Abstract
The article describes a method of using machine learning for detecting anomalous traffic behavior. For this purpose, a data set containing a significant amount of traffic collected at the time of the attack on the Web application is used. The set contains three attack options: Brute Force, XSS, SQL injection. A traffic dump containing an Infiltration attack is considered separately. A comparative analysis of machine learning models was carried out with the selection of the most optimal one. The article also provides a description of the data preprocessing procedure, which is carried out in order to eliminate anomalies and voids in array records, which can lead to incorrect operation of the trained model. Models were trained on selected data in order to identify anomalous traffic behavior indicating a specific type of attack. In addition, a study was conducted on a data set that does not contain information about attacks.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
