A classification-by-retrieval framework for few-shot anomaly detection to detect API injection

Udi Aharon; Ran Dubin; Amit Dvir; Chen Hajaj

A classification-by-retrieval framework for few-shot anomaly detection to detect API injection

Udi Aharon, Ran Dubin, Amit Dvir, Chen Hajaj

Published: 01 Jan 2025, Last Modified: 15 May 2025Comput. Secur. 2025EveryoneRevisionsBibTeXCC BY-SA 4.0

Abstract: Highlights•A novel unsupervised few-shot anomaly detection framework to detect API Injection attacks.•Introduced a tokenizer designed to capture and emphasize language factors specific to APIs, addressing unique NLP challenges.•Leveraged FastText embedding combined with Approximate Nearest Neighbor search, employing a Classification-by-retrieval approach.•Validated the framework using public HTTP datasets against cutting-edge techniques.

Loading