A Sequential Attention Based Convolutional Neural Network for Anomaly Detection.

Publication
Journal of Zhengzhou University(Natural Science Edition)

Web-attack was one of the most challenging threats with the rapid development of Internet. A piece of well-designed malicious code in a Web request could cause serious information leakages or other fatal security incidents. While most existing studies on this issue focused on pattern matching or syntax analyzing, a CNN based feature free approach was proposed to detect such kinds of threats as SQL injection, command injection, and local file include and cross-domain script from uniform resource locators (URLs) in this work. A sequential attention based CNN (SA-CNN) was proposed to find the position and range of malicious code segments. Experiments showed that SA-CNN could tell not only whether a Web request was malicious, but also where the malicious codes were. In addition, SA-CNN achieved comparable or better performance comparing with existing algorithms on several well-known short text datasets.