Machine Learning and Natural Language Processing Based Web Application Firewall for Mitigating Cyber Attacks in Cloud

Prabhat Bisht¹ , Manmohan Singh Rauthan²

1. NIC, Chandigarh, Haryana, India & Research Scholar, UKTECH, Dehradun, India.
2. Dept. of computer science and Engineering, HNBGU, Pauri Garhwal, Uttarakhand, India.

Section:Research Paper, Product Type: Journal-Paper
Vol.11 , Issue.3 , pp.1-15, Jun-2023

Online published on Jun 30, 2023

Copyright © Prabhat Bisht, Manmohan Singh Rauthan . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
 

View this paper at   Google Scholar | DPI Digital Library

XML View     PDF Download

How to Cite this Paper

212 Views    250 Downloads    28 Downloads

Abstract :
with the rise of cloud computing technology there are tremendous growth on web hosting over Cloud Infrastructure. Organizations are adopting this technology and migrating from traditional client server based architecture to cloud enabled data centres. APPSEC security reports published every month shows that because of vulnerabilities in application software as hosted on cloud most of the applications are vulnerable to cyber-attacks. Attackers exploit web vulnerabilities through online attack vectors by injecting malicious payloads on HTTP/HTTPS request URLs. Successful execution of such attack vectors can compromise data Integrity, confidentiality availability by interruption, interception, fabrication and modification. The present paper proposes an advance WAF based on machine learning classification algorithms for mitigating online attack vectors. The novel approach of proposed WAF classifier is that it works as Security as a Service (SeaaS) for mitigating online attack vectors and can be used as pay as per usage policy. HTTP/HTTPS requests automatically routed to propose classifier for analysing OWASP Top 10 exploits as a first line of defence. Proposed classifier successfully blocks malicious requests and forwards legitimate requests to web server for processing. Proposed classifier is trained and tested using machine learning classification algorithms on OWASP Top 10 exploits and the accuracy is calculated based on true positive, false positive, true negative and false negative observations. Experimental results show that the proposed classifier has 98% of accuracy which is measured through key performance metrics like accuracy precision, recall, and F1 score.

Key-Words / Index Term :
machine learning, classification algorithm, web application security, vulnerabilities, cyber-attacks.

References :
[1]. S. Kumar, R. H. Goudar, “Cloud Computing Challenges, Research Issues, Architecture, Platforms and Applications: Survey”, International Journal of Future Computer and Communication, Vol.1, No.4, pp.356-360, 2012.
[2]. Randa Osman Morsi , Mona Farouk Ahmed, “Research Article a Two-Phase Pattern Matching-parse Tree Validation Approach for Efficient SQL Injection Attacks Detection”, Journal of Artificial Intelligence ISSN 1994-5450 DOI: 10.3923/jai.2019.11.17
[3]. Fredrik Valeur, Darren Mutz, and Giovanni Vigna, “A Learning-Based Approach to the Detection of SQL Attacks”, Reliable Software Group Department of Computer Science University of California, Santa Barbara
[4]. Abhishek Gupta1, Ankit Jain1, Samartha Yadav1, Harsh Taneja , “Literature Survey on Detection of Web Attacks Using Machine Learning” , International Journal of Scientific Research in Computer Science, Engineering and Information Technology 2018 IJSRCSEIT | Vol.3, Issue.3, 2018. ISSN : 2456-3307
[5]. Immadisetti Naga, Venkata Durga Naveen, Manamohana K, Rohit Verma , “Detection of Malicious URLs using Machine Learning Techniques”, International Journal of Innovative Technology and Exploring Engineering (IJITEE) ISSN: 2278-3075, Vol.8, Issue.4S2 March, 2019”
[6]. Deeban chakkarawarthi , Parthan , Sachin Lal Surya, “Classification of URL into Malicious or Benign using Machine Learning Approach ”, International Journal of Advanced Research in Computer and Communication Engineering, Vol.8, Issue.2, February 2019.
[7]. Solomon Ogbomon Uwagbole, “Applied Machine Learning Predictive Analytics to SQL Injection Attack Detection and Prevention”, IFIP/IEEE 2017 Workshop: 3rd International Workshop on Security for Emerging Distributed Network Technologies
[8]. Eun Hong Cheon , Zhong yue Huang, Yon Sik Lee, “Preventing SQL Injection Attack Based on Machine Learning”, International Journal of Advancements in Computing Technology (IJACT) Vol.5 May 2013, DOI:10.4156/ijact.vol5.issue9.115
[9]. Rafal Kozik, Michal Chora, Rafal Renk and Witold Holubowicz, “A Proposal of Algorithm for Web Applications Cyber Attack Detection” , CISIM 2014, LNCS 8838, pp.680–687, 2014. IFIP International Federation for Information Processing 2014
[10].Zhuang Chen1, Min Guo, Lin zhou , “Research on SQL injection detection technology based on SVM ” , MATEC Web of Conferences 173, 2018.
[11].Gustavo Betarte, Eduardo Gimenez, Rodrigo Martinez and Alvaro Pardo, “Machine Learning Assisted Virtual Patching of Web Applications”, Cornell University arXiv:1803.05529
[12].Prabhat Bisht, Devesh Pant, Manmohan Singh Rauthan, “analyzing and defending web application vulnerabilities through proposed security model in cloud computing”, International journal of science and technology graphic era university. Vol.6, Issue.2, pp.183-196, 2018. ISSN: 0975-1416 (Print), 2456-4281 (Online)
[13].Chao-Ying , Joanne Peng , Kuk Lida Lee, Gary M. Ingersoll , “An introduction to Logistic Regression analysis and reporting”, The journal of educational research Indiana University -Bloomington
[14].Gerard Biau , “Analyis of random forest model”, Journal of Machine Learning ISSN 1063-1095
[15].Munir Ahmad, Shabib Aftab , Muhammad Salman Bashir, Noureen Hameed, “Sentiment Analysis using SVM: A Systematic Literature Review”, International Journal of Advanced Computer Science and Applications, Vol.9, No.2, 2018.
[16].Gaspar Asampana , Korah Kassim Nantoma, Evans Ayagikwaga Tungosiamu, “Multinomial Logistic Regression Analysis of the Determinants of Students Academic Performance in Mathematics at Basic Education Certificate Examination ”, Higher Education Research, Science Publishing Group doi: 10.11648/j.her.201770201.15
[17].Erik Cambria, Bebo White, “Jumping NLP Curves: A Review of Natural Language Processing Research”, IEEE Computational Intelligence Magazine, May2014,doi10.1109/MCI.2014.2307227
[18].Alazab, A. Khresiat, “New strategy for mitigating of SQL injection attack”, Int. J. Comput. Applic., 154: pp.1-10, 2016.
[19].Jawanja, S. Shegokar, V. Nandurkar, R. Ardak, S. Chaudhari, S. Rithe and S. Sontake, “ An efficient technique for detection and prevention of SQL injection attack in cloud” , Int. J. Res. Applied Sci. Eng. Technol., 6: pp.2670-2674, 2018.
[20].Eduardo Benavides, Walter Fuertes, Sandra Sanchez, and Manuel Sanchez, “Classification of Phishing Attack Solutions by Employing Deep Learning Techniques”, A Systematic Literature Review. In Developments and Advances in Defense and Security. Springer, pp.51–64.
[21].Kang Leng Chiew, Choon Lin Tan, Kok Sheik Wong, Kelvin SC Yong, and Wei King Tiong, “ A new hybrid ensemble feature selection framework for machine learning-based phishing detection system” , Information Sciences 484,153–166, 2019.
[22].Alfredo Cuzzocrea, Fabio Martinelli and Francesco Mercaldo, “A machine-learning framework for supporting intelligent web-phishing detection and analysis”, In Proceedings of the 23rd International Database Applications & Engineering Symposium. ACM, 43, 2019.
[23].Yukun Li, Zhenguo Yang, Xu Chen, Huaping Yuan, and Wenyin Liu , “A stacking model using URL and HTML features for phishing webpage detection” , Future Generation Computer Systems 94, pp.27–39, 2019.
[24].Yong fang Peng, Sheng wei Tian, Long Yu, Yalong Lv and Ruijin Wang, “A Joint Approach to Detect Malicious URL Based on Attention Mechanism” , International Journal of Computational Intelligence and Applications, 1950021, 2019.
[25].Ozgur Koray Sahingoz, Ebubekir Buber, Onder Demir and Banu Diri. “Machine learning based phishing detection from URLs.”, Expert Systems with Applications 117(2019),345–357.
[26].Hosse in Shirazi, Bruhadeshwar Bezawada, Indrakshi Ray and Charles Anderson, “Adversarial Sampling Attacks Against Phishing Detection”, In IFIP Annual Conference on Data and Applications Security and Privacy. Springer, pp.83–101, 2019.
[27].Putra Wanda and Huang Jin Jie. URL “Deep: Continuous Prediction of Malicious URL with Dynamic Deep Learning in Social Networks, 2019.
[28].Huaizhi Yan, Xin Zhang, Jiangwei Xie and Changz hen Hu , “ Detecting Malicious URLs Using a Deep Learning Approach Based on Stacked De noising Auto encoder” , In Chinese Conference on Trusted Computing and Information Security.Springer,372–388. (2019)
[29].Ankesh Anand, Kshitij Gorde, Joel Ruben Antony Moniz, Noseong Park, Tanmoy Chakraborty and Bei Tseng Chu., “Phishing URL detection with oversampling based on text generative adversarial networks”, In IEEE International Conference on Big Data (Big Data) IEEE, pp.1168–1177, 2018.
[30].Farhan Douksieh Abdi and Lian Wenjuan , “ Malicious URL Detection using Convolutional Neural Network”, Journal International Journal of Computer Science, Engineering and Information Technology.
[31].Ebu bekir Buber, on der Demir,and Ozgur Koray Sahingoz , “ Feature selections for the machine learning based detection of phishing websites” , In Artificial Intelligence and Data Processing Symposium (IDAP), 2017 International. IEEE.
[32].Ebu bekir Buber, Banu Diri, and Ozgur Koray Sahingoz , “NLP Based Phishing Attack Detection from URLs.”, In International Conference on Intelligent Systems Design and Applications. Springer 2017.
[33].Rakesh Verma and Avisha Das, “What’s in a URL: Fast Feature Extraction and Malicious URL Detection”, In Proceedings of the 3rd ACM on International Workshop on Security And Privacy Analytics. ACM 2017.
[34].Xiang Zhang, Junbo Zhao and YannLeCun , “Character-level convolutional networks for text classification”, In Advances in neural information processing systems , 2015.
[35].AnnaL Bucza kand Erhan Guven , “ A survey of data mining and machine learning methods for cyber security intrusion detection” , IEEE Communications Surveys & Tutorials 2016.
[36].Isabelle Guyon and André Elisseeff, “An introduction to variable and feature selection”, Journal of machine learning research (2003).
[37].Fergus Toolanand Joe Carthy, “Feature selection for spam and phishing detection”, In e-Crime Researchers Summit (e-Crime), 2010. IEEE.
[38].Rakesh Verma and Avisha Das , “What’s in a URL: Fast Feature Extraction and Malicious URL Detection” , In Proceedings of the 3rd ACM on International Workshop on Security And Privacy Analytics. ACM, 2017.
[39].Jialei Wang, Peilin Zhao, Steven CHHoi, and RongJ , “Online feature selection and its applications”, Knowledge and Data Engineering, IEEE Transactions on 2020.
[40].Peng Yang, Guang zhen Zhao and PengZeng , “ Phishing Website Detection Based on Multidimensional Features Driven by Deep Learning”, IEEE Access 7, pp.15196–15209, 2019.