• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Two Stage Deep Learning Based Stacked Ensemble Model for Web Application Security

Vol. 16, No. 2, February 28, 2022
10.3837/tiis.2022.02.014, Download Paper (Free):

Abstract

Detecting web attacks is a major challenge, and it is observed that the use of simple models leads to low sensitivity or high false positive problems. In this study, we aim to develop a robust two-stage deep learning based stacked ensemble web application firewall. Normal and abnormal classification is carried out in the first stage of the proposed WAF model. The classification process of the types of abnormal traffics is postponed to the second stage and carried out using an integrated stacked ensemble model. By this way, clients’ requests can be served without time delay, and attack types can be detected with high sensitivity. In addition to the high accuracy of the proposed model, by using the statistical similarity and diversity analyses in the study, high generalization for the ensemble model is achieved. Within the study, a comprehensive, up-to-date, and robust multi-class web anomaly dataset named GAZI-HTTP is created in accordance with the real-world situations. The performance of the proposed WAF model is compared to state-of-the-art deep learning models and previous studies using the benchmark dataset. The proposed two-stage model achieved multi-class detection rates of 97.43% and 94.77% for GAZI-HTTP and ECML-PKDD, respectively.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
M. Sevri and H. Karacan, "Two Stage Deep Learning Based Stacked Ensemble Model for Web Application Security," KSII Transactions on Internet and Information Systems, vol. 16, no. 2, pp. 632-657, 2022. DOI: 10.3837/tiis.2022.02.014.

[ACM Style]
Mehmet Sevri and Hacer Karacan. 2022. Two Stage Deep Learning Based Stacked Ensemble Model for Web Application Security. KSII Transactions on Internet and Information Systems, 16, 2, (2022), 632-657. DOI: 10.3837/tiis.2022.02.014.

[BibTeX Style]
@article{tiis:25311, title="Two Stage Deep Learning Based Stacked Ensemble Model for Web Application Security", author="Mehmet Sevri and Hacer Karacan and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2022.02.014}, volume={16}, number={2}, year="2022", month={February}, pages={632-657}}