{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,21]],"date-time":"2026-04-21T03:03:39Z","timestamp":1776740619746,"version":"3.51.2"},"reference-count":34,"publisher":"Wiley","license":[{"start":{"date-parts":[[2021,2,11]],"date-time":"2021-02-11T00:00:00Z","timestamp":1613001600000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61941114"],"award-info":[{"award-number":["61941114"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62001055"],"award-info":[{"award-number":["62001055"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["4204107"],"award-info":[{"award-number":["4204107"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100005089","name":"Beijing Municipal Natural Science Foundation","doi-asserted-by":"publisher","award":["61941114"],"award-info":[{"award-number":["61941114"]}],"id":[{"id":"10.13039\/501100005089","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100005089","name":"Beijing Municipal Natural Science Foundation","doi-asserted-by":"publisher","award":["62001055"],"award-info":[{"award-number":["62001055"]}],"id":[{"id":"10.13039\/501100005089","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100005089","name":"Beijing Municipal Natural Science Foundation","doi-asserted-by":"publisher","award":["4204107"],"award-info":[{"award-number":["4204107"]}],"id":[{"id":"10.13039\/501100005089","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2021,2,11]]},"abstract":"<jats:p>Anomaly-based Web application firewalls (WAFs) are vital for providing early reactions to novel Web attacks. In recent years, various machine learning, deep learning, and transfer learning-based anomaly detection approaches have been developed to protect against Web attacks. Most of them directly treat the request URL as a general string that consists of letters and roughly use natural language processing (NLP) methods (i.e., Word2Vec and Doc2Vec) or domain knowledge to extract features. In this paper, we proposed an improved feature extraction approach which leveraged the advantage of the semantic structure of URLs. Semantic structure is an inherent interpretative property of the URL that identifies the function and vulnerability of each part in the URL. The evaluations on CSIC-2020 show that our feature extraction method has better performance than conventional feature extraction routine by more than average dramatic 5% improvement in accuracy, recall, and F1-score.<\/jats:p>","DOI":"10.1155\/2021\/6661124","type":"journal-article","created":{"date-parts":[[2021,2,12]],"date-time":"2021-02-12T01:05:33Z","timestamp":1613091933000},"page":"1-11","source":"Crossref","is-referenced-by-count":9,"title":["An Improved Feature Extraction Approach for Web Anomaly Detection Based on Semantic Structure"],"prefix":"10.1155","volume":"2021","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9740-0654","authenticated-orcid":true,"given":"Zishuai","family":"Cheng","sequence":"first","affiliation":[{"name":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"},{"name":"The National Engineering Laboratory for Mobile Network, Beijing 100876, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6937-4068","authenticated-orcid":true,"given":"Baojiang","family":"Cui","sequence":"additional","affiliation":[{"name":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"},{"name":"The National Engineering Laboratory for Mobile Network, Beijing 100876, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1496-3046","authenticated-orcid":true,"given":"Tao","family":"Qi","sequence":"additional","affiliation":[{"name":"School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3674-0428","authenticated-orcid":true,"given":"Wenchuan","family":"Yang","sequence":"additional","affiliation":[{"name":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"},{"name":"The National Engineering Laboratory for Mobile Network, Beijing 100876, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2445-1987","authenticated-orcid":true,"given":"Junsong","family":"Fu","sequence":"additional","affiliation":[{"name":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"},{"name":"The National Engineering Laboratory for Mobile Network, Beijing 100876, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"311","reference":[{"key":"1","first-page":"123","article-title":"Web services","volume-title":"Web Services","author":"G. Alonso","year":"2004"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2011.05.008"},{"key":"3","article-title":"Maintaining perspective on who is the enemy in the security systems administration of computer networks","author":"W. Yurcik"},{"key":"4","doi-asserted-by":"crossref","DOI":"10.1007\/978-94-015-3994-4","volume-title":"Identification of Outliers","author":"D. M. Hawkins","year":"1980"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.5120\/3399-4730"},{"key":"6","first-page":"1","article-title":"Anomaly-based web application firewall using http-specific features and one-class svm","volume":"2","author":"R. Funk","year":"2018","journal-title":"Revista Eletr\u00f4nica Argentina-Brasil de Tecnologias da Informa\u00e7\u00e3o e da Comunica\u00e7\u00e3o"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1504\/ijhpcn.2018.094367"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.1109\/ANTS.2018.8710080"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1109\/CFIS.2018.8336654"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2017.07.009"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1109\/DASC.2014.79"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772753"},{"key":"13","first-page":"20","article-title":"A novel web anomaly detection approach based on semantic structure","author":"Z. Cheng"},{"key":"14","article-title":"HTTP data set CSIC 2010","author":"Gim\u00e9nez","year":"2010"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1109\/tse.1987.232894"},{"key":"16","first-page":"804","article-title":"A high-performance web attack detection method based on CNN-GRU model","author":"Q. Niu"},{"key":"17","doi-asserted-by":"crossref","article-title":"Sql injection behavior mining based deep learning","author":"P. Tang","DOI":"10.1007\/978-3-030-05090-0_38"},{"key":"18","doi-asserted-by":"crossref","first-page":"25","DOI":"10.1007\/978-3-642-21323-6_4","article-title":"Application of the generic feature selection measure in detection of web attacks","volume-title":"Computational Intelligence in Security for Information Systems","author":"H. T. Nguyen","year":"2011"},{"key":"19","doi-asserted-by":"publisher","DOI":"10.1002\/sec.603"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.12.016"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1109\/access.2020.2969428"},{"key":"22","doi-asserted-by":"crossref","article-title":"Anomaly detection of web-based attacks","author":"C. Kruegel","DOI":"10.1145\/948109.948144"},{"key":"23","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2005.01.009"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2004.01.006"},{"key":"25","doi-asserted-by":"crossref","article-title":"Anomalous payload-based network intrusion detection","author":"K. Wang","DOI":"10.1007\/978-3-540-30143-1_11"},{"key":"26","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2020.3038761"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2019.2938778"},{"key":"28","first-page":"622","article-title":"Convolutional neural network with character embeddings for malicious web request detection","author":"J. Wu"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102096"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772753"},{"key":"31","article-title":"UPCA: an efficient URL-pattern based algorithm for accurate web page classification","author":"Y. Yang"},{"key":"32","doi-asserted-by":"crossref","DOI":"10.17487\/rfc2616","volume-title":"Hypertext transfer protocol\u2013HTTP\/1.1","author":"R. Fielding","year":"1999"},{"key":"33","doi-asserted-by":"publisher","DOI":"10.1109\/ICISE.2010.5690798"},{"key":"34","doi-asserted-by":"publisher","DOI":"10.1109\/ICM.2011.308"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/6661124.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/6661124.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2021\/6661124.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,2,12]],"date-time":"2021-02-12T01:05:41Z","timestamp":1613091941000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2021\/6661124\/"}},"subtitle":[],"editor":[{"given":"Zhe-Li","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2021,2,11]]},"references-count":34,"alternative-id":["6661124","6661124"],"URL":"https:\/\/doi.org\/10.1155\/2021\/6661124","relation":{},"ISSN":["1939-0122","1939-0114"],"issn-type":[{"value":"1939-0122","type":"electronic"},{"value":"1939-0114","type":"print"}],"subject":[],"published":{"date-parts":[[2021,2,11]]}}}