dc.contributor.author | Seyyar, Yunus Emre | |
dc.contributor.author | Yavuz, Ali Gökhan | |
dc.contributor.author | Ünver, Halil Murat | |
dc.date.accessioned | 2022-11-15T08:05:45Z | |
dc.date.available | 2022-11-15T08:05:45Z | |
dc.date.issued | 2022 | en_US |
dc.identifier.citation | Deep Learning (DL) and Natural Language Processing (NLP) techniques are improving and enriching with a rapid pace. Furthermore, we witness that the use of web applications is increasing in almost every direction in parallel with the related technologies. Web applications encompass a wide array of use cases utilizing personal, financial, defense, and political information (e.g., wikileaks incident). Indeed, to access and to manipulate such information are among the primary goals of attackers. Thus, vulnerability of the information targeted by adversaries is a vital problem and if such information is captured then the consequences can be devastating, which can, potentially, become national security risks in the extreme cases. In this study, as a remedy to this problem, we propose a novel model that is capable of distinguishing normal HTTP requests and anomalous HTTP requests. Our model employs NLP techniques, Bidirectional Encoder Representations from Transformers (BERT) model, and DL techniques. Our experimental results reveal that the proposed approach achieves a success rate over 99.98% and an F1 score over 98.70% in the classification of anomalous and normal requests. Furthermore, web attack detection time of our model is significantly lower (i.e., 0.4 ms) than the other approaches presented in the literature. | en_US |
dc.identifier.uri | https://hdl.handle.net/20.500.12846/686 | |
dc.description.abstract | Deep Learning (DL) and Natural Language Processing (NLP) techniques are improving and enriching with a rapid pace. Furthermore, we witness that the use of web applications is increasing in almost every direction in parallel with the related technologies. Web applications encompass a wide array of use cases utilizing personal, financial, defense, and political information (e.g., wikileaks incident). Indeed, to access and to manipulate such information are among the primary goals of attackers. Thus, vulnerability of the information targeted by adversaries is a vital problem and if such information is captured then the consequences can be devastating, which can, potentially, become national security risks in the extreme cases. In this study, as a remedy to this problem, we propose a novel model that is capable of distinguishing normal HTTP requests and anomalous HTTP requests. Our model employs NLP techniques, Bidirectional Encoder Representations from Transformers (BERT) model, and DL techniques. Our experimental results reveal that the proposed approach achieves a success rate over 99.98% and an F1 score over 98.70% in the classification of anomalous and normal requests. Furthermore, web attack detection time of our model is significantly lower (i.e., 0.4 ms) than the other approaches presented in the literature. | en_US |
dc.language.iso | eng | en_US |
dc.publisher | IEEE | en_US |
dc.relation.isversionof | 10.1109/ACCESS.2022.3185748 | en_US |
dc.rights | info:eu-repo/semantics/openAccess | en_US |
dc.subject | Bit Error Rate | en_US |
dc.subject | Natural Language Processing | en_US |
dc.subject | Uniform Resource Locators | en_US |
dc.subject | Structured Query Language | en_US |
dc.subject | Bitfehlerrate | en_US |
dc.subject | Verarbeitung Natürlicher Sprache | en_US |
dc.subject | Einheitliche Ressourcenlokatoren | en_US |
dc.subject | Strukturierte Abfragesprache | en_US |
dc.subject | Bit Hata Oranı | en_US |
dc.subject | Doğal Dil İşleme | en_US |
dc.subject | Tekdüzen Kaynak Konum Belirleyicileri | en_US |
dc.subject | Yapılandırılmış Sorgu Dili | en_US |
dc.title | An attack detection framework based on BERT and deep learning | en_US |
dc.type | article | en_US |
dc.relation.journal | IEEE Access | en_US |
dc.contributor.authorID | 0000-0002-6490-0396 | en_US |
dc.identifier.volume | 10 | en_US |
dc.relation.publicationcategory | Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı | en_US |
dc.contributor.department | TAÜ, Mühendislik Fakültesi, Bilgisayar Mühendisliği Bölümü | en_US |
dc.contributor.institutionauthor | Yavuz, Ali Gökhan | |
dc.identifier.wosquality | Q2 | en_US |
dc.identifier.scopusquality | N/A | en_US |
dc.identifier.wos | WOS:000838524100001 | en_US |