{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,2]],"date-time":"2026-02-02T21:12:58Z","timestamp":1770066778814,"version":"3.49.0"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783031216886","type":"print"},{"value":"9783031216893","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-21689-3_24","type":"book-chapter","created":{"date-parts":[[2022,11,18]],"date-time":"2022-11-18T10:03:56Z","timestamp":1668765836000},"page":"328-342","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Detecting Malicious HTTP Requests Without Log Parser Using RequestBERT-BiLSTM"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8951-6278","authenticated-orcid":false,"given":"Levi S.","family":"Ramos J\u00fanior","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2527-4548","authenticated-orcid":false,"given":"David","family":"Mac\u00eado","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5614-229X","authenticated-orcid":false,"given":"Adriano L. I.","family":"Oliveira","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6421-9747","authenticated-orcid":false,"given":"Cleber","family":"Zanchettin","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,11,19]]},"reference":[{"key":"24_CR1","unstructured":"Assigning attack signatures to security policies (2022). https:\/\/techdocs.f5.com\/kb\/en-us\/products\/big-ip_asm\/manuals\/product\/asm-bot-and-attack-signatures-13-0-0\/1.html"},{"key":"24_CR2","unstructured":"Althubiti, S., Yuan, X., Esterline, A.: Analyzing http requests for web intrusion detection (2017)"},{"key":"24_CR3","unstructured":"Chen, Z., Liu, J., Gu, W., Su, Y., Lyu, M.R.: Experience report: deep learning-based system log analysis for anomaly detection. CoRR abs\/2107.05908 (2021). https:\/\/arxiv.org\/abs\/2107.05908"},{"key":"24_CR4","doi-asserted-by":"publisher","unstructured":"Du, M., Li, F., Zheng, G., Srikumar, V.: DeepLog: anomaly detection and diagnosis from system logs through deep learning, pp. 1285\u20131298 (2017). https:\/\/doi.org\/10.1145\/3133956.3134015","DOI":"10.1145\/3133956.3134015"},{"key":"24_CR5","doi-asserted-by":"publisher","unstructured":"Guo, H., Yuan, S., Wu, X.: LogBERT: log anomaly detection via BERT, pp. 1\u20138 (2021). https:\/\/doi.org\/10.1109\/IJCNN52387.2021.9534113","DOI":"10.1109\/IJCNN52387.2021.9534113"},{"key":"24_CR6","doi-asserted-by":"publisher","unstructured":"He, P., Zhu, J., He, S., Li, J., Lyu, M.R.: An evaluation study on log parsing and its use in log mining, pp. 654\u2013661 (2016). https:\/\/doi.org\/10.1109\/DSN.2016.66","DOI":"10.1109\/DSN.2016.66"},{"key":"24_CR7","doi-asserted-by":"publisher","unstructured":"He, P., Zhu, J., Zheng, Z., Lyu, M.R.: Drain: an online log parsing approach with fixed depth tree, pp. 33\u201340 (2017). https:\/\/doi.org\/10.1109\/ICWS.2017.13","DOI":"10.1109\/ICWS.2017.13"},{"key":"24_CR8","doi-asserted-by":"publisher","unstructured":"He, S., Zhu, J., He, P., Lyu, M.R.: Experience report: system log analysis for anomaly detection, pp. 207\u2013218 (2016). https:\/\/doi.org\/10.1109\/ISSRE.2016.21","DOI":"10.1109\/ISSRE.2016.21"},{"key":"24_CR9","doi-asserted-by":"publisher","unstructured":"Ito, M., Iyatomi, H.: Web application firewall using character-level convolutional neural network, pp. 103\u2013106 (2018). https:\/\/doi.org\/10.1109\/CSPA.2018.8368694","DOI":"10.1109\/CSPA.2018.8368694"},{"key":"24_CR10","doi-asserted-by":"publisher","unstructured":"Jiang, Z., Hassan, A.E., Hamann, G., Flora, P.: An automated approach for abstracting execution logs to execution events, pp. 249\u2013267 (2008). https:\/\/doi.org\/10.1002\/smr.374","DOI":"10.1002\/smr.374"},{"key":"24_CR11","unstructured":"Kim, Y.: Convolutional neural networks for sentence classification. CoRR abs\/1408.5882 (2014). http:\/\/arxiv.org\/abs\/1408.5882"},{"key":"24_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/978-3-030-37352-8_11","volume-title":"Cyberspace Safety and Security","author":"X Kuang","year":"2019","unstructured":"Kuang, X., et al.: DeepWAF: detecting web attacks based on CNN and LSTM models. In: Vaidya, J., Zhang, X., Li, J. (eds.) CSS 2019. LNCS, vol. 11983, pp. 121\u2013136. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-37352-8_11"},{"key":"24_CR13","unstructured":"Le, V., Zhang, H.: Log-based anomaly detection without log parsing. CoRR abs\/2108.01955 (2021). https:\/\/arxiv.org\/abs\/2108.01955"},{"key":"24_CR14","doi-asserted-by":"publisher","unstructured":"Lu, S., Wei, X., Li, Y., Wang, L.: Detecting anomaly in big data system logs using convolutional neural network, pp. 151\u2013158 (2018). https:\/\/doi.org\/10.1109\/DASC\/PiCom\/DataCom\/CyberSciTec.2018.00037","DOI":"10.1109\/DASC\/PiCom\/DataCom\/CyberSciTec.2018.00037"},{"key":"24_CR15","doi-asserted-by":"crossref","unstructured":"Meng, W., et al.: LogAnomaly: unsupervised detection of sequential and quantitative anomalies in unstructured logs. In: IJCAI (2019)","DOI":"10.24963\/ijcai.2019\/658"},{"key":"24_CR16","doi-asserted-by":"publisher","unstructured":"Nagappan, M., Vouk, M.A.: Abstracting log lines to log event types for mining software system logs, pp. 114\u2013117 (2010). https:\/\/doi.org\/10.1109\/MSR.2010.5463281","DOI":"10.1109\/MSR.2010.5463281"},{"key":"24_CR17","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1007\/978-3-030-67667-4_8","volume-title":"Machine Learning and Knowledge Discovery in Databases: Applied Data Science Track","author":"S Nedelkoski","year":"2021","unstructured":"Nedelkoski, S., Bogatinovski, J., Acker, A., Cardoso, J., Kao, O.: Self-supervised log parsing. In: Dong, Y., Mladeni\u0107, D., Saunders, C. (eds.) ECML PKDD 2020. LNCS (LNAI), vol. 12460, pp. 122\u2013138. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-67667-4_8"},{"key":"24_CR18","doi-asserted-by":"crossref","unstructured":"Odumuyiwa, V., Chibueze, A.: Automatic detection of http injection attacks using convolutional neural network and deep neural network (2020)","DOI":"10.13052\/jcsm2245-1439.941"},{"key":"24_CR19","doi-asserted-by":"publisher","unstructured":"Oliner, A., Stearley, J.: What supercomputers say: a study of five system logs, pp. 575\u2013584 (2007). https:\/\/doi.org\/10.1109\/DSN.2007.103","DOI":"10.1109\/DSN.2007.103"},{"key":"24_CR20","unstructured":"Ra\u00efssi, C., Brissaud, J., Dray, G., Poncelet, P., Roche, M., Teisseire, M.: Web analyzing traffic challenge: description and results (2007)"},{"key":"24_CR21","doi-asserted-by":"publisher","unstructured":"Tang, L., Li, T., Perng, C.S.: LogSig: Generating System Events from Raw Textual Logs. Association for Computing Machinery, New York (2011). https:\/\/doi.org\/10.1145\/2063576.2063690","DOI":"10.1145\/2063576.2063690"},{"key":"24_CR22","series-title":"Advances in Intelligent and Soft Computing","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/978-3-642-04091-7_11","volume-title":"Computational Intelligence in Security for Information Systems","author":"C Torrano-Gimenez","year":"2009","unstructured":"Torrano-Gimenez, C., Perez-Villegas, A., Alvarez, G.: A self-learning anomaly-based web application firewall. In: Herrero, \u00c1., Gastaldo, P., Zunino, R., Corchado, E. (eds.) Computational Intelligence in Security for Information Systems. AISC, pp. 85\u201392. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04091-7_11"},{"key":"24_CR23","unstructured":"Vaswani, A., et al.: Attention is all you need. CoRR abs\/1706.03762 (2017). http:\/\/arxiv.org\/abs\/1706.03762"},{"key":"24_CR24","doi-asserted-by":"publisher","unstructured":"Xuan, C., Dinh, H., Victor, T.: Malicious URL detection based on machine learning. 11 (2020). https:\/\/doi.org\/10.14569\/IJACSA.2020.0110119","DOI":"10.14569\/IJACSA.2020.0110119"},{"key":"24_CR25","doi-asserted-by":"publisher","unstructured":"Yu, L., et al.: Detecting malicious web requests using an enhanced TextCNN, pp. 768\u2013777 (2020). https:\/\/doi.org\/10.1109\/COMPSAC48688.2020.0-167","DOI":"10.1109\/COMPSAC48688.2020.0-167"},{"key":"24_CR26","unstructured":"Zhu, J., et al.: Tools and benchmarks for automated log parsing. CoRR abs\/1811.03509 (2018). http:\/\/arxiv.org\/abs\/1811.03509"}],"container-title":["Lecture Notes in Computer Science","Intelligent Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-21689-3_24","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,11,21]],"date-time":"2022-11-21T00:15:14Z","timestamp":1668989714000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-21689-3_24"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031216886","9783031216893"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-21689-3_24","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"19 November 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"BRACIS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Brazilian Conference on Intelligent Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Campinas","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Brazil","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 November 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 December 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"bracis2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www2.sbc.org.br\/bracis2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"JEMS","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"225","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"89","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"40% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}