New deep learning method to detect code injection attacks on hybrid applications

被引:28
|
作者
Yan, Ruibo [1 ]
Xiao, Xi [1 ]
Hu, Guangwu [2 ]
Peng, Sancheng [3 ]
Jiang, Yong [1 ]
机构
[1] Tsinghua Univ, Grad Sch Shenzhen, Shenzhen, Peoples R China
[2] Shenzhen Inst Informat Technol, Sch Comp Sci, Shenzhen, Peoples R China
[3] Guangdong Univ Foreign Studies, Sch Informat, Guangzhou, Guangdong, Peoples R China
来源
JOURNAL OF SYSTEMS AND SOFTWARE | 2018年 / 137卷
关键词
Code injection; Hybrid application; Abstract syntax tree; Deep learning;
D O I
10.1016/j.jss.2017.11.001
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Mobile phones are becoming increasingly pervasive. Among them, HTML5-based hybrid applications are more and more popular because of their portability on different systems. However these applications suffer from code injection attacks. In this paper, we construct a-novel deep learning network, Hybrid Deep Learning Network (HDLN), and use it to detect these attacks. At first, based on our previous work, we extract more features from Abstract Syntax Tree (AST) of JavaScript and employ three methods to select key features. Then we get the feature vectors and train HDLN to distinguish vulnerable applications from normal ones. Finally thorough experiments are done to validate our methods. The results show our detection approach with HDLN achieves 97.55% in accuracy and 97.60% in AUC, which outperforms those with other traditional classifiers and gets higher average precision than other detection methods. (C) 2017 Elsevier Inc. All rights reserved.
引用
收藏
页码:67 / 77
页数:11
相关论文
共 50 条
  • [21] Deep learning-based hybrid detection model for false data injection attacks in smart grid
    Yang, Hang
    Cao, Ruijia
    Pan, Huan
    Jin, Jiayi
    2023 IEEE 6TH INTERNATIONAL CONFERENCE ON INDUSTRIAL CYBER-PHYSICAL SYSTEMS, ICPS, 2023,
  • [22] Improving Efficiency of Web Application Firewall to Detect Code Injection Attacks with Random Forest Method and Analysis Attributes HTTP Request
    Nguyen Manh Thang
    Programming and Computer Software, 2020, 46 : 351 - 361
  • [23] Improving Efficiency of Web Application Firewall to Detect Code Injection Attacks with Random Forest Method and Analysis Attributes HTTP Request
    Nguyen Manh Thang
    PROGRAMMING AND COMPUTER SOFTWARE, 2020, 46 (05) : 351 - 361
  • [24] Unmasking the Botnet Attacks: A Hybrid Deep Learning Approach
    Nayan, Pranta Nath
    Mahajabin, Maisha
    Rahman, Abdur
    Maisha, Nusrat
    Chowdhury, Md. Tanvir
    Uddin, Md. Mohsin
    Tuhin, Rashedul Amin
    Khan, M. Saddam Hossain
    SMART TRENDS IN COMPUTING AND COMMUNICATIONS, VOL 5, SMARTCOM 2024, 2024, 949 : 441 - 451
  • [25] Deep learning techniques to detect cybersecurity attacks: a systematic mapping study
    Damiano Torre
    Frantzy Mesadieu
    Anitha Chennamaneni
    Empirical Software Engineering, 2023, 28
  • [26] Deep learning techniques to detect cybersecurity attacks: a systematic mapping study
    Torre, Damiano
    Mesadieu, Frantzy
    Chennamaneni, Anitha
    EMPIRICAL SOFTWARE ENGINEERING, 2023, 28 (03)
  • [27] Hybrid machine learning: A tool to detect phishing attacks in communication networks
    Abidoye A.P.
    Kabaso B.
    Intl. J. Adv. Comput. Sci. Appl., 2020, 6 (559-569): : 559 - 569
  • [28] Hybrid Machine Learning: A Tool to Detect Phishing Attacks in Communication Networks
    Abidoye, Ademola Philip
    Kabaso, Boniface
    INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2020, 11 (06) : 559 - 569
  • [29] A new method to detect attacks on the Internet of Things (IoT) using adaptive learning based on cellular learning automata
    Dogani, Javad
    Farahmand, Mahdieh
    Daryanavard, Hassan
    ETRI JOURNAL, 2022, 44 (01) : 155 - 167
  • [30] Data augmentation and hybrid feature amalgamation to detect audio deep fake attacks
    Chakravarty, Nidhi
    Dua, Mohit
    PHYSICA SCRIPTA, 2023, 98 (09)
12345