웹 방화벽 로그 분석을 통한 공격 분류: AutoML, CNN, RNN, ALBERT

Vol. 34, No. 4, pp. 587-596, 8월. 2024
10.13089/JKIISC.2024.34.4.587, Full Text:
Keywords: Web Attack Detection, WAF Log, TF-IDF, AutoML, Machine Learning
Abstract

Cyber Attack and Cyber Threat are getting confused and evolved. Therefore, using AI(Artificial Intelligence), which is the most important technology in Fourth Industry Revolution, to build a Cyber Threat Detection System is getting important. Especially, Government’s SOC(Security Operation Center) is highly interested in using AI to build SOAR(Security Orchestration, Automation and Response) Solution to predict and build CTI(Cyber Threat Intelligence). In this thesis, We introduce the Cyber Threat Detection System by analyzing Network Traffic and Web Application Firewall(WAF) Log data. Additionally, we apply the well-known TF-IDF(Term Frequency-Inverse Document Frequency) method and AutoML technology to classify Web traffic attack type.

Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
조영복, 한미란, 박재우, "웹 방화벽 로그 분석을 통한 공격 분류: AutoML, CNN, RNN, ALBERT," Journal of The Korea Institute of Information Security and Cryptology, vol. 34, no. 4, pp. 587-596, 2024. DOI: 10.13089/JKIISC.2024.34.4.587.

[ACM Style]
조영복, 한미란, and 박재우. 2024. 웹 방화벽 로그 분석을 통한 공격 분류: AutoML, CNN, RNN, ALBERT. Journal of The Korea Institute of Information Security and Cryptology, 34, 4, (2024), 587-596. DOI: 10.13089/JKIISC.2024.34.4.587.