Deep Unsupervised System Log Monitoring

Nourtel, Hubert; Cerisara, Christophe; Cruz‐Lara, Samuel

doi:10.1007/978-3-030-35333-9_38

Cited by 1 publication

(2 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Other articles used advanced deep learning models (CNN, RNN, LSTM) for character or word embedding to detect patterns in character or word sequence and used the output later in the classification phase, e.g., the work in [32], [33], [30], [31], [46],…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Deep Learning Methods in Web Intrusion Detection: A Systematic Review

Halim

Kholief

Maghraby

2022

Preprint

View full text Add to dashboard Cite

Web application and services are essential part of the internet. They automate many people activities such as purchasing goods, communica- tion, socialization, and political voting. Those applications are usually written and developed by programmers who might not be fully aware of cybersecurity aspects which leaves the applications vulnerable to web application attacks. The best way to mitigate such risks is to write secure code any add multi- ple security layers in the application architecture to ensure security in-depth, however, this comes with great cost and write perfectly secured source code is near to impossible. This is why researchers and engineers invented more exter- nal systems to help in protecting web applications and services, e.g., intrusion detection systems, firewalls, anti-fraud systems. Despite the improvements such systems add to the application security stack, however more challenges came to the surface, ignoring these challenges might risk the entire setup and leave the environment in worse state (e.g., bad implementation of intrusion detection system can cause high false positive rates resulting in blocking users from executing transactions). As the problem of intrusion detection is related to analysis of previous HTTP log to know discriminate normal traffic from malicious, machine and deep learning are playing profound role in solving many of intrusion detection problems. In this survey article we provide systematic review of the recent develop- ments of applying deep learning methods in Web Intrusion Detection Systems (WIDS). The article starts by introduction of intrusion detection in both network and web environments and the difference between Anomaly based and signature based methods. Then we highlight the contribution, review meth- ods, and search strategy are discussed in follower sections. Then the reviewing selected papers and comparing their methods are introduced. Finally, the ar- ticle conclude with discussion section highlighting the future trends of WIDS research.

show abstract

Section: Discussionmentioning

confidence: 99%

“…The work in [46] is motivated by 2 observations: System log lines often have much less variable syntactic structure than natural languages. Massive quantity of logs are continuously generated and need fast inference algorithms.…”

Section: Adversarial Network and Model Relearn-abilitymentioning

confidence: 99%