Deep Learning for Vulnerability and Attack Detection on Web Applications: A Systematic Literature Review

Rokia Lamrani Alaoui and El Habib Nfaoui

Resumen

Web applications are the best Internet-based solution to provide online web services, but they also bring serious security challenges. Thus, enhancing web applications security against hacking attempts is of paramount importance. Traditional Web Application Firewalls based on manual rules and traditional Machine Learning need a lot of domain expertise and human intervention and have limited detection results faced with the increasing number of unknown web attacks. To this end, more research work has recently been devoted to employing Deep Learning (DL) approaches for web attacks detection. We performed a Systematic Literature Review (SLR) and quality analysis of 63 Primary Studies (PS) on DL-based web applications security published between 2010 and September 2021. We investigated the PS from different perspectives and synthesized the results of the analyses. To the best of our knowledge, this study is the first of its kind on SLR in this field. The key findings of our study include the following. (i) It is fundamental to generate standard real-world web attacks datasets to encourage effective contribution in this field and to reduce the gap between research and industry. (ii) It is interesting to explore some advanced DL models, such as Generative Adversarial Networks and variants of Encoders?Decoders, in the context of web attacks detection as they have been successful in similar domains such as networks intrusion detection. (iii) It is fundamental to bridge expertise in web applications security and expertise in Machine Learning to build theoretical Machine Learning models tailored for web attacks detection. (iv) It is important to create a corpus for web attacks detection in order to take full advantage of text mining in DL-based web attacks detection models construction. (v) It is essential to define a common framework for developing and comparing DL-based web attacks detection models. This SLR is intended to improve research work in the domain of DL-based web attacks detection, as it covers a significant number of research papers and identifies the key points that need to be addressed in this research field. Such a contribution is helpful as it allows researchers to compare existing approaches and to exploit the proposed future work opportunities.

Palabras claves

deep learning - systematic literature review - web applications security - web attacks detection - web vulnerabilities

Acceso

P�GINAS

pp. 0 - 0

N�MERO

Volumen: 14 Parte: 4 (2022)

MATERIAS

INFRAESTRUCTURA

REVISTAS SIMILARES

Water
Future Internet
Buildings

DOI

https://doi.org/10.3390/fi14040118

Art�culos similares

Automating Feature Extraction from Entity-Relation Models: Experimental Evaluation of Machine Learning Methods for Relational Learning

Acceso

Boris Stanoev, Goran Mitrov, Andrea Kulakov, Georgina Mirceva, Petre Lameski and Eftim Zdravevski

With the exponential growth of data, extracting actionable insights becomes resource-intensive. In many organizations, normalized relational databases store a significant portion of this data, where tables are interconnected through some relations. This ... ver m�s

Revista: Big Data and Cognitive Computing

A Survey of Incremental Deep Learning for Defect Detection in Manufacturing

Acceso

Reenu Mohandas, Mark Southern, Eoin O?Connell and Martin Hayes

Deep learning based visual cognition has greatly improved the accuracy of defect detection, reducing processing times and increasing product throughput across a variety of manufacturing use cases. There is however a continuing need for rigorous procedure... ver m�s

Revista: Big Data and Cognitive Computing

Unveiling Sentiments: A Comprehensive Analysis of Arabic Hajj-Related Tweets from 2017?2022 Utilizing Advanced AI Models

Acceso

Hanan M. Alghamdi

Sentiment analysis plays a crucial role in understanding public opinion and social media trends. It involves analyzing the emotional tone and polarity of a given text. When applied to Arabic text, this task becomes particularly challenging due to the lan... ver m�s

Revista: Big Data and Cognitive Computing

Identification of Time-Varying Conceptual Hydrological Model Parameters with Differentiable Parameter Learning

Acceso

Xie Lian, Xiaolong Hu, Liangsheng Shi, Jinhua Shao, Jiang Bian and Yuanlai Cui

The parameters of the GR4J-CemaNeige coupling model (GR4neige) are typically treated as constants. However, the maximum capacity of the production store (parX1) exhibits time-varying characteristics due to climate variability and vegetation coverage chan... ver m�s

Revista: Water

Assessing Objective Functions in Streamflow Prediction Model Training Based on the Na�ve Method

Acceso

Yongen Lin, Dagang Wang, Tao Jiang and Aiqing Kang

Reliable streamflow forecasting is a determining factor for water resource planning and flood control. To better understand the strengths and weaknesses of newly proposed methods in streamflow forecasting and facilitate comparisons of different research ... ver m�s

Revista: Water

Revistas destacadas

Acceso directo a los n�meros publicados en la revista Infrastructures

Infrastructures

Acceso directo a los n�meros publicados en la revista Informed Infraestructure

Informed Infraestructure

Acceso directo a los n�meros publicados en la revista BiT

Acceso directo a los n�meros publicados en la revista Revista de la Construcci�n

Revista de la Construcci�n

Ver todas las revistas disponibles