Malicious Web Session Detection with Ensemble-Based Methods

Dilek Yılmazer Demirel; Mehmet Tahir Sandıkkaya

doi:10.1007/978-3-031-85252-7_8

Malicious Web Session Detection with Ensemble-Based Methods

Dilek Yılmazer Demirel^*, Mehmet Tahir Sandıkkaya

^*Corresponding author for this work

Department of Computer Engineering

Istanbul Technical University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

The rapid growth of web applications and services has raised cybersecurity concerns, particularly in terms of detecting and preventing malicious web session attacks. These attacks cause significant dangers to users, including potential data breaches, illegal access, and a variety of other criminal behaviors. To tackle this challenge, this paper introduces an innovative methodology designed to detect malicious web sessions by harnessing the power of a machine learning-driven classifier. Central to this approach is the fusion of an embedding layer with machine learning techniques, aimed at comprehensively scrutinizing the intricate features inherent in web sessions. The validation of this technique draws upon a diverse range of datasets, comprising a unique compilation of Internet banking web request logs from Yap Kredi Teknoloji, alongside established datasets like CSIC 2010, WAF, and HTTP Params. Additionally, this study utilizes well-known methodologies including Convolutional Neural Networks, Support Vector Machines, and ensemble-based methods (Random Forest, Gradient Boosting Classifier, AdaBoost Classifier, and Extra Tree Classifier), and the study underscores the superior efficacy of the proposed technique. Notably, the adoption of Random Forest as the classifier yields a remarkable accuracy rate of 99.17%, outperforming traditional approaches. These findings underscore the significant potential of the proposed technique in efficiently identifying and thwarting malicious web sessions, thereby fortifying the security posture of web environments.

Original language	English
Title of host publication	Computational Intelligence - 14th and 15th International Joint Conference on Computational Intelligence IJCCI 2022 and IJCCI 2023, Revised Selected Papers
Editors	Thomas Bäck, Niki van Stein, Christian Wagner, Jonathan M. Garibaldi, Francesco Marcelloni, H.K. Lam, Marie Cottrell, Faiyaz Doctor, Joaquim Filipe, Kevin Warwick, Janusz Kacprzyk
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	133-148
Number of pages	16
ISBN (Print)	9783031852510
DOIs	https://doi.org/10.1007/978-3-031-85252-7_8
Publication status	Published - 2025
Event	14th and 15th International Joint Conference on Computational Intelligence, IJCCI 2022 and IJCCI 2023 - Rome, Italy Duration: 13 Nov 2023 → 15 Nov 2023

Publication series

Name	Studies in Computational Intelligence
Volume	1196 SCI
ISSN (Print)	1860-949X
ISSN (Electronic)	1860-9503

Conference

Conference	14th and 15th International Joint Conference on Computational Intelligence, IJCCI 2022 and IJCCI 2023
Country/Territory	Italy
City	Rome
Period	13/11/23 → 15/11/23

Bibliographical note

Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.

Keywords

Ensemble-based methods
Machine learning
Malicious web session detection

Access to Document

10.1007/978-3-031-85252-7_8

Cite this

Yılmazer Demirel, D., & Sandıkkaya, M. T. (2025). Malicious Web Session Detection with Ensemble-Based Methods. In T. Bäck, N. van Stein, C. Wagner, J. M. Garibaldi, F. Marcelloni, H. K. Lam, M. Cottrell, F. Doctor, J. Filipe, K. Warwick, & J. Kacprzyk (Eds.), Computational Intelligence - 14th and 15th International Joint Conference on Computational Intelligence IJCCI 2022 and IJCCI 2023, Revised Selected Papers (pp. 133-148). (Studies in Computational Intelligence; Vol. 1196 SCI). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-85252-7_8

Yılmazer Demirel, Dilek ; Sandıkkaya, Mehmet Tahir. / Malicious Web Session Detection with Ensemble-Based Methods. Computational Intelligence - 14th and 15th International Joint Conference on Computational Intelligence IJCCI 2022 and IJCCI 2023, Revised Selected Papers. editor / Thomas Bäck ; Niki van Stein ; Christian Wagner ; Jonathan M. Garibaldi ; Francesco Marcelloni ; H.K. Lam ; Marie Cottrell ; Faiyaz Doctor ; Joaquim Filipe ; Kevin Warwick ; Janusz Kacprzyk. Springer Science and Business Media Deutschland GmbH, 2025. pp. 133-148 (Studies in Computational Intelligence).

@inproceedings{5bed7eecff9545e7ae7285e6057f3ae3,

title = "Malicious Web Session Detection with Ensemble-Based Methods",

abstract = "The rapid growth of web applications and services has raised cybersecurity concerns, particularly in terms of detecting and preventing malicious web session attacks. These attacks cause significant dangers to users, including potential data breaches, illegal access, and a variety of other criminal behaviors. To tackle this challenge, this paper introduces an innovative methodology designed to detect malicious web sessions by harnessing the power of a machine learning-driven classifier. Central to this approach is the fusion of an embedding layer with machine learning techniques, aimed at comprehensively scrutinizing the intricate features inherent in web sessions. The validation of this technique draws upon a diverse range of datasets, comprising a unique compilation of Internet banking web request logs from Yap Kredi Teknoloji, alongside established datasets like CSIC 2010, WAF, and HTTP Params. Additionally, this study utilizes well-known methodologies including Convolutional Neural Networks, Support Vector Machines, and ensemble-based methods (Random Forest, Gradient Boosting Classifier, AdaBoost Classifier, and Extra Tree Classifier), and the study underscores the superior efficacy of the proposed technique. Notably, the adoption of Random Forest as the classifier yields a remarkable accuracy rate of 99.17%, outperforming traditional approaches. These findings underscore the significant potential of the proposed technique in efficiently identifying and thwarting malicious web sessions, thereby fortifying the security posture of web environments.",

keywords = "Ensemble-based methods, Machine learning, Malicious web session detection",

author = "{Yılmazer Demirel}, Dilek and Sandıkkaya, {Mehmet Tahir}",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.; 14th and 15th International Joint Conference on Computational Intelligence, IJCCI 2022 and IJCCI 2023 ; Conference date: 13-11-2023 Through 15-11-2023",

year = "2025",

doi = "10.1007/978-3-031-85252-7_8",

language = "English",

isbn = "9783031852510",

series = "Studies in Computational Intelligence",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "133--148",

editor = "Thomas B{\"a}ck and {van Stein}, Niki and Christian Wagner and Garibaldi, {Jonathan M.} and Francesco Marcelloni and H.K. Lam and Marie Cottrell and Faiyaz Doctor and Joaquim Filipe and Kevin Warwick and Janusz Kacprzyk",

booktitle = "Computational Intelligence - 14th and 15th International Joint Conference on Computational Intelligence IJCCI 2022 and IJCCI 2023, Revised Selected Papers",

address = "Germany",

}

Yılmazer Demirel, D & Sandıkkaya, MT 2025, Malicious Web Session Detection with Ensemble-Based Methods. in T Bäck, N van Stein, C Wagner, JM Garibaldi, F Marcelloni, HK Lam, M Cottrell, F Doctor, J Filipe, K Warwick & J Kacprzyk (eds), Computational Intelligence - 14th and 15th International Joint Conference on Computational Intelligence IJCCI 2022 and IJCCI 2023, Revised Selected Papers. Studies in Computational Intelligence, vol. 1196 SCI, Springer Science and Business Media Deutschland GmbH, pp. 133-148, 14th and 15th International Joint Conference on Computational Intelligence, IJCCI 2022 and IJCCI 2023, Rome, Italy, 13/11/23. https://doi.org/10.1007/978-3-031-85252-7_8

Malicious Web Session Detection with Ensemble-Based Methods. / Yılmazer Demirel, Dilek; Sandıkkaya, Mehmet Tahir.
Computational Intelligence - 14th and 15th International Joint Conference on Computational Intelligence IJCCI 2022 and IJCCI 2023, Revised Selected Papers. ed. / Thomas Bäck; Niki van Stein; Christian Wagner; Jonathan M. Garibaldi; Francesco Marcelloni; H.K. Lam; Marie Cottrell; Faiyaz Doctor; Joaquim Filipe; Kevin Warwick; Janusz Kacprzyk. Springer Science and Business Media Deutschland GmbH, 2025. p. 133-148 (Studies in Computational Intelligence; Vol. 1196 SCI).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Malicious Web Session Detection with Ensemble-Based Methods

AU - Yılmazer Demirel, Dilek

AU - Sandıkkaya, Mehmet Tahir

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.

PY - 2025

Y1 - 2025

N2 - The rapid growth of web applications and services has raised cybersecurity concerns, particularly in terms of detecting and preventing malicious web session attacks. These attacks cause significant dangers to users, including potential data breaches, illegal access, and a variety of other criminal behaviors. To tackle this challenge, this paper introduces an innovative methodology designed to detect malicious web sessions by harnessing the power of a machine learning-driven classifier. Central to this approach is the fusion of an embedding layer with machine learning techniques, aimed at comprehensively scrutinizing the intricate features inherent in web sessions. The validation of this technique draws upon a diverse range of datasets, comprising a unique compilation of Internet banking web request logs from Yap Kredi Teknoloji, alongside established datasets like CSIC 2010, WAF, and HTTP Params. Additionally, this study utilizes well-known methodologies including Convolutional Neural Networks, Support Vector Machines, and ensemble-based methods (Random Forest, Gradient Boosting Classifier, AdaBoost Classifier, and Extra Tree Classifier), and the study underscores the superior efficacy of the proposed technique. Notably, the adoption of Random Forest as the classifier yields a remarkable accuracy rate of 99.17%, outperforming traditional approaches. These findings underscore the significant potential of the proposed technique in efficiently identifying and thwarting malicious web sessions, thereby fortifying the security posture of web environments.

AB - The rapid growth of web applications and services has raised cybersecurity concerns, particularly in terms of detecting and preventing malicious web session attacks. These attacks cause significant dangers to users, including potential data breaches, illegal access, and a variety of other criminal behaviors. To tackle this challenge, this paper introduces an innovative methodology designed to detect malicious web sessions by harnessing the power of a machine learning-driven classifier. Central to this approach is the fusion of an embedding layer with machine learning techniques, aimed at comprehensively scrutinizing the intricate features inherent in web sessions. The validation of this technique draws upon a diverse range of datasets, comprising a unique compilation of Internet banking web request logs from Yap Kredi Teknoloji, alongside established datasets like CSIC 2010, WAF, and HTTP Params. Additionally, this study utilizes well-known methodologies including Convolutional Neural Networks, Support Vector Machines, and ensemble-based methods (Random Forest, Gradient Boosting Classifier, AdaBoost Classifier, and Extra Tree Classifier), and the study underscores the superior efficacy of the proposed technique. Notably, the adoption of Random Forest as the classifier yields a remarkable accuracy rate of 99.17%, outperforming traditional approaches. These findings underscore the significant potential of the proposed technique in efficiently identifying and thwarting malicious web sessions, thereby fortifying the security posture of web environments.

KW - Ensemble-based methods

KW - Machine learning

KW - Malicious web session detection

UR - http://www.scopus.com/inward/record.url?scp=105002011799&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-85252-7_8

DO - 10.1007/978-3-031-85252-7_8

M3 - Conference contribution

AN - SCOPUS:105002011799

SN - 9783031852510

T3 - Studies in Computational Intelligence

SP - 133

EP - 148

BT - Computational Intelligence - 14th and 15th International Joint Conference on Computational Intelligence IJCCI 2022 and IJCCI 2023, Revised Selected Papers

A2 - Bäck, Thomas

A2 - van Stein, Niki

A2 - Wagner, Christian

A2 - Garibaldi, Jonathan M.

A2 - Marcelloni, Francesco

A2 - Lam, H.K.

A2 - Cottrell, Marie

A2 - Doctor, Faiyaz

A2 - Filipe, Joaquim

A2 - Warwick, Kevin

A2 - Kacprzyk, Janusz

PB - Springer Science and Business Media Deutschland GmbH

T2 - 14th and 15th International Joint Conference on Computational Intelligence, IJCCI 2022 and IJCCI 2023

Y2 - 13 November 2023 through 15 November 2023

ER -

Yılmazer Demirel D, Sandıkkaya MT. Malicious Web Session Detection with Ensemble-Based Methods. In Bäck T, van Stein N, Wagner C, Garibaldi JM, Marcelloni F, Lam HK, Cottrell M, Doctor F, Filipe J, Warwick K, Kacprzyk J, editors, Computational Intelligence - 14th and 15th International Joint Conference on Computational Intelligence IJCCI 2022 and IJCCI 2023, Revised Selected Papers. Springer Science and Business Media Deutschland GmbH. 2025. p. 133-148. (Studies in Computational Intelligence). doi: 10.1007/978-3-031-85252-7_8