Paper Info
Title
Detecting Malicious Behavior in Microservice Based Web Applications
Abstract
Not only the increased complexity of the malicious acts on the Internet, but also the continuous increase of new attack methods compromise Internet-based services as a threat to the modern society. In this study, malicious behavior in a microservices-based web application is detected by measuring the patterns of CRUD (create, read, update, delete) access. The aim of this paper is to detect malicious users (or even the first malicious attempt of a trustworthy user) as soon as the action occurred according to the characteristics of the sequential use of microservices. The proposed approach renders OWASP Foundation's Top 10 critical web application security risks as possible attack vectors. Thus, a data set including such attacks together with mostly benign behavior is generated and measured on the microservices-based web application. The data set is then used to determine benign and malicious classes of behavior using RandomForest, NaiveBayes, J48, AdaBoost, ZeroR, Bagging, Logistic Regression and K-Star machine learning algorithms. The best malicious behavior detection accuracy encountered during experiments is an auspicious 99.36% using RandomForest classification algorithm. After the classification of malicious behavior, the respective user's further access to the microservices could be blocked to prevent the waste of resources.
Year
DOI
Venue
2019
10.1109/SIU.2019.8806294
Signal Processing and Communications Applications Conference
Keywords
Field
DocType
Malicious Behavior,Web Attacks,Microservice,Machine learning,Web Application,Data Classification
AdaBoost,Pattern recognition,Computer security,Trustworthiness,Computer science,C4.5 algorithm,Web application security,Artificial intelligence,Microservices,Data classification,Web application,The Internet
Conference
ISSN
Citations 
PageRank 
2165-0608
0
0.34
References 
Authors
0
2
Name
Order
Citations
PageRank
Mustafa Özbek100.34
Mehmet Tahir Sandikkaya2204.49