MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1

MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1

<p>The possibility of applying machine learning is considered for the classification of malicious requests to a Web application. This approach excludes the use of deterministic analysis systems (for example, expert systems), and based on the application of a cascade of neural networks or perce...

Full description

Bibliographic Details
Main Authors: K. Smirnova, A. Smirnov, O. Olshevska
Format: Article
Language:English
Published: Odessa National Academy of Food Technologies 2017-08-01
Series:Avtomatizaciâ Tehnologičeskih i Biznes-Processov
Subjects:
Neural network
machine learning
intrusion detection system
protection of web applications
information security
Online Access:http://journals.gsjp.eu/index.php/atbp/article/view/554
id doaj-2a8e6812bfd04725a99a5590b1cd1600
record_format Article
spelling doaj-2a8e6812bfd04725a99a5590b1cd16002020-11-24T21:53:33ZengOdessa National Academy of Food TechnologiesAvtomatizaciâ Tehnologičeskih i Biznes-Processov2312-31252312-931X2017-08-019210.15673/atbp.v9i2.554508MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1K. Smirnova0A. SmirnovO. Olshevska1Odessa National Academy of Food Technologies, Odessa, UkraineOdessa National Academy of Food Technologies, Odessa, Ukraine<p>The possibility of applying machine learning is considered for the classification of malicious requests to a Web application. This approach excludes the use of deterministic analysis systems (for example, expert systems), and based on the application of a cascade of neural networks or perceptrons on an approximate model to the real human brain. The main idea of the work is to enable to describe complex attack vectors consisting of feature sets, abstract terms for compiling a training sample, controlling the quality of recognition and classifying each of the layers (networks) participating in the work, with the ability to adjust not the entire network, But only a small part of it, in the training of which a mistake or inaccuracy crept in.  The design of the developed network can be described as a cascaded, scalable neural network.  The developed system of intrusion detection uses a three-layer neural network. Layers can be built independently of each other by cascades. In the first layer, for each class of attack recognition, there is a corresponding network and correctness is checked on this network. To learn this layer, we have chosen classes of things that can be classified uniquely as yes or no, that is, they are linearly separable. Thus, a layer is obtained not just of neurons, but of their microsets, which can best determine whether is there some data class in the query or not. The following layers are not trained to recognize the attacks themselves, they are trained that a set of attacks creates certain threats. This allows you to more accurately recognize the attacker's attempts to bypass the defense system, as well as classify the target of the attack, and not just its fact. Simple layering allows you to minimize the percentage of false positives.</p>http://journals.gsjp.eu/index.php/atbp/article/view/554Neural networkmachine learningintrusion detection systemprotection of web applicationsinformation security
collection DOAJ
language English
format Article
sources DOAJ
author K. Smirnova
A. Smirnov
O. Olshevska
spellingShingle K. Smirnova
A. Smirnov
O. Olshevska
MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1
Avtomatizaciâ Tehnologičeskih i Biznes-Processov
Neural network
machine learning
intrusion detection system
protection of web applications
information security
author_facet K. Smirnova
A. Smirnov
O. Olshevska
author_sort K. Smirnova
title MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1
title_short MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1
title_full MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1
title_fullStr MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1
title_full_unstemmed MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1
title_sort machine learning implementation for the classification of attacks on web systems. part 1
publisher Odessa National Academy of Food Technologies
series Avtomatizaciâ Tehnologičeskih i Biznes-Processov
issn 2312-3125
2312-931X
publishDate 2017-08-01
description <p>The possibility of applying machine learning is considered for the classification of malicious requests to a Web application. This approach excludes the use of deterministic analysis systems (for example, expert systems), and based on the application of a cascade of neural networks or perceptrons on an approximate model to the real human brain. The main idea of the work is to enable to describe complex attack vectors consisting of feature sets, abstract terms for compiling a training sample, controlling the quality of recognition and classifying each of the layers (networks) participating in the work, with the ability to adjust not the entire network, But only a small part of it, in the training of which a mistake or inaccuracy crept in.  The design of the developed network can be described as a cascaded, scalable neural network.  The developed system of intrusion detection uses a three-layer neural network. Layers can be built independently of each other by cascades. In the first layer, for each class of attack recognition, there is a corresponding network and correctness is checked on this network. To learn this layer, we have chosen classes of things that can be classified uniquely as yes or no, that is, they are linearly separable. Thus, a layer is obtained not just of neurons, but of their microsets, which can best determine whether is there some data class in the query or not. The following layers are not trained to recognize the attacks themselves, they are trained that a set of attacks creates certain threats. This allows you to more accurately recognize the attacker's attempts to bypass the defense system, as well as classify the target of the attack, and not just its fact. Simple layering allows you to minimize the percentage of false positives.</p>
topic Neural network
machine learning
intrusion detection system
protection of web applications
information security
url http://journals.gsjp.eu/index.php/atbp/article/view/554
work_keys_str_mv AT ksmirnova machinelearningimplementationfortheclassificationofattacksonwebsystemspart1
AT asmirnov machinelearningimplementationfortheclassificationofattacksonwebsystemspart1
AT oolshevska machinelearningimplementationfortheclassificationofattacksonwebsystemspart1
_version_ 1725871429579177984

Similar Items