As web applications become increasingly integrated into digital infrastructure, they are also becoming prime targets for cyberattacks. This chapter introduces a novel semantic-aware web security framework that leverages Large Language Models (LLMs) to detect and mitigate web-based attacks. Traditional Intrusion Detection Systems (IDS) often rely on statistical analysis and flow-based detection methods that struggle to capture the contextual meaning of web-traffic data. Our approach enhances web security by combining Term Frequency-Inverse Document Frequency (TF-IDF) with LLM embeddings to extract both lexical and semantic features from network payloads. Using this hybrid model, we achieve superior performance in identifying sophisticated web-based attacks such as Structured Query Language (SQL) injection, Cross-Site Scripting (XSS), and command injection. Evaluations on the CIC-IoT-2023 and CIC-IDS-2017 datasets demonstrate the system’s ability to generalize across different attack types, outperforming traditional methods. The results underscore the need to incorporate semantic analysis into web security to improve threat detection and mitigation.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Semantic-Aware Web Security: Detecting Attacks with a Large Language Model

  • Syed Wali,
  • Yasir Ali Farrukh,
  • Irfan Khan

摘要

As web applications become increasingly integrated into digital infrastructure, they are also becoming prime targets for cyberattacks. This chapter introduces a novel semantic-aware web security framework that leverages Large Language Models (LLMs) to detect and mitigate web-based attacks. Traditional Intrusion Detection Systems (IDS) often rely on statistical analysis and flow-based detection methods that struggle to capture the contextual meaning of web-traffic data. Our approach enhances web security by combining Term Frequency-Inverse Document Frequency (TF-IDF) with LLM embeddings to extract both lexical and semantic features from network payloads. Using this hybrid model, we achieve superior performance in identifying sophisticated web-based attacks such as Structured Query Language (SQL) injection, Cross-Site Scripting (XSS), and command injection. Evaluations on the CIC-IoT-2023 and CIC-IDS-2017 datasets demonstrate the system’s ability to generalize across different attack types, outperforming traditional methods. The results underscore the need to incorporate semantic analysis into web security to improve threat detection and mitigation.