Web Attack Intrusion Detection System Using Machine Learning Techniques

Authors

DOI:

https://doi.org/10.3991/ijoe.v20i03.45249

Keywords:

Intrusion detection systems, CIC-IDS2017, Machine learning, false alarms, Naive Bayes (NB), K-Nearest neighbors (KNN), Random Forest (RF)

Abstract


Web attacks often target web applications because they can be accessed over a network and often have vulnerabilities. The success of an intrusion detection system (IDS) in detecting web attacks depends on an effective traffic classification system. Several previous studies have utilized machine learning classification methods to create an efficient IDS with various datasets for different types of attacks. This paper utilizes the Canadian Institute for Cyber Security’s (CIC-IDS2017) IDS dataset to assess web attacks. Importantly, the dataset contains 80 attributes of recent assaults, as reported in the 2016 McAfee report. Three machine learning algorithms have been evaluated in this research, namely random forests (RF), k-nearest neighbor (KNN), and naive bayes (NB). The primary goal of this research is to propose an effective machine learning algorithm for the IDS web attacks model. The evaluation compares the performance of three algorithms (RF, KNN, and NB) based on their accuracy and precision in detecting anomalous traffic. The results indicate that the RF outperformed the NB and KNN in terms of average accuracy achieved during the training phase. During the testing phase, the KNN algorithm outperformed others, achieving an average accuracy of 99.4916%. However, RF and KNN achieved 100% average precision and recall rates compared to other algorithms. Finally, the RF and KNN algorithms have been identified as the most effective for detecting IDS web attacks.

Author Biographies

Mahmoud Baklizi

Department of Cybersecurity, Faculty of Information Technology, Isra University, Jordan

Issa Atoum

Software Engineering Department, Faculty of Information Technology, The World Islamic Sciences and Education, Amman 11947, Jordan

Mohammad Alkhazaleh

Department of Computer Sciences, Faculty of Information Technology, Isra University, Jordan

Hasan Kanaker

Department of Cybersecurity, Faculty of Information Technology, Isra University, Jordan

Ahmed Ali Otoom

Cybersecurity and Cloud Computing Department, Faculty of Information Technology, Applied Science Private University, Jordan.

Cover iJOE – Vol 20, No 03, 2024

Downloads

Published

2024-02-27

How to Cite

Baklizi, M. K., Atoum, I. ., Alkhazaleh, M., Kanaker, H. ., Abdullah, N., Al-Wesabi, O. A., & Otoom, A. (2024). Web Attack Intrusion Detection System Using Machine Learning Techniques. International Journal of Online and Biomedical Engineering (iJOE), 20(03), pp. 24–38. https://doi.org/10.3991/ijoe.v20i03.45249

Issue

Vol. 20 No. 03 (2024)

Section

Papers

License

Copyright (c) 2023 NIBRAS FAQERA, Mahmoud Khalid Baklizi, Issa Atoum, Mohammad Alkhazaleh, Hasan Kanaker, Ahmed Ali Otoom

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The submitting author warrants that the submission is original and that she/he is the author of the submission together with the named co-authors; to the extend the submission incorporates text passages, figures, data or other material from the work of others, the submitting author has obtained any necessary permission.
Articles in this journal are published under the Creative Commons Attribution Licence (CC-BY What does this mean?). This is to get more legal certainty about what readers can do with published articles, and thus a wider dissemination and archiving, which in turn makes publishing with this journal more valuable for you, the authors.
By submitting an article the author grants to this journal the non-exclusive right to publish it. The author retains the copyright and the publishing rights for his article without any restrictions.