Evaluating BiLSTM_v۱ and BiLSTM_v۲: A Comparative Study of Bidirectional Long Short-Term Memory Networks for Web Attack Detection

In the domain of cybersecurity, the prompt and accurate detection of web attacks is of critical importance. This paper presents a comparative analysis of two bidirectional Long Short-Term Memory (BiLSTM) models, BiLSTM_v۱ and BiLSTM_v۲, for detecting web-based attacks using the CSIC ۲۰۱۰ dataset. Both models employ advanced preprocessing techniques and synthetic data balancing via the SMOTE algorithm to enhance their performance. The BiLSTM_v۱ model incorporates spatial dropout and batch normalization layers, whereas the BiLSTM_v۲ model integrates additional dropout layers to potentially mitigate overfitting. The training and validation phases were rigorously executed, with performance metrics such as accuracy, precision, recall, F۱-score, and AUC (Area Under Curve) serving as the primary evaluation criteria. The BiLSTM_v۱ model achieved a test accuracy of ۹۸.۳۱% and an AUC of ۹۹.۹۱%, while the BiLSTM_v۲ model demonstrated a slightly superior performance with a test accuracy of ۹۸.۴۳% and an AUC of ۹۹.۹۲%. These results suggest that the architecture of BiLSTM_v۲ offers marginally better performance in web attack detection. The findings underscore the efficacy of BiLSTM networks in cybersecurity applications and provide a foundation for further advancements in intrusion detection systems.