Update README.md
Browse files
README.md
CHANGED
|
@@ -26,13 +26,11 @@ This modelcard aims to be a base template for new models. It has been generated
|
|
| 26 |
|
| 27 |
- **Developed by:** [noobpk](https://github.com/noobpk/)
|
| 28 |
|
| 29 |
-
### Model Sources
|
| 30 |
|
| 31 |
<!-- Provide the basic links for the model. -->
|
| 32 |
|
| 33 |
-
- **Repository:** [More Information Needed]
|
| 34 |
- **Paper :** [Research and Development of a Smart Solution for Runtime Web Application Self-Protection](https://doi.org/10.1145/3628797.3628901)
|
| 35 |
-
- **Demo [optional]:** [More Information Needed]
|
| 36 |
|
| 37 |
## Uses
|
| 38 |
|
|
@@ -93,7 +91,16 @@ Use the code below to get started with the model.
|
|
| 93 |
|
| 94 |
#### Training Hyperparameters
|
| 95 |
|
| 96 |
-
- **Training regime:**
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 97 |
|
| 98 |
#### Speeds, Sizes, Times [optional]
|
| 99 |
|
|
@@ -123,6 +130,7 @@ Use the code below to get started with the model.
|
|
| 123 |
|
| 124 |
<!-- These are the evaluation metrics being used, ideally with a description of why. -->
|
| 125 |
|
|
|
|
| 126 |
[More Information Needed]
|
| 127 |
|
| 128 |
### Results
|
|
@@ -131,55 +139,44 @@ Use the code below to get started with the model.
|
|
| 131 |
|
| 132 |
#### Summary
|
| 133 |
|
| 134 |
-
|
| 135 |
-
|
| 136 |
-
## Model Examination [optional]
|
| 137 |
-
|
| 138 |
-
<!-- Relevant interpretability work for the model goes here -->
|
| 139 |
-
|
| 140 |
-
[More Information Needed]
|
| 141 |
-
|
| 142 |
-
## Environmental Impact
|
| 143 |
-
|
| 144 |
-
<!-- Total emissions (in grams of CO2eq) and additional considerations, such as electricity usage, go here. Edit the suggested text below accordingly -->
|
| 145 |
-
|
| 146 |
-
Carbon emissions can be estimated using the [Machine Learning Impact calculator](https://mlco2.github.io/impact#compute) presented in [Lacoste et al. (2019)](https://arxiv.org/abs/1910.09700).
|
| 147 |
-
|
| 148 |
-
- **Hardware Type:** [More Information Needed]
|
| 149 |
-
- **Hours used:** [More Information Needed]
|
| 150 |
-
- **Cloud Provider:** [More Information Needed]
|
| 151 |
-
- **Compute Region:** [More Information Needed]
|
| 152 |
-
- **Carbon Emitted:** [More Information Needed]
|
| 153 |
-
|
| 154 |
## Technical Specifications [optional]
|
| 155 |
|
| 156 |
### Model Architecture and Objective
|
| 157 |
|
| 158 |
-
[
|
| 159 |
|
| 160 |
### Compute Infrastructure
|
| 161 |
|
| 162 |
-
|
| 163 |
-
|
| 164 |
-
#### Hardware
|
| 165 |
-
|
| 166 |
-
[More Information Needed]
|
| 167 |
|
| 168 |
#### Software
|
| 169 |
|
| 170 |
-
|
| 171 |
|
| 172 |
-
## Citation
|
| 173 |
|
| 174 |
<!-- If there is a paper or blog post introducing the model, the APA and Bibtex information for that should go in this section. -->
|
| 175 |
|
| 176 |
**BibTeX:**
|
| 177 |
|
| 178 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 179 |
|
| 180 |
-
**APA:**
|
| 181 |
-
|
| 182 |
-
[More Information Needed]
|
| 183 |
|
| 184 |
## Glossary [optional]
|
| 185 |
|
|
|
|
| 26 |
|
| 27 |
- **Developed by:** [noobpk](https://github.com/noobpk/)
|
| 28 |
|
| 29 |
+
### Model Sources
|
| 30 |
|
| 31 |
<!-- Provide the basic links for the model. -->
|
| 32 |
|
|
|
|
| 33 |
- **Paper :** [Research and Development of a Smart Solution for Runtime Web Application Self-Protection](https://doi.org/10.1145/3628797.3628901)
|
|
|
|
| 34 |
|
| 35 |
## Uses
|
| 36 |
|
|
|
|
| 91 |
|
| 92 |
#### Training Hyperparameters
|
| 93 |
|
| 94 |
+
- **Training regime:**
|
| 95 |
+
learning_rate : 0.001
|
| 96 |
+
activation : relu
|
| 97 |
+
batch_size : 256
|
| 98 |
+
loss : binary_crossentropy
|
| 99 |
+
optimizer : Adam
|
| 100 |
+
Conv1D : 32 - 64 - 128 - 256 - 512
|
| 101 |
+
GRU : 32 - 64 - 128 - 256 - 512
|
| 102 |
+
|
| 103 |
+
|
| 104 |
|
| 105 |
#### Speeds, Sizes, Times [optional]
|
| 106 |
|
|
|
|
| 130 |
|
| 131 |
<!-- These are the evaluation metrics being used, ideally with a description of why. -->
|
| 132 |
|
| 133 |
+
|
| 134 |
[More Information Needed]
|
| 135 |
|
| 136 |
### Results
|
|
|
|
| 139 |
|
| 140 |
#### Summary
|
| 141 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 142 |
## Technical Specifications [optional]
|
| 143 |
|
| 144 |
### Model Architecture and Objective
|
| 145 |
|
| 146 |
+
|
| 147 |
|
| 148 |
### Compute Infrastructure
|
| 149 |
|
| 150 |
+
- Google Colab Pro
|
|
|
|
|
|
|
|
|
|
|
|
|
| 151 |
|
| 152 |
#### Software
|
| 153 |
|
| 154 |
+
- Jupiter Notebook
|
| 155 |
|
| 156 |
+
## Citation
|
| 157 |
|
| 158 |
<!-- If there is a paper or blog post introducing the model, the APA and Bibtex information for that should go in this section. -->
|
| 159 |
|
| 160 |
**BibTeX:**
|
| 161 |
|
| 162 |
+
@inproceedings{10.1145/3628797.3628901,
|
| 163 |
+
author = {Le-Thanh, Phuc and Le-Anh, Tuan and Le-Trung, Quan},
|
| 164 |
+
title = {Research and Development of a Smart Solution for Runtime Web Application Self-Protection},
|
| 165 |
+
year = {2023},
|
| 166 |
+
isbn = {9798400708916},
|
| 167 |
+
publisher = {Association for Computing Machinery},
|
| 168 |
+
address = {New York, NY, USA},
|
| 169 |
+
url = {https://doi.org/10.1145/3628797.3628901},
|
| 170 |
+
doi = {10.1145/3628797.3628901},
|
| 171 |
+
abstract = {In contemporary times, ensuring web application security is a critical concern for organizations due to the prevalence of numerous types of attacks that serve diverse purposes. While traditional security measures such as web application firewalls (WAF) and intrusion detection systems (IDS) can help mitigate attacks, there is still a possibility of them being circumvented or compromised. A more efficacious approach is to adopt runtime application self-protection (RASP) solutions integrated within the web application. This solution has demonstrated its effectiveness by aiding in early attack detection and rapid attack mitigation. In this research, we propose a smart solution for runtime web application self-protection (RASP) to protect against vulnerabilities, attacks, and common weaknesses that have been rated among the top ten web security risks in 2021 by the Open Web Application Security Project (OWASP). The proposed solution leverages convolutional neural network (CNN) and a family of recurrent neural network (RNN) techniques. It builds a deep learning model with deep neural network architectures that scrutinizes user requests, thereby detecting potential SQL injection (SQLi), Cross-Site scripting (XSS), command injection (CMDi), and other types of attacks. The solution is designed to dynamically adapt to the application’s behavior and traffic, with the goal of minimizing false positives and preventing the blocking of legitimate traffic. Furthermore, the proposed solution, based on a microservices architecture, enhances the flexibility of the prediction module during upgrades and automated deployment. It is integrated with MLOps and DevSecOps and is also designed to be compatible with RESTful API servers. Our results have validated the efficacy of this solution in providing real-time application protection.},
|
| 172 |
+
booktitle = {Proceedings of the 12th International Symposium on Information and Communication Technology},
|
| 173 |
+
pages = {304–311},
|
| 174 |
+
numpages = {8},
|
| 175 |
+
keywords = {Convolutional Neural Network (CNN), Deep Learning, Gated Recurrent Unit (GRU)., Long Short-Term Memory (LSTM), Recurrent Neural Network (RNN), Runtime Application Self-Protection (RASP), Web Application Security},
|
| 176 |
+
location = {Ho Chi Minh, Vietnam},
|
| 177 |
+
series = {SOICT '23}
|
| 178 |
+
}
|
| 179 |
|
|
|
|
|
|
|
|
|
|
| 180 |
|
| 181 |
## Glossary [optional]
|
| 182 |
|