<![CDATA[The increasing complexity of cyber threats requires accurate detection systems to identify attack patterns on web servers. This study aims to detect SQL Injection and Cross-Site Scripting (XSS) attacks in Nginx access logs using machine learning algorithms. Log data were processed through regular expressions for parsing and labeling, resulting in 1,650,615 samples. Data imbalance was addressed using a combination of ADASYN and Random Undersampling. Two algorithms, Random Forest and Support Vector Machine (SVM), were compared based on accuracy, precision, recall, F1-score, and ROC curve metrics. The results show that Random Forest achieved the best performance with 99.92% accuracy, 99.94% F1-score, and 0.9994 AUC, while SVM obtained an accuracy of 96.45%. The combination of resampling and ensemble learning significantly enhances the effectiveness of log-based attack detection, providing a promising foundation for the development of adaptive Intrusion Detection Systems (IDS) in web server environments.]]>
Copyrights © 2025
