Litcius/Paper detail

Detecting command injection attacks in web applications based on novel deep learning methods

X. J. Wang, Jiqiang Zhai, Hailu Yang

2024Scientific Reports13 citationsDOIOpen Access PDF

Abstract

Web command injection attacks pose significant security threats to web applications, leading to potential server information leakage or severe server disruption. Traditional detection methods struggle with the increasing complexity and obfuscation of these attacks, resulting in poor identification of malicious code, complicated feature extraction processes, and low detection efficiency. To address these challenges, a novel detection model, the Convolutional Channel-BiLSTM Attention (CCBA) model, is proposed, leveraging deep learning techniques to enhance the identification of web command injection attacks. The model utilizes dual CNN convolutional channels for comprehensive feature extraction and employs a BiLSTM network for bidirectional recognition of temporal features. An attention mechanism is also incorporated to assign weights to critical features, improving the model's detection performance. Experimental results demonstrate that the CCBA model achieves 99.3% accuracy and 98.2% recall on a real-world dataset. To validate the robustness and generalization of the model, tests were conducted on two widely recognized public cybersecurity datasets, consistently achieving over 98% accuracy. Compared to existing methods, the proposed model offers a more effective solution for identifying web command injection attacks.

Topics & Concepts

Computer scienceDeep WebDeep learningWorld Wide WebArtificial intelligenceThe InternetNetwork Security and Intrusion DetectionAdvanced Malware Detection TechniquesWeb Application Security Vulnerabilities
Detecting command injection attacks in web applications based on novel deep learning methods | Litcius