Abstract:

Applications on the Internet have some coding-related security concerns. Weaknesses or vulnerabilities allow criminals to gain direct and public access to databases to steal sensitive data. This study proposes an approach based on heuristic feature selection and machine learning for easier and more accurate detection of web application attacks with hybrid intrusion detection systems. Web application attacks and benign flow examples in CIC-IDS2017 and CSE-CIC-IDS2018 datasets were combined after a series of data preprocessing stages, and a new dataset was created. Using Genetic Algorithm and Logistic Regression, mean square error and feature count optimization were performed, and the results were tested with five different machine learning algorithms. When the results obtained were examined, it was observed that the success rate in classification remained at the level of 99%, although the number of features was reduced by 85%

Keywords: