Web application plays a crucial role in facilitating business operation and user service for numerous organizations.Data interaction and sharing are achieved through web browsers,while due to the involvement of sensitive infor-mation and business data,websites and databases often become targets of various high-frequency Web attack.With the continuous emergence of new types of Web attack,traditional Web attack detection technologies have be-come inadequate,and domestic and foreign scholars have started to adopt novel approaches for attack detection re-search.Based on an extensive review of domestic and foreign literature from the past three years,this paper firstly describes the process of Web attack and related concept,as well as comprehensively analyzes the current state of Web application attack.Subsequently,the latest detection methods are summarized from three perspectives of ma-chine learning and deep learning,optimization of Web application firewall(WAF),as well as Web honeypot de-ception technology,and the performance and advantages of different models are compared and analyzed.Finally,the challenges associated with detecting Web attack are summarized,and prospects for future research are provided.
Web attack detectionmachine learningdeep learningfirewallhoneypot
NETL
NSTL
维普
万方数据
