首页|期刊导航|微型电脑应用|基于串行自编码器的Web服务注入攻击检测

基于串行自编码器的Web服务注入攻击检测OA

Web Service Injection Attack Detection Based on Serial Autoencoder

中文摘要英文摘要

Web服务每天都会产生大量的数据,注入攻击通过构造特殊的输入,生成与正常数据一致性较高的输入,以绕过正常的安全检查,当前数据是明码显变量形式,缺少隐藏过程,加大了检测难度.对此,提出一种基于串行自编码器的Web服务注入攻击检测方法.采用支持向量机训练Web服务页面特征,实现Web服务数据信息自动抽取;利用串行自编码器通过编码器将输入序列映射为隐变量,再由解码器进行重构,自动从原始数据中推算待检测数据异常得分,提取Web服务注入攻击位置;设置注入攻击检测报警阈值,组建模板矩阵和检测矩阵并计算两者相似度,区分出海量Web服务数据中隐藏的攻击信息.若相似度高于报警阈值则以消息事件形式发送至专家系统,融合人工智能进行验证,得到攻击检测结果.实验结果显示,所提出的方法真正率最终达到100%,F1值保持在0.9左右,性能损失值仅不到10%,表明所提出的方法检测精度高、速度快,可在不更改Web服务执行引擎的基础上完成自适应注入攻击检测.

Web services generate a large amount of data every day.Injection attacks bypass normal security checks by construc-ting special inputs that are highly consistent with normal data.The current data exist in plaintext and lack a hidden process,which increases the difficulty of detection.Therefore,a Web service injection attack detection method based on serial autoen-coder is proposed.This method uses support vector machine to train Web service page features to achieve automatic extraction of Web service data information.A serial autoencoder is employed to map the input sequence into latent variables,and a decod-er reconstructs them,automatically deriving the anomaly score of the data to be detected from the original data,thereby extrac-ting the injection attack location in Web services.An injection attack detection alarm threshold is set,and a template matrix and a detection matrix are formed to calculate their similarity,distinguishing hidden attack information from massive Web service data.If the similarity exceeds the alarm threshold,it is sent as a message event to an expert system,which integrates artificial intelligence for verification to obtain attack detection results.Experimental results show that the proposed method achieves a true positive rate of 100%,an F1-score of around 0.9,and a performance loss of less than 10%,indicating high detection accu-racy,fast speed,and the ability to perform adaptive injection attack detection without modifying the Web service execution en-gine.

余振养

广东科学技术职业学院,计算机工程技术学院(人工智能学院),广东,珠海 519090

信息技术与安全科学

串行自编码器Web服务注入攻击入侵检测信息抽取

serial autoencoderWeb servicesinjection attacksintrusion detectioninformation extraction

《微型电脑应用》 2026 (1)

17-21,5

2023年广东省普通高校青年创新人才类项目(2023KQNCX182)

评论