Skip to main content
SpringerLink
Log in

Experimental Study on the Effectiveness of Machine Learning Methods in Web Intrusion Detection

  • Conference paper
  • First Online:
Advances in Information, Communication and Cybersecurity (ICI2C 2021)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 357))

Abstract

Web-based attacks have been more sophisticated and hard to detect in recent years, relying on just using traditional intrusion detection systems may not be enough. In this respect, intrusion detection and prevention systems using Machine learning methods have been important in recent literature. In this paper, we present an experimental study on the effectiveness of Machine learning methods in web intrusion detection. In which, We have investigated and compared four types of ML classifiers often used in the cybersecurity domain: KNN, Decision Tree, Multinomial, and Bernoulli Naive Bayes, SVM Linear, Sigmoid, and RBF. The experimental results based on ECML/PKDD 2007 and CSIC HTTP 2010 dataset showed that SVM RBF and Decision Tree classifiers achieved better performance in terms of Accuracy, Recall, Precision, F-value, FPR, and FNR than others.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aburomman, A.A., Reaz, M.B.I.: A survey of intrusion detection systems based on ensemble and hybrid classifiers (2016). https://doi.org/10.1016/j.cose.2016.11.004

  2. Valentini, G., Masulli, F.: Ensembles of Learning Machines. Springer, Heidelberg (2002). https://doi.org/10.1007/978-1-4419-9326-7

    Book  MATH  Google Scholar 

  3. Zhang, M., Xu, B., Bai, S., Lu, S., Lin, Z.: A deep learning method to detect web attacks using a specially designed CNN. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, E.-S.M. (eds.) ICONIP 2017. LNCS, vol. 10638, pp. 828–836. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70139-4_84

    Chapter  Google Scholar 

  4. Ghaffarian, S.M., Shahriari, H.R.: Software vulnerability analysis and discovery using machine-learning and data-mining techniques: a survey (2017). https://doi.org/10.1145/3092566

  5. Vartouni, A.M., Teshnehlab, M., Kashi, S.S.: Leveraging deep neural networks for anomaly-based web application firewall. IET Inf. Secur. 13, 352–361 (2019). https://doi.org/10.1049/iet-ifs.2018.5404

    Article  Google Scholar 

  6. Tekerek, A., Gemci, C., Bay, O.F.: Design and implementation of a web-based intrusion prevention system: a new hybrid model. J. Faculty Eng. Arhitect. Gazi Univ. (2016). https://doi.org/10.17341/gummfd.63355

  7. Torrano-Gimenez, C., Nguyen, H.T., Alvarez, G., Franke, K.: Combining expert knowledge with automatic feature extraction for reliable web attack detection (2015). https://doi.org/10.1002/sec.603

  8. Tekerek, A.: A novel architecture for web-based attack detection using convolutional neural network. Comput. Secur. 100, 102096 (2021). https://doi.org/10.1016/j.cose.2020.102096

    Article  Google Scholar 

  9. Choraś, M., Kozik, R.: Machine learning techniques applied to detect cyber attacks on web applications. Logic J. IGPL (2015). https://doi.org/10.1093/jigpal/jzu038

    Article  MathSciNet  Google Scholar 

  10. Tian, Z., Luo, C., Qiu, J., Du, X., Guizani, M.: A distributed deep learning system for web attack detection on edge devices (2019). https://doi.org/10.1109/TII.2019.2938778

  11. Kozik, R., Choraś, M., Renk, R., Hołubowicz, W.: A proposal of algorithm for web applications cyber attack detection. Comput. Inf. Syst. Ind. Manag. (2014). https://doi.org/10.1007/978-3-662-45237-0_61

  12. Smitha, R., Hareesha, K.S., Kundapur, P.P.: A machine learning approach for web intrusion detection: MAMLS perspective. In: Wang, J., Reddy, G.R.M., Prasad, V.K., Reddy, V.S. (eds.) Soft Computing and Signal Processing. AISC, vol. 900, pp. 119–133. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-3600-3_12

    Chapter  Google Scholar 

  13. Khan, N., Abdullah, J., Khan, A.S.: Defending malicious script attacks using machine learning classifiers. Wirel. Commun. Mob. Comput. (2017). https://doi.org/10.1155/2017/5360472

  14. Mereani, F.A., Howe, J.M.: Detecting cross-site scripting attacks using machine learning. In: Hassanien, A.E., Tolba, M.F., Elhoseny, M., Mostafa, M. (eds.) AMLTA 2018. AISC, vol. 723, pp. 200–210. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-74690-6_20

    Chapter  Google Scholar 

  15. Kar, D., Panigrahi, S., Sundararajan, S.: SQLiGoT: detecting SQL injection attacks using graph of tokens and SVM. Comput. Secur. 60, 206–225 (2016). https://doi.org/10.1016/j.cose.2016.04.005

    Article  Google Scholar 

  16. GitLab. https://gitlab.fing.edu.uy/gsi/web-application-attacks-datasets. Accessed 27 June 2021

  17. Betarte, G., Rodrigo, M., Pardo, A.: Web application attacks detection using machine learning techniques. IEEE (2018)

    Google Scholar 

  18. Scikit-learn/CountVectorizer. https://scikitlearn.org/stable/modules/generated/sklearn.feature_extraction.text.CountVectorizer.html. Accessed 27 June 2021

  19. Pietraszek, T.: Using adaptive alert classification to reduce false positives in intrusion detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 102–124. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30143-1_6

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratory LIMATI, FPBM, USMS University, Beni Mellal, Morocco

    Chakir Oumaima, Rehaimi Abdeslam, Sadqi Yassine & Farchane Abderrazek

Authors
  1. Chakir Oumaima
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rehaimi Abdeslam
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sadqi Yassine
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Farchane Abderrazek
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Sultan Moulay Slimane University, Beni Mellal, Morocco

    Yassine Maleh

  2. Charles Darwin University, Darwin, NT, Australia

    Mamoun Alazab

  3. Sultan Moulay Slimane University, Béni Mellal, Morocco

    Noreddine Gherabi

  4. San Antonio One University Way, Texas A&M University, San Antonio, TX, USA

    Lo’ai Tawalbeh

  5. Gamal Abd El-Nasir, Menoufia University, Menofia Governorate, Egypt

    Ahmed A. Abd El-Latif

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Oumaima, C., Abdeslam, R., Yassine, S., Abderrazek, F. (2022). Experimental Study on the Effectiveness of Machine Learning Methods in Web Intrusion Detection. In: Maleh, Y., Alazab, M., Gherabi, N., Tawalbeh, L., Abd El-Latif, A.A. (eds) Advances in Information, Communication and Cybersecurity. ICI2C 2021. Lecture Notes in Networks and Systems, vol 357. Springer, Cham. https://doi.org/10.1007/978-3-030-91738-8_44

Download citation

Publish with us

Policies and ethics

Search

Navigation