Approach , 2017, ICNCC.

[14]  Ananthram Swami,et al.  Practical Black-Box Attacks against Machine Learning , 2016, AsiaCCS.

[15]  Ming Zhang,et al.  A Deep Learning Method to Detect Web Attacks Using a Specially Designed CNN , 2017, ICONIP.

[16]  Konstantin Berlin,et al.  eXpose: A Character-Level Convolutional Neural Network with Embeddings For Detecting Malicious URLs, File Paths and Registry Keys , 2017, ArXiv.

[17]  Cheng Huang,et al.  WOVSQLI: Detection of SQL Injection Behaviors Using Word Vector and LSTM , 2018, ICCSP.

[18]  Hitoshi Iyatomi,et al.  Web application firewall using character-level convolutional neural network , 2018, 2018 IEEE 14th International Colloquium on Signal Processing & Its Applications (CSPA).

[19]  K. P. Soman,et al.  Detecting malicious domain names using deep learning approaches at scale , 2018, J. Intell. Fuzzy Syst..

[20]  Yu Qi,et al.  Locate-Then-Detect: Real-time Web Attack Detection via Attention-based Deep Neural Networks , 2019, IJCAI.

[21]  Binxing Fang,et al.  A Survey on Access Control in the Age of Internet of Things , 2020, IEEE Internet of Things Journal.

[22]  Xiaojiang Du,et al.  A Distributed Deep Learning System for Web Attack Detection on Edge Devices , 2020, IEEE Transactions on Industrial Informatics.

[23]  Dongwen Zhang,et al.  Nei-TTE: Intelligent Traffic Time Estimation Based on Fine-Grained Time Derivation of Road Segments for Smart City , 2020, IEEE Transactions on Industrial Informatics.

[24]  Mohan Li,et al.  Deep Reinforcement Learning for Partially Observable Data Poisoning Attack in Crowdsensing Systems , 2020, IEEE Internet of Things Journal.