A Deception and Continuous Training Approach for Web Attack Detection using Cyber Traps and MLOps

7:42 22/06/2023

With the growth and expansion of the internet, web attacks have become more powerful and pose a significant threat in the cyber world. In response to this, this paper presents a deceptive approach for gathering malicious behavior to understand the strategies used by web attackers. The harmful requests collected through cyber traps or honeypots are analyzed and used to train machine learning (ML) models for web attack detection. Additionally, we implement an ML operations (MLOps) pipeline to automate the continuous training and deployment of these ML models in defensive systems. This pipeline trains the production model with newly collected data by using predefined triggers. Our experiments on two datasets, including Fwaf and our own, demonstrate that a proactive and continuous approach to tracking adversary behavior can effectively detect zero-day attacks, such as CVE-2022-26134 in web application servers.

The proliferation of connectivity through modern telecommunications has led to increased unwanted and disruptive calls. Such communications negatively impact user experience and trust in platforms. Currently, call filtering relies on centralized architectures that aggregate vast troves of sensitive user data within single entities, compromising privacy and ownership. Users have limited...