广东工业大学学报2025,Vol.42Issue(6):52-61,10.DOI:10.12052/gdutxb.240151
面向Web安全扫描器的网络入侵检测研究
Network Intrusion Detection for Web Security Scanner
摘要
Abstract
The use of Web security scanners for scanning and probing serves as a primary way of cyber reconnaissance in the early stages of Web attacks.Existing Web intrusion detection methods primarily focus on addressing the binary classification problem between known attack flows and normal flows,which have issues such as being easily bypassed and an inability to detect unknown attacks.To address these,this paper proposes a method for detecting Web intrusion attacks from the perspective of Web security scanner scanning.Firstly,this paper collects scanning data from various Web security scanners through experiments,and analyzes the similarity of the scanning data.Secondly,a Web intrusion detection scheme based on scanning data is proposed,which includes a feature extraction method and a convolutional gated recurrent network model.Finally,comparative experiments are conducted on the collected dataset,and the results show that the Web intrusion detection scheme proposed in this paper achieves superior attack detection performance.Specifically,it achieves a detection precision of 99.87%and an F1-score of 98.99%for known Web security scanners,and a detection precision of 92.98%and an F1-score of 95.71%for unknown Web security scanners.关键词
网络入侵检测/Web安全扫描器/卷积神经网络/门控循环单元Key words
network intrusion detection/Web security scanner/convolutional neural networks/gated recurrent unit分类
计算机与自动化引用本文复制引用
刘梓乐,吴晓鸰,冯永晋,Hoon Heo..面向Web安全扫描器的网络入侵检测研究[J].广东工业大学学报,2025,42(6):52-61,10.基金项目
广东省重点领域研发计划项目(2019B010139002) (2019B010139002)
广东省国际科技合作领域项目(2019A050513010) (2019A050513010)
