<![CDATA[Academic information systems, such as Eldiru Unsoed, function as vital digital assets vulnerable to cyberattacks, while conventional rule-based Web Application Firewalls exhibit detection weaknesses. Empirical testing in this study shows that the standard ModSecurity with Core Rule Set (CRS) system achieves a recall of only 5.34%, meaning it fails to identify the majority of actual attacks and creates a significant security gap. To address this problem, this research designs a detection system based on the Random Forest algorithm using Nginx server log data, validated with the public CSIC 2010 dataset. The model was developed by engineering hybrid features that include lexical analysis, CRS rule context, and N-grams to classify web traffic. Evaluation results show the proposed Machine Learning-Random Forest (ML-RF) model successfully increases recall from 5.34% to 72.00% and the F1-Score from 10.10% to 80.00%. This improvement in metrics, while maintaining a precision of 91.00%, proves that machine learning integration yields a more balanced and reliable cybersecurity defense mechanism. This research underscores the importance of implementing MLOps workflows for continuous model calibration and retraining to maintain detection effectiveness against evolving threats.]]>
Copyrights © 2025
