{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T05:14:08Z","timestamp":1780463648645,"version":"3.54.1"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030373511","type":"print"},{"value":"9783030373528","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-37352-8_11","type":"book-chapter","created":{"date-parts":[[2020,1,2]],"date-time":"2020-01-02T20:03:00Z","timestamp":1577995380000},"page":"121-136","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":37,"title":["DeepWAF: Detecting Web Attacks Based on CNN and LSTM Models"],"prefix":"10.1007","author":[{"given":"Xiaohui","family":"Kuang","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ming","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Hu","family":"Li","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Gang","family":"Zhao","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Huayang","family":"Cao","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Zhendong","family":"Wu","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xianmin","family":"Wang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2020,1,3]]},"reference":[{"key":"11_CR1","unstructured":"Symantec Corporation: Symantec internet security threat report, Trends for July\u2013December 07 (2008)"},{"key":"11_CR2","unstructured":"Trustwave: Cenzic application vulnerability trends 2014 (2014)"},{"key":"11_CR3","unstructured":"Halfond, W.G.J., Viegas, J., Orso, A.: A classification of SQL injection attacks and countermeasures. In: Proceedings of the IEEE International Symposium on Secure Software Engineering, pp. 13\u201315. IEEE (2006)"},{"key":"11_CR4","doi-asserted-by":"crossref","unstructured":"Kieyzun, A., Guo, P.J., Jayaraman, K., Ernst, M.D.: Automatic creation of SQL injection and cross-site scripting attacks. In: Proceedings of the 31st International Conference on Software Engineering, pp. 199\u2013209. IEEE Computer Society (2009)","DOI":"10.1109\/ICSE.2009.5070521"},{"key":"11_CR5","doi-asserted-by":"publisher","first-page":"1474","DOI":"10.1016\/j.comnet.2005.10.018","volume":"50","author":"H-F Li","year":"2006","unstructured":"Li, H.-F., Lee, S.-Y., Shan, M.-K.: DSM-PLW: single-pass mining of path traversal patterns over streaming Web click-sequences. Comput. Netw. 50, 1474\u20131487 (2006)","journal-title":"Comput. Netw."},{"key":"11_CR6","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1007\/s00450-009-0092-6","volume":"24","author":"M Jensen","year":"2009","unstructured":"Jensen, M., Gruschka, N., Herkenhoner, R.: A survey of attacks on web services. Comput. Sci. Res. Dev. 24, 185 (2009)","journal-title":"Comput. Sci. Res. Dev."},{"key":"11_CR7","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1016\/j.jnca.2015.11.017","volume":"60","author":"V Prokhorenko","year":"2016","unstructured":"Prokhorenko, V., Choo, K.-K.R., Ashman, H.: Web application protection techniques: a taxonomy. J. Netw. Comput. Appl. 60, 95\u2013112 (2016)","journal-title":"J. Netw. Comput. Appl."},{"key":"11_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/11506881_8","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"F Valeur","year":"2005","unstructured":"Valeur, F., Mutz, D., Vigna, G.: A learning-based approach to the detection of SQL attacks. In: Julisch, K., Kruegel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 123\u2013140. Springer, Heidelberg (2005). \nhttps:\/\/doi.org\/10.1007\/11506881_8"},{"key":"11_CR9","doi-asserted-by":"crossref","unstructured":"Halfond, W.G.J., Orso, A.: Preventing SQL injection attacks using AMNESIA. In: Proceedings of the 28th International Conference on Software Engineering, pp. 795\u2013798. ACM (2006)","DOI":"10.1145\/1134285.1134416"},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"Kemalis, K., Tzouramanis, T.: SQL-IDS: a specification-based approach for SQL-injection detection. In: Proceedings of the 2008 ACM Symposium on Applied Computing, pp. 2153\u20132158. ACM (2008)","DOI":"10.1145\/1363686.1364201"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Liu, A., Yuan, Y., Wijesekera, D., Stavrou, A.: SQLProb: a proxy-based architecture towards preventing SQL injection attacks. In: Proceedings of the 2009 ACM Symposium on Applied Computing, pp. 2054\u20132061. ACM (2009)","DOI":"10.1145\/1529282.1529737"},{"key":"11_CR12","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1698750.1698754","volume":"13","author":"P Bisht","year":"2010","unstructured":"Bisht, P., Madhusudan, P., Venkatakrishnan, V.N.: CANDID: dynamic candidate evaluations for automatic prevention of SQL injection attacks. ACM Trans. Inf. Syst. Secur. 13, 1\u201339 (2010)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"11_CR13","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1016\/j.cose.2016.04.005","volume":"60","author":"D Kar","year":"2016","unstructured":"Kar, D., Panigrahi, S., Sundararajan, S.: SQLiGoT: detecting SQL injection attacks using graph of tokens and SVM. Comput. Secur. 60, 206\u2013225 (2016)","journal-title":"Comput. Secur."},{"key":"11_CR14","doi-asserted-by":"publisher","first-page":"512","DOI":"10.1007\/s13198-015-0376-0","volume":"8","author":"S Gupta","year":"2017","unstructured":"Gupta, S., Gupta, B.B.: Cross-site scripting (XSS) attacks and defense mechanisms: classification and state-of-the-art. Int. J. Syst. Assur. Eng. Manag. 8, 512\u2013530 (2017)","journal-title":"Int. J. Syst. Assur. Eng. Manag."},{"key":"11_CR15","unstructured":"Nadji, Y., Saxena, P., Song, D.: Document structure integrity: a robust basis for cross-site scripting defense. In: Network & Distributed System Security Symposium (2009)"},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"Wassermann, G., Su, Z.: Static detection of cross-site scripting vulnerabilities. In: Proceedings of the 30th International Conference on Software Engineering, pp. 171\u2013180. ACM (2008)","DOI":"10.1145\/1368088.1368112"},{"key":"11_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"150","DOI":"10.1007\/978-3-642-23822-2_9","volume-title":"Computer Security \u2013 ESORICS 2011","author":"J Weinberger","year":"2011","unstructured":"Weinberger, J., Saxena, P., Akhawe, D., Finifter, M., Shin, R., Song, D.: A systematic analysis of XSS sanitization in web application frameworks. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 150\u2013171. Springer, Heidelberg (2011). \nhttps:\/\/doi.org\/10.1007\/978-3-642-23822-2_9"},{"key":"11_CR18","unstructured":"Balduzzi, M., Gimenez, C.T., Balzarotti, D., Kirda, E.: Automated discovery of parameter pollution vulnerabilities in web applications. In: Proceedings of the 18th Annual Network and Distributed System Security Symposium, pp. 1\u201316 (2011)"},{"key":"11_CR19","doi-asserted-by":"crossref","unstructured":"Su, Z., Wassermann, G.: The essence of command injection attacks in web applications. In: Conference Record of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 372\u2013382. ACM, Charleston (2006)","DOI":"10.1145\/1111320.1111070"},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"Tajbakhsh, M.S., Bagherzadeh, J.: A sound framework for dynamic prevention of Local File Inclusion. In: 2015 7th Conference on Information and Knowledge Technology (IKT), pp. 1\u20136 (2015)","DOI":"10.1109\/IKT.2015.7288798"},{"key":"11_CR21","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"157","DOI":"10.1007\/978-3-319-23207-2_16","volume-title":"Genetic and Evolutionary Computing","author":"EE Han","year":"2016","unstructured":"Han, E.E.: Detection of web application attacks with request length module and regex pattern analysis. In: Zin, T.T., Lin, J.C.-W., Pan, J.-S., Tin, P., Yokota, M. (eds.) GEC 2015. AISC, vol. 388, pp. 157\u2013165. Springer, Cham (2016). \nhttps:\/\/doi.org\/10.1007\/978-3-319-23207-2_16"},{"key":"11_CR22","unstructured":"Saxe, J., Berlin, K.: eXpose: a character-level convolutional neural network with embeddings for detecting malicious URLs, file paths and registry keys. \narXiv:1702.08568\n\n [cs] (2017)"},{"key":"11_CR23","doi-asserted-by":"crossref","unstructured":"Kruegel, C., Vigna, G.: Anomaly detection of web-based attacks. Presented at the Proceedings of the 10th ACM Conference on Computer and Communications Security (2003)","DOI":"10.1145\/948109.948144"},{"key":"11_CR24","doi-asserted-by":"publisher","first-page":"717","DOI":"10.1016\/j.comnet.2005.01.009","volume":"48","author":"C Kruegel","year":"2005","unstructured":"Kruegel, C., Vigna, G., Robertson, W.: A multi-model approach to the detection of web-based attacks. Comput. Netw. 48, 717\u2013738 (2005)","journal-title":"Comput. Netw."},{"key":"11_CR25","doi-asserted-by":"crossref","unstructured":"Corona, I., Ariu, D., Giacinto, G.: HMM-Web: a framework for the detection of attacks against web applications. In: 2009 IEEE International Conference on Communications, pp. 1\u20136. IEEE (2009)","DOI":"10.1109\/ICC.2009.5199054"},{"key":"11_CR26","unstructured":"Corona, I., Giacinto, G.: Detection of server-side web attacks. In: Proceedings of the First Workshop on Applications of Pattern Analysis, pp. 160\u2013166 (2010)"},{"key":"11_CR27","unstructured":"Corona, I., Tronci, R., Giacinto, G.: SuStorID: a multiple classifier system for the protection of web services. In: Proceedings of the 21st International Conference on Pattern Recognition (ICPR 2012), pp. 2375\u20132378. IEEE (2012)"},{"key":"11_CR28","doi-asserted-by":"crossref","unstructured":"Zolotukhin, M., Hamalainen, T., Kokkonen, T., Siltanen, J.: Analysis of HTTP requests for anomaly detection of web attacks. In: 2014 IEEE 12th International Conference on Dependable, Autonomic and Secure Computing, pp. 406\u2013411. IEEE, Dalian (2014)","DOI":"10.1109\/DASC.2014.79"},{"key":"11_CR29","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1093\/jigpal\/jzu038","volume":"23","author":"M Choras","year":"2015","unstructured":"Choras, M., Kozik, R.: Machine learning techniques applied to detect cyber attacks on web applications. Log. J. IGPL 23, 45\u201356 (2015)","journal-title":"Log. J. IGPL"},{"key":"11_CR30","doi-asserted-by":"crossref","unstructured":"Bronte, R., Shahriar, H., Haddad, H.: Information theoretic anomaly detection framework for web application. In: 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC), pp. 394\u2013399. IEEE (2016)","DOI":"10.1109\/COMPSAC.2016.139"},{"key":"11_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"828","DOI":"10.1007\/978-3-319-70139-4_84","volume-title":"Neural Information Processing","author":"M Zhang","year":"2017","unstructured":"Zhang, M., Xu, B., Bai, S., Lu, S., Lin, Z.: A deep learning method to detect web attacks using a specially designed CNN. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, E.S. (eds.) ICONIP 2017. LNCS, vol. 10638, pp. 828\u2013836. Springer, Cham (2017). \nhttps:\/\/doi.org\/10.1007\/978-3-319-70139-4_84"},{"key":"11_CR32","unstructured":"Gimenez, C.T., Villegas, A.P., Maranon, G.A.: HTTP dataset CSIC 2010 (2012). \nhttp:\/\/www.isi.csic.es\/dataset\/"}],"container-title":["Lecture Notes in Computer Science","Cyberspace Safety and Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-37352-8_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,1,3]],"date-time":"2020-01-03T00:36:17Z","timestamp":1578011777000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-37352-8_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030373511","9783030373528"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-37352-8_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"3 January 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CSS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Cyberspace Safety and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guangzhou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"css2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/nsclab.org\/css2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"235","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"61","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"40","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}