An improved LSTM-PCA ensemble classifier for SQL injection and XSS attack detection
The Repository Mahasiswa (RAMA) is a national repository of research reports in the form of final assignments, student projects, theses, dissertations, and research reports of lecturers or researchers that have not yet been published in journals, conferences, or integrated books from the scientific...
Saved in:
| Main Authors: | , , , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Tech Science Press
2023
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/106390/1/MohdYazidIdris2023_AnImprovedLSTMPCAEnsembleClassifierforSQL.pdf http://eprints.utm.my/106390/ http://dx.doi.org/10.32604/csse.2023.034047 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.utm.106390 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.1063902024-06-29T07:14:59Z http://eprints.utm.my/106390/ An improved LSTM-PCA ensemble classifier for SQL injection and XSS attack detection Stiawan, Deris Bardadi, Ali Nurul Afifah, Nurul Afifah Lisa Melinda, Lisa Melinda Ahmad Heryanto, Ahmad Heryanto Tri Wanda Septian, Tri Wanda Septian Idris, Mohd. Yazid Subroto, Imam Much Lukman, Lukman Rahmat Budiarto, Rahmat Budiarto QA75 Electronic computers. Computer science The Repository Mahasiswa (RAMA) is a national repository of research reports in the form of final assignments, student projects, theses, dissertations, and research reports of lecturers or researchers that have not yet been published in journals, conferences, or integrated books from the scientific repository of universities and research institutes in Indonesia. The increasing popularity of the RAMA Repository leads to security issues, including the two most widespread, vulnerable attacks i.e., Structured Query Language (SQL) injection and cross-site scripting (XSS) attacks. An attacker gaining access to data and performing unauthorized data modifications is extremely dangerous. This paper aims to provide an attack detection system for securing the repository portal from the abovementioned attacks. The proposed system combines a Long Short–Term Memory and Principal Component Analysis (LSTM-PCA) model as a classifier. This model can effectively solve the vanishing gradient problem caused by excessive positive samples. The experiment results show that the proposed system achieves an accuracy of 96.85% using an 80%:20% ratio of training data and testing data. The rationale for this best achievement is that the LSTM’s Forget Gate works very well as the PCA supplies only selected features that are significantly relevant to the attacks’ patterns. The Forget Gate in LSTM is responsible for deciding which information should be kept for computing the cell state and which one is not relevant and can be discarded. In addition, the LSTM’s Input Gate assists in finding out crucial information and stores specific relevant data in the memory. Tech Science Press 2023 Article PeerReviewed application/pdf en http://eprints.utm.my/106390/1/MohdYazidIdris2023_AnImprovedLSTMPCAEnsembleClassifierforSQL.pdf Stiawan, Deris and Bardadi, Ali and Nurul Afifah, Nurul Afifah and Lisa Melinda, Lisa Melinda and Ahmad Heryanto, Ahmad Heryanto and Tri Wanda Septian, Tri Wanda Septian and Idris, Mohd. Yazid and Subroto, Imam Much and Lukman, Lukman and Rahmat Budiarto, Rahmat Budiarto (2023) An improved LSTM-PCA ensemble classifier for SQL injection and XSS attack detection. Computer Systems Science & Engineering, 46 (2). pp. 1759-1774. ISSN 0267-6192 http://dx.doi.org/10.32604/csse.2023.034047 DOI : 10.32604/csse.2023.034047 |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| language |
English |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Stiawan, Deris Bardadi, Ali Nurul Afifah, Nurul Afifah Lisa Melinda, Lisa Melinda Ahmad Heryanto, Ahmad Heryanto Tri Wanda Septian, Tri Wanda Septian Idris, Mohd. Yazid Subroto, Imam Much Lukman, Lukman Rahmat Budiarto, Rahmat Budiarto An improved LSTM-PCA ensemble classifier for SQL injection and XSS attack detection |
| description |
The Repository Mahasiswa (RAMA) is a national repository of research reports in the form of final assignments, student projects, theses, dissertations, and research reports of lecturers or researchers that have not yet been published in journals, conferences, or integrated books from the scientific repository of universities and research institutes in Indonesia. The increasing popularity of the RAMA Repository leads to security issues, including the two most widespread, vulnerable attacks i.e., Structured Query Language (SQL) injection and cross-site scripting (XSS) attacks. An attacker gaining access to data and performing unauthorized data modifications is extremely dangerous. This paper aims to provide an attack detection system for securing the repository portal from the abovementioned attacks. The proposed system combines a Long Short–Term Memory and Principal Component Analysis (LSTM-PCA) model as a classifier. This model can effectively solve the vanishing gradient problem caused by excessive positive samples. The experiment results show that the proposed system achieves an accuracy of 96.85% using an 80%:20% ratio of training data and testing data. The rationale for this best achievement is that the LSTM’s Forget Gate works very well as the PCA supplies only selected features that are significantly relevant to the attacks’ patterns. The Forget Gate in LSTM is responsible for deciding which information should be kept for computing the cell state and which one is not relevant and can be discarded. In addition, the LSTM’s Input Gate assists in finding out crucial information and stores specific relevant data in the memory. |
| format |
Article |
| author |
Stiawan, Deris Bardadi, Ali Nurul Afifah, Nurul Afifah Lisa Melinda, Lisa Melinda Ahmad Heryanto, Ahmad Heryanto Tri Wanda Septian, Tri Wanda Septian Idris, Mohd. Yazid Subroto, Imam Much Lukman, Lukman Rahmat Budiarto, Rahmat Budiarto |
| author_facet |
Stiawan, Deris Bardadi, Ali Nurul Afifah, Nurul Afifah Lisa Melinda, Lisa Melinda Ahmad Heryanto, Ahmad Heryanto Tri Wanda Septian, Tri Wanda Septian Idris, Mohd. Yazid Subroto, Imam Much Lukman, Lukman Rahmat Budiarto, Rahmat Budiarto |
| author_sort |
Stiawan, Deris |
| title |
An improved LSTM-PCA ensemble classifier for SQL injection and XSS attack detection |
| title_short |
An improved LSTM-PCA ensemble classifier for SQL injection and XSS attack detection |
| title_full |
An improved LSTM-PCA ensemble classifier for SQL injection and XSS attack detection |
| title_fullStr |
An improved LSTM-PCA ensemble classifier for SQL injection and XSS attack detection |
| title_full_unstemmed |
An improved LSTM-PCA ensemble classifier for SQL injection and XSS attack detection |
| title_sort |
improved lstm-pca ensemble classifier for sql injection and xss attack detection |
| publisher |
Tech Science Press |
| publishDate |
2023 |
| url |
http://eprints.utm.my/106390/1/MohdYazidIdris2023_AnImprovedLSTMPCAEnsembleClassifierforSQL.pdf http://eprints.utm.my/106390/ http://dx.doi.org/10.32604/csse.2023.034047 |
| _version_ |
1803335001378390016 |
| score |
13.18916 |