Fingerprinting web servers through Transformer-encoded HTTP response headers

arXiv:2404.00056v1 Announce Type: new
Abstract: We explored leveraging state-of-the-art deep learning, big data, and natural language processing to enhance the detection of vulnerable web server versions. Focusing on improving accuracy and specificity over rule-based systems, we conducted experiments by sending various ambiguous and non-standard HTTP requests to 4.77 million domains and capturing HTTP response status lines. We represented these status lines through training a BPE tokenizer and RoBERTa encoder for unsupervised masked language modeling. We then dimensionality reduced and concatenated …

accuracy art arxiv big big data cs.cr cs.lg cs.ni data deep learning detection domains fingerprinting headers http http requests language natural natural language natural language processing non requests response server servers standard state systems vulnerable web web server web servers