Skip to main content
SpringerLink
Log in

Evaluating Classifiers’ Performance to Detect Attacks in Website Traffic

  • Conference paper
  • First Online:
Book cover International Joint Conference 15th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2022) 13th International Conference on EUropean Transnational Education (ICEUTE 2022) (CISIS 2022, ICEUTE 2022)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 532))

Abstract

Websites are an appealing target for attackers due to the large number of users that make use of them, resulting in a massive exchange of information. Different types of vulnerabilities and anomalies can be present in this context, such as SQL Injection or DDoS attacks. To cope with all this, different types of Computational Intelligence-based techniques, capable of detecting these undesired events, are used. To this end, feature selection methods allow a dimensionality reduction that subsequently helps classification algorithms to achieve high performance results. In the present paper, both feature selection methods and classifiers are evaluated on an open dataset called CSIC2010 v2. Furthermore, a deep study of the features within this dataset has been carried out with the aim of extracting as much information as possible, generating two alternative datasets with this information that are employed for comparison purposes in this research. The interesting results that have been obtained contributes to an improvement on the detection of web attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Atienza, D., Herrero, Á., Corchado, E.: Neural analysis of http traffic for web attack detection. In: Herrero, Á., Baruque, B., Sedano, J., Quintián, H., Corchado, E. (eds.) International Joint Conference, pp. 201–212. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-19713-5_18

    Chapter  Google Scholar 

  2. Bao, R., Zhang, K., Huang, J., Li, Y., Liu, W., Wang, L.: Research on website traffic prediction method based on deep learning. In: Jiang, D., Song, H. (eds.) SIMUtools 2021. LNICST, vol. 424, pp. 432–440. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-97124-3_32

    Chapter  Google Scholar 

  3. Bishop, C.: Pattern Recognition and Machine Learning. Information Science and Statistics. Springer, Berlin (2006)

    Google Scholar 

  4. Cortes, C., Vapnik, V.: Support-vector networks. Mach. Learn. 20(3), 273–297 (1995). https://doi.org/10.1007/BF00994018

    Article  MATH  Google Scholar 

  5. ENISA: ENISA Threat Landscape Report 2020. Accessed 9 June 2020. https://bit.ly/3gdsB1O

  6. Esteva, A., et al.: A guide to deep learning in healthcare. Nat. Med. 25, 24–29 (2019)

    Article  Google Scholar 

  7. Giménez, C.T., Villegas, A.P., Álvarez Marañón, G.: HTTP DATASET CSIC 2010. Accessed 2 June 2022. https://www.isi.csic.es/dataset/

  8. Gniewkowski, M., Maciejewski, H., Surmacz, T.R., Walentynowicz, W.: Http2vec: embedding of HTTP requests for detection of anomalous traffic. CoRR abs/2108.01763 (2021). https://arxiv.org/abs/2108.01763

  9. Go, G.M., Bu, S.J., Cho, S.B.: Insider attack detection in database with deep metric neural network with Monte Carlo sampling. Logic J. IGPL (2022). https://doi.org/10.1093/jigpal/jzac007Jzac007

  10. Hassani, H., Hallaji, E., Razavi-Far, R., Saif, M.: Unsupervised concrete feature selection based on mutual information for diagnosing faults and cyber-attacks in power systems. Eng. Appl. Artif. Intell. 100, 104150 (2021). https://doi.org/10.1016/j.engappai.2020.104150. https://www.sciencedirect.com/science/article/pii/S0952197620303870

  11. Kent, J.T.: Information gain and a general measure of correlation. Biometrika 70(1), 163–173 (1983). https://doi.org/10.1093/BIOMET/70.1.163. https://academic.oup.com/biomet/article/70/1/163/240380

  12. Luo, C., Tan, Z., Min, G., Gan, J., Shi, W., Tian, Z.: A novel web attack detection system for internet of things via ensemble classification. IEEE Trans. Ind. Inf. 17(8), 5810–5818 (2021). https://doi.org/10.1109/TII.2020.3038761

    Article  Google Scholar 

  13. Magan-Carrion, R., Urda, D., Diaz-Cano, I., Dorronsoro, B.: Improving the reliability of network intrusion detection systems through dataset aggregation. IEEE Trans. Emerg. Topics Comput., 1 (2022). https://doi.org/10.1109/TETC.2022.3178283

  14. Magán-Carrión, R., Urda, D., Diaz-Cano, I., Dorronsoro, B.: Towards a reliable comparison and evaluation of network intrusion detection systems based on machine learning approaches. Appl. Sci. 10(5), 1775 (2020). https://doi.org/10.3390/app10051775

    Article  Google Scholar 

  15. Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. SIGCOMM Comput. Commun. Rev. 34(2), 39–53 (2004). https://doi.org/10.1145/997150.997156

    Article  Google Scholar 

  16. Pinzón, C., Herrero, Á., De Paz, J.F., Corchado, E., Bajo, J.: CBRid4SQL: a CBR intrusion detector for SQL injection attacks. In: Corchado, E., Graña Romay, M., Manhaes Savio, A. (eds.) HAIS 2010, Part II. LNCS (LNAI), vol. 6077, pp. 510–519. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13803-4_63

    Chapter  Google Scholar 

  17. Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108–116 (2018)

    Google Scholar 

  18. Sukchotrat, T.: Data mining-driven approaches for process monitoring and diagnosis. Ph.D. thesis, University of Texas (2008). https://www.proquest.com/dissertations-theses/data-mining-driven-approaches-process-monitoring/docview/276043339/se-2?accountid=14529

  19. Urda, D., et al.: BLASSO: integration of biological knowledge into a regularized linear model. BMC Syst. Biol. 12(5), 361–372 (2018). https://doi.org/10.1186/s12918-018-0612-8

    Article  Google Scholar 

  20. Wuest, T., Weimer, D., Irgens, C., Thoben, K.D.: Machine learning in manufacturing: advantages, challenges, and applications. Prod. Manuf. Res. 4(1), 23–45 (2016). https://doi.org/10.1080/21693277.2016.1192517

    Article  Google Scholar 

  21. Yu, L., et al.: Detecting malicious web requests using an enhanced textcnn. In: 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC), pp. 768–777 (2020). https://doi.org/10.1109/COMPSAC48688.2020.0-167

Download references

Author information

Authors and Affiliations

  1. Grupo de Inteligencia Computacional Aplicada (GICAP), Departamento de Ingeniería Informática, Escuela Politécnica Superior, Universidad de Burgos, Av. Cantabria s/n, 09006, Burgos, Spain

    Daniel Urda, Nuño Basurto & Álvaro Herrero

  2. Department of Computer Science, University of Tartu, Tartu, Estonia

    Meelis Kull

Authors
  1. Daniel Urda
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nuño Basurto
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Meelis Kull
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Álvaro Herrero
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Daniel Urda .

Editor information

Editors and Affiliations

  1. Faculty of Engineering, University of Deusto, Bilbao, Spain

    Pablo García Bringas

  2. University of León, León, Spain

    Hilde Pérez García

  3. University of La Rioja, Logroño, Spain

    Francisco Javier Martínez de Pisón

  4. University of Oviedo, Oviedo, Spain

    José Ramón Villar Flecha

  5. Data Science and Big Data Lab, Pablo de Olavide University, Sevilla, Spain

    Alicia Troncoso Lora

  6. University of Oviedo, Oviedo, Spain

    Enrique A. de la Cal

  7. Departamento de Ingeniería Informática, Escuela Politécnica Superior, University of Burgos, Burgos, Spain

    Álvaro Herrero

  8. Pablo de Olavide University, Seville, Spain

    Francisco Martínez Álvarez

  9. University of Bergamo, Bergamo, Italy

    Giuseppe Psaila

  10. Department of Industrial Engineering, University of A Coruña, Ferrol, Spain

    Héctor Quintián

  11. University of Salamanca, Salamanca, Spain

    Emilio Corchado

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Urda, D., Basurto, N., Kull, M., Herrero, Á. (2023). Evaluating Classifiers’ Performance to Detect Attacks in Website Traffic. In: García Bringas, P., et al. International Joint Conference 15th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2022) 13th International Conference on EUropean Transnational Education (ICEUTE 2022). CISIS ICEUTE 2022 2022. Lecture Notes in Networks and Systems, vol 532. Springer, Cham. https://doi.org/10.1007/978-3-031-18409-3_20

Download citation

Publish with us

Policies and ethics

Search

Navigation