Abstract

In the era of information technology, the use of computer technology for both work and personal use is growing rapidly with time. Unfortunately, with the increasing number and size of computer networks and systems, their vulnerability also increases. Protecting web applications of organizations is becoming increasingly relevant as most of the transactions are carried out over the Internet. Traditional security devices control attacks at the network level, but modern web attacks occur through the HTTP protocol at the application level. On the other hand, the attacks often come together. For example, a denial of service attack is used to hide code injection attacks. The system administrator spends a lot of time to keep the system running, but they may forget the code injection attacks. Therefore, the main task for system administrators is to detect network attacks at the application level using a web application firewall and apply effective algorithms in this firewall to train web application firewalls automatically for increasing his efficiency. The article introduces parameterization of the task for increasing the accuracy of query classification by the random forest method, thereby creating the basis for detecting attacks at the application level.

中文翻译：

---

使用随机森林方法和分析属性HTTP请求提高Web应用程序防火墙检测代码注入攻击的效率

摘要

在信息技术时代，随着时间的流逝，计算机技术在工作和个人用途中的使用都在迅速增长。不幸的是，随着计算机网络和系统的数量和规模的增加，它们的脆弱性也增加了。随着大多数交易是通过Internet进行的，保护组织的Web应用程序变得越来越重要。传统的安全设备在网络级别控制攻击，但是现代的Web攻击在应用程序级别通过HTTP协议进行。另一方面，攻击通常会合并在一起。例如，拒绝服务攻击用于隐藏代码注入攻击。系统管理员花费大量时间来保持系统运行，但是他们可能会忘记代码注入攻击。因此，系统管理员的主要任务是使用Web应用程序防火墙在应用程序级别检测网络攻击，并在此防火墙中应用有效的算法来自动训练Web应用程序防火墙以提高其效率。本文介绍了通过随机森林方法对任务进行参数化以提高查询分类的准确性的方法，从而为在应用程序级别检测攻击奠定了基础。