Abstract:
Web application attack detection is one of the
popular research areas during these years. SQL
injection, XSS and path traversal attacks are the
most commonly occurred types of web
application attacks. The proposed system
effectively classifies three attacks by random
forest algorithm to ensure reasonable accuracy.
Request length module is computed based on the
certain length of the URL to analyze each record
as normal or attack. Regular pattern analysis is
emphasized on the content of URL and other
features to analyze the certain attack patterns.
ECML/PKDD standard web attack dataset is
used in this system. Combination of random
forest algorithm with request length and regex
pattern analysis is proposed to outperform the
accuracy.
