MACHINE LEARNING-BASED DETECTION OF MALICIOUS WEB REQUESTS USING HTTP TRAFFIC FEATURES

Authors

  • Sabina Norbekova Tolib qizi Tashkent University of Information Technologies named after Muhammad al-Khwarizmi, Tashkent, Uzbekistan

Keywords:

Machine learning; web application security; malicious request detection; HTTP traffic; cybersecurity; anomaly detection; Random Forest; feature engineering.

Abstract

Web applications have become essential components of modern digital infrastructure, supporting online banking, e-commerce, education platforms, healthcare systems and public administration services. However, their continuous exposure to the Internet makes them frequent targets of cyberattacks such as injection attacks, cross-site scripting, path traversal, authentication abuse and automated vulnerability scanning. Traditional rule-based security mechanisms remain useful for detecting known attack signatures, but they are often limited against modified, encoded or previously unseen malicious requests. This study investigates machine learning-based detection of malicious web requests using HTTP traffic features. The experiment uses the CSIC 2010 HTTP dataset, which contains normal and anomalous web requests generated for testing web attack protection systems. Nineteen request-level features were extracted from URL, request method and content fields, including URL length, character composition, encoded characters, path depth, request method indicators and content-related measures. Four machine learning models, namely Logistic Regression, Decision Tree, Random Forest and Linear Support Vector Machine, were trained and evaluated using accuracy, precision, recall, F1-score and confusion matrix analysis. The experimental results show that Random Forest achieved the best overall performance, with 92.27% accuracy, 92.47% precision, 88.37% recall and 90.37% F1-score. Feature importance analysis showed that URL length, URL letters, URL digits, content letters and content length were the most influential predictors. The findings indicate that machine learning can serve as an additional analytical layer for web application security, although its reliability depends on feature engineering, dataset representativeness, class balance and continuous monitoring.

Downloads

Published

2026-06-09

Issue

Section

Articles

How to Cite

MACHINE LEARNING-BASED DETECTION OF MALICIOUS WEB REQUESTS USING HTTP TRAFFIC FEATURES. (2026). American Journal of Technology and Applied Sciences, 49, 139-149. https://americanjournal.org/index.php/ajtas/article/view/3734