Malicious Requests Detection with Improved Bidirectional Long Short-term Memory Neural Networks
This work addresses network security for systems vulnerable to sophisticated attacks, presenting an incremental improvement in detection methods.
The paper tackles the problem of detecting malicious network requests by formulating it as a temporal sequence classification and proposes a CNN-BiLSTM-CNN model, achieving effectiveness demonstrated on the HTTP dataset CSIC 2010 compared to state-of-the-art methods.
Detecting and intercepting malicious requests are one of the most widely used ways against attacks in the network security. Most existing detecting approaches, including matching blacklist characters and machine learning algorithms have all shown to be vulnerable to sophisticated attacks. To address the above issues, a more general and rigorous detection method is required. In this paper, we formulate the problem of detecting malicious requests as a temporal sequence classification problem, and propose a novel deep learning model namely Convolutional Neural Network-Bidirectional Long Short-term Memory-Convolutional Neural Network (CNN-BiLSTM-CNN). By connecting the shadow and deep feature maps of the convolutional layers, the malicious feature extracting ability is improved on more detailed functionality. Experimental results on HTTP dataset CSIC 2010 have demonstrated the effectiveness of the proposed method when compared with the state-of-the-arts.