<![CDATA[Security is a top priority in system development, as web portals serve as critical entry points that are frequently targeted by cyber-attacks. Common attack methods include SQL Injection, Cross-Site Scripting (XSS), and Brute Force. The application of machine learning in cybersecurity is growing due to its effectiveness in detecting such threats. This study employs supervised machine learning with six algorithms: K-Nearest Neighbors (KNN), Random Forest, Naïve Bayes, AdaBoost, LightGBM, and XGBoost. The research utilizes the CICIDS2017 and CSE-CICIDS2018 datasets, which contain network traffic data labeled with four categories: Benign, Brute Force, XSS, and SQL Injection. To address the dataset imbalance issue, this study applies Synthetic Minority Oversampling Technique (SMOTE) in conjunction with Principal Component Analysis (PCA) for dimensionality reduction. Performance evaluation is conducted using accuracy, precision, recall, and F1-score metrics, as well as K-Fold Cross Validation, AUC-ROC, and Learning Curve analysis. The results indicate that the Random Forest algorithm achieves the highest classification performance, with an accuracy of 97.77%, precision of 84.07%, recall of 91.96%, and an F1-score of 87.28%. This research contributes by demonstrating the applicability of machine learning in real-time web attack detection, highlighting the advantages of ensemble-based models in handling cybersecurity threats. Additionally, it underscores the importance of dataset preprocessing techniques in enhancing classification performance. Future improvements should focus on optimizing hyperparameters, integrating real-time network traffic analysis, and exploring hybrid models that combine traditional machine learning with deep learning approaches to further enhance detection capabilities.Keywords: Machine learning; Cybersecurity; Web attack detection; Random forest; SMOTE; PCA. Abstrak Keamanan merupakan prioritas utama dalam pengembangan sistem, karena portal web berfungsi sebagai titik masuk penting yang sering menjadi sasaran serangan siber. Metode serangan umum meliputi SQL Injection, Cross-Site Scripting (XSS), dan Brute Force. Penerapan machine learning dalam keamanan siber semakin berkembang karena efektivitasnya dalam mendeteksi ancaman tersebut. Studi ini menggunakan supervised machine learning dengan enam algoritma: K-Nearest Neighbors (KNN), Random Forest, Naïve Bayes, AdaBoost, LightGBM, dan XGBoost. Penelitian ini memanfaatkan kumpulan data CICIDS2017 dan CSE-CICIDS2018, yang berisi data lalu lintas jaringan yang diberi label dengan empat kategori: Benign, Brute Force, XSS, dan SQL Injection. Untuk mengatasi masalah ketidakseimbangan kumpulan data, studi ini menerapkan Synthetic Minority Oversampling Technique (SMOTE) bersama dengan Principal Component Analysis (PCA) untuk pengurangan dimensionalitas. Evaluasi kinerja dilakukan dengan menggunakan metrik akurasi, presisi, recall, dan skor F1, serta K-Fold Cross Validation, AUC-ROC, dan analisis Learning Curve. Hasilnya menunjukkan bahwa algoritma Random Forest mencapai kinerja klasifikasi tertinggi, dengan akurasi 97,77%, presisi 84,07%, recall 91,96%, dan skor F1 87,28%. Penelitian ini berkontribusi dengan menunjukkan penerapan machine learning dalam deteksi serangan web real-time, menyoroti keunggulan model berbasis ensemble dalam menangani ancaman keamanan siber. Selain itu, penelitian ini menggarisbawahi pentingnya teknik praproses dataset dalam meningkatkan kinerja klasifikasi. Peningkatan di masa mendatang harus difokuskan pada pengoptimalan hiperparameter, pengintegrasian analisis lalu lintas jaringan real-time, dan eksplorasi model hybrid yang menggabungkan machine learning tradisional dengan pendekatan deep learning untuk lebih meningkatkan kemampuan deteksi.Kata Kunci: Pembelajaran mesin; Keamanan siber; Deteksi serangan web; Random forest; SMOTE; PCA. 2020MSC: 68T05]]>
