MASD: Malicious Web Session Detection Using ML-Based Classifier

Dilek Yılmazer Demirel; Mehmet Tahir Sandıkkaya

doi:10.5220/0012174800003595

MASD: Malicious Web Session Detection Using ML-Based Classifier

Dilek Yılmazer Demirel, Mehmet Tahir Sandıkkaya

Department of Computer Engineering

Istanbul Technical University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Citation (Scopus)

Abstract

The development of web applications and services has resulted in an increase in security concerns, especially in identifying malicious web session attacks. Malicious web sessions pose a significant risk to users, potentially resulting in data breaches, illegal access, and other malicious activities. This study presents an innovative technique for detecting malicious web sessions using a machine learning-driven classifier. To examine the features of web sessions, the suggested technique combines an embedding layer and machine learning approaches. Three different datasets were used in the empirical studies to confirm the effectiveness of the approach. They include a unique compilation of Internet banking web request logs, provided by Yap Kredi Teknoloji, as well as the well-known HTTP dataset CSIC 2010 and the publicly accessible WAF dataset. The experimental results are compared to known approaches such as Random Forest, Convolutional Neural Networks (CNN), Support Vector Machines (SVM), Naïve Bayes, Decision Trees, DBSCAN, and Self-Organizing Maps (SOM). The actual findings demonstrate the superiority of the suggested technique, especially when Random Forest is used as the chosen classifier. The attained accuracy rate of 99.17% surpasses the comparison methodologies, highlighting the approach’s ability to efficiently identify and block malicious web sessions.

Original language	English
Title of host publication	Proceedings of the 15th International Joint Conference on Computational Intelligence, IJCCI 2023
Editors	Niki van Stein, Francesco Marcelloni, H. K. Lam, Marie Cottrell, Joaquim Filipe
Publisher	Science and Technology Publications, Lda
Pages	487-495
Number of pages	9
ISBN (Electronic)	9789897586743
DOIs	https://doi.org/10.5220/0012174800003595
Publication status	Published - 2023
Event	15th International Joint Conference on Computational Intelligence, IJCCI 2023 - Hybrid, Rome, Italy Duration: 13 Nov 2023 → 15 Nov 2023

Publication series

Name	International Joint Conference on Computational Intelligence
ISSN (Electronic)	2184-3236

Conference

Conference	15th International Joint Conference on Computational Intelligence, IJCCI 2023
Country/Territory	Italy
City	Hybrid, Rome
Period	13/11/23 → 15/11/23

Bibliographical note

Publisher Copyright:
© 2023 by SCITEPRESS – Science and Technology Publications, Lda.

Keywords

Classification
Machine Learning
Malicious Web Session Detection

Access to Document

10.5220/0012174800003595

Cite this

Demirel, D. Y., & Sandıkkaya, M. T. (2023). MASD: Malicious Web Session Detection Using ML-Based Classifier. In N. van Stein, F. Marcelloni, H. K. Lam, M. Cottrell, & J. Filipe (Eds.), Proceedings of the 15th International Joint Conference on Computational Intelligence, IJCCI 2023 (pp. 487-495). (International Joint Conference on Computational Intelligence). Science and Technology Publications, Lda. https://doi.org/10.5220/0012174800003595

Demirel, Dilek Yılmazer ; Sandıkkaya, Mehmet Tahir. / MASD : Malicious Web Session Detection Using ML-Based Classifier. Proceedings of the 15th International Joint Conference on Computational Intelligence, IJCCI 2023. editor / Niki van Stein ; Francesco Marcelloni ; H. K. Lam ; Marie Cottrell ; Joaquim Filipe. Science and Technology Publications, Lda, 2023. pp. 487-495 (International Joint Conference on Computational Intelligence).

@inproceedings{b00f15c0b4be4725b7d2fc59615f21f2,

title = "MASD: Malicious Web Session Detection Using ML-Based Classifier",

abstract = "The development of web applications and services has resulted in an increase in security concerns, especially in identifying malicious web session attacks. Malicious web sessions pose a significant risk to users, potentially resulting in data breaches, illegal access, and other malicious activities. This study presents an innovative technique for detecting malicious web sessions using a machine learning-driven classifier. To examine the features of web sessions, the suggested technique combines an embedding layer and machine learning approaches. Three different datasets were used in the empirical studies to confirm the effectiveness of the approach. They include a unique compilation of Internet banking web request logs, provided by Yap Kredi Teknoloji, as well as the well-known HTTP dataset CSIC 2010 and the publicly accessible WAF dataset. The experimental results are compared to known approaches such as Random Forest, Convolutional Neural Networks (CNN), Support Vector Machines (SVM), Na{\"i}ve Bayes, Decision Trees, DBSCAN, and Self-Organizing Maps (SOM). The actual findings demonstrate the superiority of the suggested technique, especially when Random Forest is used as the chosen classifier. The attained accuracy rate of 99.17% surpasses the comparison methodologies, highlighting the approach{\textquoteright}s ability to efficiently identify and block malicious web sessions.",

keywords = "Classification, Machine Learning, Malicious Web Session Detection",

author = "Demirel, {Dilek Yılmazer} and Sandıkkaya, {Mehmet Tahir}",

note = "Publisher Copyright: {\textcopyright} 2023 by SCITEPRESS – Science and Technology Publications, Lda.; 15th International Joint Conference on Computational Intelligence, IJCCI 2023 ; Conference date: 13-11-2023 Through 15-11-2023",

year = "2023",

doi = "10.5220/0012174800003595",

language = "English",

series = "International Joint Conference on Computational Intelligence",

publisher = "Science and Technology Publications, Lda",

pages = "487--495",

editor = "{van Stein}, Niki and Francesco Marcelloni and Lam, {H. K.} and Marie Cottrell and Joaquim Filipe",

booktitle = "Proceedings of the 15th International Joint Conference on Computational Intelligence, IJCCI 2023",

}

Demirel, DY & Sandıkkaya, MT 2023, MASD: Malicious Web Session Detection Using ML-Based Classifier. in N van Stein, F Marcelloni, HK Lam, M Cottrell & J Filipe (eds), Proceedings of the 15th International Joint Conference on Computational Intelligence, IJCCI 2023. International Joint Conference on Computational Intelligence, Science and Technology Publications, Lda, pp. 487-495, 15th International Joint Conference on Computational Intelligence, IJCCI 2023, Hybrid, Rome, Italy, 13/11/23. https://doi.org/10.5220/0012174800003595

MASD: Malicious Web Session Detection Using ML-Based Classifier. / Demirel, Dilek Yılmazer; Sandıkkaya, Mehmet Tahir.
Proceedings of the 15th International Joint Conference on Computational Intelligence, IJCCI 2023. ed. / Niki van Stein; Francesco Marcelloni; H. K. Lam; Marie Cottrell; Joaquim Filipe. Science and Technology Publications, Lda, 2023. p. 487-495 (International Joint Conference on Computational Intelligence).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - MASD

T2 - 15th International Joint Conference on Computational Intelligence, IJCCI 2023

AU - Demirel, Dilek Yılmazer

AU - Sandıkkaya, Mehmet Tahir

PY - 2023

Y1 - 2023

N2 - The development of web applications and services has resulted in an increase in security concerns, especially in identifying malicious web session attacks. Malicious web sessions pose a significant risk to users, potentially resulting in data breaches, illegal access, and other malicious activities. This study presents an innovative technique for detecting malicious web sessions using a machine learning-driven classifier. To examine the features of web sessions, the suggested technique combines an embedding layer and machine learning approaches. Three different datasets were used in the empirical studies to confirm the effectiveness of the approach. They include a unique compilation of Internet banking web request logs, provided by Yap Kredi Teknoloji, as well as the well-known HTTP dataset CSIC 2010 and the publicly accessible WAF dataset. The experimental results are compared to known approaches such as Random Forest, Convolutional Neural Networks (CNN), Support Vector Machines (SVM), Naïve Bayes, Decision Trees, DBSCAN, and Self-Organizing Maps (SOM). The actual findings demonstrate the superiority of the suggested technique, especially when Random Forest is used as the chosen classifier. The attained accuracy rate of 99.17% surpasses the comparison methodologies, highlighting the approach’s ability to efficiently identify and block malicious web sessions.

AB - The development of web applications and services has resulted in an increase in security concerns, especially in identifying malicious web session attacks. Malicious web sessions pose a significant risk to users, potentially resulting in data breaches, illegal access, and other malicious activities. This study presents an innovative technique for detecting malicious web sessions using a machine learning-driven classifier. To examine the features of web sessions, the suggested technique combines an embedding layer and machine learning approaches. Three different datasets were used in the empirical studies to confirm the effectiveness of the approach. They include a unique compilation of Internet banking web request logs, provided by Yap Kredi Teknoloji, as well as the well-known HTTP dataset CSIC 2010 and the publicly accessible WAF dataset. The experimental results are compared to known approaches such as Random Forest, Convolutional Neural Networks (CNN), Support Vector Machines (SVM), Naïve Bayes, Decision Trees, DBSCAN, and Self-Organizing Maps (SOM). The actual findings demonstrate the superiority of the suggested technique, especially when Random Forest is used as the chosen classifier. The attained accuracy rate of 99.17% surpasses the comparison methodologies, highlighting the approach’s ability to efficiently identify and block malicious web sessions.

KW - Classification

KW - Machine Learning

KW - Malicious Web Session Detection

UR - http://www.scopus.com/inward/record.url?scp=85188249460&partnerID=8YFLogxK

U2 - 10.5220/0012174800003595

DO - 10.5220/0012174800003595

M3 - Conference contribution

AN - SCOPUS:85188249460

T3 - International Joint Conference on Computational Intelligence

SP - 487

EP - 495

BT - Proceedings of the 15th International Joint Conference on Computational Intelligence, IJCCI 2023

A2 - van Stein, Niki

A2 - Marcelloni, Francesco

A2 - Lam, H. K.

A2 - Cottrell, Marie

A2 - Filipe, Joaquim

PB - Science and Technology Publications, Lda

Y2 - 13 November 2023 through 15 November 2023

ER -

Demirel DY, Sandıkkaya MT. MASD: Malicious Web Session Detection Using ML-Based Classifier. In van Stein N, Marcelloni F, Lam HK, Cottrell M, Filipe J, editors, Proceedings of the 15th International Joint Conference on Computational Intelligence, IJCCI 2023. Science and Technology Publications, Lda. 2023. p. 487-495. (International Joint Conference on Computational Intelligence). doi: 10.5220/0012174800003595

MASD: Malicious Web Session Detection Using ML-Based Classifier

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this