[1]范禹辰,刘相坤,朱建生,等.基于 BERT 的服务网站 Web 攻击检测研究[J].计算机技术与发展,2022,32(08):168-173.[doi:10. 3969 / j. issn. 1673-629X. 2022. 08. 027]
 FAN Yu-chen,LIU Xiang-kun,ZHU Jian-sheng,et al.Research on Web Attack Detection of Service Website Based on BERT[J].,2022,32(08):168-173.[doi:10. 3969 / j. issn. 1673-629X. 2022. 08. 027]
点击复制

基于 BERT 的服务网站 Web 攻击检测研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
32
期数:
2022年08期
页码:
168-173
栏目:
应用前沿与综合
出版日期:
2022-08-10

文章信息/Info

Title:
Research on Web Attack Detection of Service Website Based on BERT
文章编号:
1673-629X(2022)08-0168-06
作者:
范禹辰1刘相坤2朱建生2蒋秋华2李 琪2徐东平2
1. 中国铁道科学研究院研究生部,北京 100081;
2. 中国铁道科学研究院集团有限公司电子计算技术研究所,北京 100081
Author(s):
FAN Yu-chen1LIU Xiang-kun2ZHU Jian-sheng2JIANG Qiu-hua2LI Qi2XU Dong-ping2
1. Postgraduate Department,China Academy of Railway Sciences,Beijing 100081,China;
2. Institute of Electronic Computing Technology,China Academy of Railway Sciences Corporation Limited,Beijing 100081,China
关键词:
web 攻击检测BERT 模型LSTM 模型Transformer 模型深度学习
Keywords:
web attack detectionBERTLSTMTransformerdeep learning
分类号:
TP391
DOI:
10. 3969 / j. issn. 1673-629X. 2022. 08. 027
摘要:
传统基于规则的 web 攻击检测方法需要人工设计添加规则,规则较多时消耗的计算资源会增长并降低检测效率,且无法识别未知攻击;近年基于深度学习的 web 攻击检测相关研究大多仅对 http 请求的 url 及参数部分进行检测,会遗漏部分存在于 http 请求其余字段的恶意攻击。 针对上述问题,该文基于 BERT 提出了两种对 http 请求进行全量检测的 web攻击检测方法,对 BERT 提出改进,基于其表征输出分别在网络后增加 LSTM 和 Transformer,用于融合特征使 BERT 支持长文本的输入。 两种检测模型均使用服务网站真实数据集作为训练集,使用网站真实数据集的测试集部分验证其检测效果,使用 CSIC2010 公开数据集作为测试集验证模型的泛化能力。 实验结果表明两种模型均可在保证检测效率的前提下有效识别网站真实数据集中的正常流量及异常流量,且使用 Transformer 的检测模型在两种测试集上表现更好。
Abstract:
Traditional rule-based web attack detection methods require manual addition of rules. However,with the increasing number ofrules,it will consume more computing resources and reduce the detection efficiency,and unknown type of attacks cannot be identified. Inrecent years,as most researches on web attack detection based on deep learning only focus on the url and parameters parts of http requests,some malicious attacks that exist in the remaining fields of the http request will be omitted. Referring to the above problems,twoweb attack detection methods based on BERT for full detection of http requests are proposed,which also proposes improvements toBERT. Based on its pooled output,LSTM and Transformer are added behind the network to integrate features to make BERT supportlong text input. Both detection models use the real data set of the service website as the training set and use the test set of the real data setof the website to verify the detection effect. Then CSIC2010 public dataset is used as test set to verify the generalization ability of themodel. Experimental results show that both models can effectively identify normal traffic and abnormal traffic in the real dataset of thewebsite while ensuring the detection efficiency,and the Transformer-based detection model performs better onthe two test sets.

相似文献/References:

[1]周亦敏,黄 俊.基于 BERT 的学术合作者推荐研究[J].计算机技术与发展,2021,31(03):45.[doi:10. 3969 / j. issn. 1673-629X. 2021. 03. 008]
 ZHOU Yi-min,HUANG Jun.Research on BERT-based Academic Collaborator Recommendation[J].,2021,31(08):45.[doi:10. 3969 / j. issn. 1673-629X. 2021. 03. 008]
[2]王卫红,吕红燕,曹玉辉,等.基于 BERT 的混合神经网络实体识别方法[J].计算机技术与发展,2021,31(08):100.[doi:10. 3969 / j. issn. 1673-629X. 2021. 08. 017]
 WANG Wei-hong,LYU Hong-yan,CAO Yu-hui,et al.A Hybrid Neural Network Entity Recognition Method Based on BERT Model[J].,2021,31(08):100.[doi:10. 3969 / j. issn. 1673-629X. 2021. 08. 017]
[3]王 俊,王修来*,栾伟先,等.基于 BERT 模型的科研人才领域命名实体识别[J].计算机技术与发展,2021,31(11):21.[doi:10. 3969 / j. issn. 1673-629X. 2021. 11. 004]
 WANG Jun,WANG Xiu-lai*,LUAN Wei-xian,et al.Research on Named Entity Recognition of Scientific Research Talents Field Based on BERT Model[J].,2021,31(08):21.[doi:10. 3969 / j. issn. 1673-629X. 2021. 11. 004]
[4]尚福华,蒋毅文,曹茂俊.一种增强的多粒度特征融合语义匹配模型[J].计算机技术与发展,2022,32(07):28.[doi:10. 3969 / j. issn. 1673-629X. 2022. 07. 005]
 SHANG Fu-hua,JIANG Yi-wen*,CAO Mao-jun.An Enhanced Multi Granularity Feature Fusion Model for Semantic Matching[J].,2022,32(08):28.[doi:10. 3969 / j. issn. 1673-629X. 2022. 07. 005]
[5]熊建华,韩永国,廖 竞,等.基于长句简化的中文开放关系抽取[J].计算机技术与发展,2023,33(02):203.[doi:10. 3969 / j. issn. 1673-629X. 2023. 02. 030]
 XIONG Jian-hua,HAN Yong-guo,LIAO Jing,et al.Chinese Open Relation Extraction Based on Long Sentence Simplification[J].,2023,33(08):203.[doi:10. 3969 / j. issn. 1673-629X. 2023. 02. 030]
[6]张 锦,胡子达,陆玟冰,等.基于 Scratch 作品相似度的检测研究[J].计算机技术与发展,2023,33(10):143.[doi:10. 3969 / j. issn. 1673-629X. 2023. 10. 022]
 ZHANG Jin,HU Zi-da,LU Wen-bing,et al.Research on Similarity Detection of Project Based on Scratch[J].,2023,33(08):143.[doi:10. 3969 / j. issn. 1673-629X. 2023. 10. 022]

更新日期/Last Update: 2022-08-10