Web Attack Intrusion Detection System Using Machine Learning Techniques

M. Baklizi, Issa Atoum, Mohammad Alkhazaleh, Hasan Kanaker, Nibras Abdullah, O. A. Al-wesabi, A. Otoom
{"title":"Web Attack Intrusion Detection System Using Machine Learning Techniques","authors":"M. Baklizi, Issa Atoum, Mohammad Alkhazaleh, Hasan Kanaker, Nibras Abdullah, O. A. Al-wesabi, A. Otoom","doi":"10.3991/ijoe.v20i03.45249","DOIUrl":null,"url":null,"abstract":"Web attacks often target web applications because they can be accessed over a network and often have vulnerabilities. The success of an intrusion detection system (IDS) in detecting web attacks depends on an effective traffic classification system. Several previous studies have utilized machine learning classification methods to create an efficient IDS with various datasets for different types of attacks. This paper utilizes the Canadian Institute for Cyber Security’s (CIC-IDS2017) IDS dataset to assess web attacks. Importantly, the dataset contains 80 attributes of recent assaults, as reported in the 2016 McAfee report. Three machine learning algorithms have been evaluated in this research, namely random forests (RF), k-nearest neighbor (KNN), and naive bayes (NB). The primary goal of this research is to propose an effective machine learning algorithm for the IDS web attacks model. The evaluation compares the performance of three algorithms (RF, KNN, and NB) based on their accuracy and precision in detecting anomalous traffic. The results indicate that the RF outperformed the NB and KNN in terms of average accuracy achieved during the training phase. During the testing phase, the KNN algorithm outperformed others, achieving an average accuracy of 99.4916%. However, RF and KNN achieved 100% average precision and recall rates compared to other algorithms. Finally, the RF and KNN algorithms have been identified as the most effective for detecting IDS web attacks.","PeriodicalId":507997,"journal":{"name":"International Journal of Online and Biomedical Engineering (iJOE)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-02-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Online and Biomedical Engineering (iJOE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3991/ijoe.v20i03.45249","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Web attacks often target web applications because they can be accessed over a network and often have vulnerabilities. The success of an intrusion detection system (IDS) in detecting web attacks depends on an effective traffic classification system. Several previous studies have utilized machine learning classification methods to create an efficient IDS with various datasets for different types of attacks. This paper utilizes the Canadian Institute for Cyber Security’s (CIC-IDS2017) IDS dataset to assess web attacks. Importantly, the dataset contains 80 attributes of recent assaults, as reported in the 2016 McAfee report. Three machine learning algorithms have been evaluated in this research, namely random forests (RF), k-nearest neighbor (KNN), and naive bayes (NB). The primary goal of this research is to propose an effective machine learning algorithm for the IDS web attacks model. The evaluation compares the performance of three algorithms (RF, KNN, and NB) based on their accuracy and precision in detecting anomalous traffic. The results indicate that the RF outperformed the NB and KNN in terms of average accuracy achieved during the training phase. During the testing phase, the KNN algorithm outperformed others, achieving an average accuracy of 99.4916%. However, RF and KNN achieved 100% average precision and recall rates compared to other algorithms. Finally, the RF and KNN algorithms have been identified as the most effective for detecting IDS web attacks.
使用机器学习技术的网络攻击入侵检测系统
网络攻击通常以网络应用程序为目标,因为这些程序可以通过网络访问,而且往往存在漏洞。入侵检测系统(IDS)能否成功检测出网络攻击取决于有效的流量分类系统。之前的一些研究利用机器学习分类方法,针对不同类型的攻击创建了各种数据集,从而创建了高效的 IDS。本文利用加拿大网络安全研究所(CIC-IDS2017)的 IDS 数据集来评估网络攻击。重要的是,该数据集包含 2016 年 McAfee 报告中报告的 80 种近期攻击属性。本研究评估了三种机器学习算法,即随机森林(RF)、k-近邻(KNN)和天真贝叶斯(NB)。本研究的主要目标是为 IDS 网络攻击模型提出一种有效的机器学习算法。评估根据三种算法(RF、KNN 和 NB)在检测异常流量方面的准确度和精确度对其性能进行了比较。结果表明,在训练阶段,RF 的平均准确率优于 NB 和 KNN。在测试阶段,KNN 算法的表现优于其他算法,平均准确率达到 99.4916%。不过,与其他算法相比,RF 和 KNN 的平均精确率和召回率都达到了 100%。最后,RF 和 KNN 算法被确定为检测 IDS 网络攻击最有效的算法。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信