An Ensemble Based Deep Learning Framework to Detect and Deceive XSS and SQL Injection Attacks | SpringerLink
Skip to main content
Springer Nature Link
Log in

An Ensemble Based Deep Learning Framework to Detect and Deceive XSS and SQL Injection Attacks

  • Conference paper
  • First Online:
Intelligent Information and Database Systems (ACIIDS 2022)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 13757))

Included in the following conference series:

  • 1194 Accesses

Abstract

Safeguarding websites is of utmost importance nowadays because of a wide variety of attacks being launched against them. Moreover, lack of security awareness and widespread use of traditional security solutions like simple Web Application Firewalls (WAFs) has further aggravated the problem. Researchers have moved towards employing sophisticated machine learning and deep learning based techniques to counter common web attacks like the SQL injection (SQLi) and Cross Site Scripting (XSS). Lately, keen interest has been taken in tackling these attacks through cyber deception. In this paper, we propose an ensemble based deep learning approach by combining Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM) models. This detection framework also contains a Session Maintenance Module (SMM) which maintains user state in an otherwise stateless protocol by analyzing cookies thereby providing further optimization. The proposed framework detects SQLi and XSS attacks with an accuracy of 99.83% and 99.47% respectively. Moreover, in order to engage attackers, a deception module based on dockers has been proposed which contains deceptive lures to engage the attacker. The deceptive module has the capability to detect zero-days and is more efficient when compared to other similar solutions.

Sponsored by the Higher Education Commission (HEC), Pakistan through its initiative of National Center for Cyber Security for the affiliated lab National Cyber Security Auditing and Evaluation Lab (NCSAEL), Grant No: 2(1078)/HEC/ME/2018/707.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 12583
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 15729
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Lindsay Liedke.: 100+ Internet Statistics and Facts for 2020. http://www.websitehostingrating.com/internet-statistics-facts/. Accessed 29 Mar 2021

  2. The Open Web Application Security Project.: OWASP Top Ten. http://owasp.org/www-project-top-ten/. Accessed 25 Mar 2021

  3. Clincy, V., Shahriar, H.: Web application firewall: network security models and configuration. In: 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), vol. 01, pp. 835–836 (2018)

    Google Scholar 

  4. Luo, C., Tan, Z., Min, G., Gan, J., Shi, W., Tian, Z.: A novel web attack detection system for internet of things via ensemble classification. IEEE Trans. Ind. Inform. 01, 1 (2020). https://doi.org/10.1109/TII.2020.3038761(2018)

  5. Niu, Q., Li, X.: A high-performance web attack detection method based on CNN-GRU model. In: 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), vol. 01, pp. 804–808 (2020). https://doi.org/10.1109/ITNEC48623.2020.9085028

  6. Giménez, C.T., Villegas, A.P., Marañón, G.Á.: HTTP DATASET CSIC 2010. http://www.isi.csic.es/dataset/. Accessed 8 Nov 2021

  7. Kim, T.-Y., Cho, S.: Web traffic anomaly detection using C-LSTM neural networks. Expert Syst. Appl. 106 (2018). https://doi.org/10.1016/j.eswa.2018.04.004

  8. Tekerek, A.: A novel architecture for web-based attack detection using convolutional neural network. Comput. Secur. 100, 102096 (2021). https://doi.org/10.1016/j.cose.2020.102096

  9. Pan, Y., et al.: Detecting web attacks with end-to-end deep learning. J. Internet Serv. Appl. 10 (2019). https://doi.org/10.1186/s13174-019-0115-x

  10. Mokbal, F.M.M., Dan, W., Imran, A., Jiuchuan, L., Akhtar, F., Xiaoxi, W.: MLPXSS: an integrated XSS-based attack detection scheme in web applications using multilayer perceptron technique. IEEE Access 7, 100567–100580 (2019). https://doi.org/10.1186/s13174-019-0115-x

  11. Shahid, W.B., Aslam, B., Abbas, H., Khalid, S.B., Afzal, H.: An enhanced deep learning based framework for web attacks detection, mitigation and attacker profiling. J. Netw. Comput. Appl. 198, 103270 (2022)

    Article  Google Scholar 

  12. Valicek, M., Schramm, G., Pirker, M., Schrittwieser, S.: Creation and integration of remote high interaction honeypots. In: 2017 International Conference on Software Security and Assurance (ICSSA), pp. 50–55 (2017). https://doi.org/10.1186/s13174-019-0115-x

  13. De Gaspari, F., Jajodia, S., Mancini, L.V., Panico, A.: AHEAD: A New Architecture for Active Defense, pp. 11–16. Association for Computing Machinery (2016). https://doi.org/10.1145/2994475.2994481

  14. Kyriakou, A., Sklavos, N.: Container-based honeypot deployment for the analysis of malicious activity. In: 2018 Global Information Infrastructure and Networking Symposium (GIIS), pp. 1–4 (2017). https://doi.org/10.1109/GIIS.2018.8635778

  15. The TON IoT Datasets. http://research.unsw.edu.au/projects/toniot-datasets. Accessed 7 Oct 2021

  16. Stratosphere Lab: A labeled dataset with malicious and benign IoT network traffic. http://www.stratosphereips.org/datasets-iot23. Accessed 4 Oct 2021

  17. sklearn.preprocessing.LabelEncoder. http://scikit-learn.org/stable/modules/generated/sklearn.preprocessing.LabelEncoder.html. Accessed 8 Nov 2021

  18. Polikar, R.: Ensemble Machine Learning, pp. 1–34. Springer, New York (2012). https://doi.org/10.1007/978-1-4419-9326-7

    Book  Google Scholar 

  19. Shahid, W.B., Aslam, B., Abbas, H., Afzal, H., Khalid, S.B.: A deep learning assisted personalized deception system for countering web application attacks. J. Inf. Secur. Appl. 67, 103169 (2022)

    Google Scholar 

  20. Mphago, B., Mpoeleng, D., Masupe, S.: Deception in web application honeypots: case of Glastopf. In: International Journal of Cyber-Security and Digital Forensics, vol. 6, pp. 179–185. The Society of Digital Information and Wireless Communications (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National University of Sciences and Technology, Islamabad, 44000, Pakistan

    Waleed Bin Shahid, Baber Aslam, Haider Abbas, Hammad Afzal & Imran Rashid

Authors
  1. Waleed Bin Shahid
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Baber Aslam
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Haider Abbas
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hammad Afzal
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Imran Rashid
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Waleed Bin Shahid .

Editor information

Editors and Affiliations

  1. Wrocław University of Science and Technology, Wrocław, Poland

    Ngoc Thanh Nguyen

  2. Vietnam National University, Ho Chi Minh City, Ho Chi Minh City, Vietnam

    Tien Khoa Tran

  3. Al-Farabi Kazakh National University, Almaty, Kazakhstan

    Ualsher Tukayev

  4. National University of Kaohsiung, Kaohsiung, Taiwan

    Tzung-Pei Hong

  5. Wrocław University of Science and Technology, Wrocław, Poland

    Bogdan Trawiński

  6. University of Newcastle, Newcastle, NSW, Australia

    Edward Szczerbicki

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bin Shahid, W., Aslam, B., Abbas, H., Afzal, H., Rashid, I. (2022). An Ensemble Based Deep Learning Framework to Detect and Deceive XSS and SQL Injection Attacks. In: Nguyen, N.T., Tran, T.K., Tukayev, U., Hong, TP., Trawiński, B., Szczerbicki, E. (eds) Intelligent Information and Database Systems. ACIIDS 2022. Lecture Notes in Computer Science(), vol 13757. Springer, Cham. https://doi.org/10.1007/978-3-031-21743-2_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-21743-2_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-21742-5

  • Online ISBN: 978-3-031-21743-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics