Malicious behaviour classification in web logs based on an improved Xgboost algorithm
by Jiaming Song; Xiaojuan Wang; Lei Jin; Jingwen You
International Journal of Web Engineering and Technology (IJWET), Vol. 13, No. 4, 2018

Abstract: Attacks against web servers are one of the most serious threats in security fields. Attackers are able to make the computer systems more vulnerable. Analysing the web logs is one of the most effective methods to identify malicious behaviours. In this study, we consider the analysis of HTTP requests in web logs to classify malicious behaviour into multiple categories. At present, web attacks are so complex that single layer classification model is unable to deal with the emerging attacks, in particular, there is a limitation that category features cannot be added to single layer model. Motivated by this, we propose an improved Xgboost algorithm, which uses the method of constructing candidate attacks to attain higher accuracy for malicious behaviour detection. The experimental results show that, compared to other machine learning algorithms, the improved Xgboost algorithm we proposed performs better. Besides, after extracting the important features, it not only does not affect the effectiveness of the algorithm model, but also improves the computational efficiency.

Online publication date: Mon, 28-Jan-2019

The full text of this article is only available to individual subscribers or to users at subscribing institutions.

 
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.

Pay per view:
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.

Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Web Engineering and Technology (IJWET):
Login with your Inderscience username and password:

    Username:        Password:         

Forgotten your password?


Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.

If you still need assistance, please email subs@inderscience.com