Web Attack

Web attack detection aims to identify and mitigate malicious activities targeting web applications, a critical area given the increasing sophistication of attacks. Current research focuses on improving the accuracy and efficiency of web application firewalls (WAFs) using machine learning techniques, such as One-Class SVMs and adapting rule-based systems like ModSecurity with learned weights, to reduce false positives while enhancing detection rates. A significant challenge involves the vulnerability of deep learning models to adversarial attacks, prompting research into robust defenses against backdoor attacks and the development of secure code generation models. These advancements are crucial for enhancing online security and protecting web applications from various threats.

Papers

October 10, 2024

July 26, 2024

Capturing the security expert knowledge in feature selection for web application attack detection
Amanda Riverol, Gustavo Betarte, Rodrigo Martínez, Álvaro Pardo
Feature Selection Mutual Information Attack Pattern Expert Driven Cybersecurity Instruction Web Attack Web Application Firewall

June 19, 2024

ModSec-Learn: Boosting ModSecurity with Machine Learning
Christian Scano, Giuseppe Floris, Biagio Montaruli, Luca Demetrio, Andrea Valenza, Luca Compagna, Davide Ariu, Luca Piras, Davide Balzarotti, Battista Biggio
Machine Learning Attack Pattern Web Attack Web Application Firewall

June 18, 2024

Attack and Defense of Deep Learning Models in the Field of Web Attack Detection
Lijia Shi, Shihao Dong
Deep Learning Model Backdoor Attack Backdoor Defense Limited Field Attack Success Rate Unknown Attack Web Attack

March 3, 2024

WARDEN: Multi-Directional Backdoor Watermarks for Embedding-as-a-Service Copyright Protection
Anudeex Shetty, Yue Teng, Ke He, Qiongkai Xu
Model Extraction Attack Copyright Protection Air Guardian System Backdoor Watermark Web Attack

April 27, 2023

Machine Learning for Detection and Mitigation of Web Vulnerabilities and Web Attacks
Mahnoor Shahid
Machine Learning Data Detection Faulty Negative Mitigation Web Attack

February 8, 2023

CodeLMSec Benchmark: Systematically Evaluating and Finding Security Vulnerabilities in Black-Box Code Language Models
Hossein Hajipour, Keno Hassler, Thorsten Holz, Lea Schönherr, Mario Fritz
Code Generation Code Language Model Code Generation Model Vulnerable Code Black Box Language Model Web Attack

Web Attack

Papers

Poison-splat: Computation Cost Attack on 3D Gaussian Splatting

Towards Trustworthy Web Attack Detection: An Uncertainty-Aware Ensemble Deep Kernel Learning Model

Capturing the security expert knowledge in feature selection for web application attack detection

ModSec-Learn: Boosting ModSecurity with Machine Learning

Attack and Defense of Deep Learning Models in the Field of Web Attack Detection

WARDEN: Multi-Directional Backdoor Watermarks for Embedding-as-a-Service Copyright Protection

Machine Learning for Detection and Mitigation of Web Vulnerabilities and Web Attacks

CodeLMSec Benchmark: Systematically Evaluating and Finding Security Vulnerabilities in Black-Box Code Language Models