With the continuous growth of the internet and web applications, billions of websites built and available at our fingertips today lead more and more sophisticated and malicious attacks and pose requirements to build more precise and modern Web Attack Detection (WAD) system. Nowadays, many Machine Learning (ML)-based WAD approaches have been researched and yielded high efficiency. Additionally, to ensure optimal classification performance with data containing new classes, these models are regularly retrained. Nevertheless, the process of retraining models using both old and new data poses significant challenges in terms of computational requirements and storage capacity. On the other hand, when retraining the model with only new data, the model faces the problem of Catastrophic Forgetting (CF) which cannot adequately retain the previously learned amount of knowledge about the old data. To address these problems, in this work, we proposed an Deep Neural Network (DNN)-based WAD together with Incremental Learning (IL) technique, named IncWAD. Besides that, we also designed a Machine Learning Operations (MLOPs) cycle to deploy and manage the ML model conveniently. The evaluation results on the SR-BH 2020 multi-label dataset with various cases indicated that the IncWAD model could classify correctly different types of attacks and reached accuracy more than 95%.
