<p>Web-based systems are needed for the functioning of sensitive information in personal, financial, and governmental systems, and are the main areas of cyberattacks. Incidents of data breaches in these systems may reveal the vulnerabilities that an attacker uses to flood the system, tamper with its contents, or misuse information. The work provides a new approach to the classification of benign and malicious hypertext transfer protocol requests. It deals with the fundamental problems of class&#xa0;imbalance and hyperparameter sensitivity. The model is constructed on the imbalanced area-under-curve maximizing proximal support vector machine (ImAUC-PSVM). It is a modification of the standard PSVM that directly integrates the optimization of the AUC into the training process. This improvement helps the model to handle imbalanced data and minimizes hyperparameter tuning. It has the same strengths as PSVM, such as the maximization of margin and resistance to noisy data. It also facilitates real-time, incremental learning, which has been proven to be possible with the support of simulated streams of data. The Bayesian optimization and Hyperband is also incorporated in the framework to optimize hyperparameters more efficiently and accurately. The model was tested on the CSIC 2010 (Consejo Superior de Investigaciones Cientificas, 2010) dataset and FWAF (Machine-Learning-driven Web Application Firewall) dataset. The F-score with ImAUC-PSVM is 91.57% and 90.47%, G-means scores are 91.21% and 92.09%, and the AUC scores are 0.834 and 0.818, respectively. These findings indicate the strength and capability of the model to generalize across&#xa0;diverse web attacks. On the whole, this paper offers a highly viable and adaptable&#xa0;remedy for web threat detection. It complements the efficiency of cybersecurity systems that run in dynamic and high-risk environments.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

AUC-optimized proximal SVM for imbalanced web attack detection via Bayesian optimization and hyperband

  • Mohammad Yahyaei Feriz Hendi,
  • Mahmoudreza Entezami,
  • Pedram Gashmardi,
  • Shahabeddon Rohimi Horsini

摘要

Web-based systems are needed for the functioning of sensitive information in personal, financial, and governmental systems, and are the main areas of cyberattacks. Incidents of data breaches in these systems may reveal the vulnerabilities that an attacker uses to flood the system, tamper with its contents, or misuse information. The work provides a new approach to the classification of benign and malicious hypertext transfer protocol requests. It deals with the fundamental problems of class imbalance and hyperparameter sensitivity. The model is constructed on the imbalanced area-under-curve maximizing proximal support vector machine (ImAUC-PSVM). It is a modification of the standard PSVM that directly integrates the optimization of the AUC into the training process. This improvement helps the model to handle imbalanced data and minimizes hyperparameter tuning. It has the same strengths as PSVM, such as the maximization of margin and resistance to noisy data. It also facilitates real-time, incremental learning, which has been proven to be possible with the support of simulated streams of data. The Bayesian optimization and Hyperband is also incorporated in the framework to optimize hyperparameters more efficiently and accurately. The model was tested on the CSIC 2010 (Consejo Superior de Investigaciones Cientificas, 2010) dataset and FWAF (Machine-Learning-driven Web Application Firewall) dataset. The F-score with ImAUC-PSVM is 91.57% and 90.47%, G-means scores are 91.21% and 92.09%, and the AUC scores are 0.834 and 0.818, respectively. These findings indicate the strength and capability of the model to generalize across diverse web attacks. On the whole, this paper offers a highly viable and adaptable remedy for web threat detection. It complements the efficiency of cybersecurity systems that run in dynamic and high-risk environments.