Attack and Defense of Deep Learning Models in the Field of Web Attack Detection
This addresses a critical security problem for web attack detection systems, but it is incremental as it applies known backdoor attack concepts to a new domain.
The paper tackles the vulnerability of deep learning models in web attack detection to backdoor attacks, demonstrating that inserting irrelevant fragments into requests achieves over 87% attack success rate, which can be reduced through fine-tuning.
The challenge of WAD (web attack detection) is growing as hackers continuously refine their methods to evade traditional detection. Deep learning models excel in handling complex unknown attacks due to their strong generalization and adaptability. However, they are vulnerable to backdoor attacks, where contextually irrelevant fragments are inserted into requests, compromising model stability. While backdoor attacks are well studied in image recognition, they are largely unexplored in WAD. This paper introduces backdoor attacks in WAD, proposing five methods and corresponding defenses. Testing on textCNN, biLSTM, and tinybert models shows an attack success rate over 87%, reducible through fine-tuning. Future research should focus on backdoor defenses in WAD. All the code and data of this paper can be obtained at https://anonymous.4open.science/r/attackDefenceinDL-7E05