<![CDATA[Web server security is a primary concern amid the rising wave of cyber threats. Every user interaction with a web application is recorded in server logs, which contain valuable information including IP addresses, request methods, response status codes, and data sizes. This study leverages server log data from January to July 2019 collected from an educational institution to detect malicious activities using a data mining approach. After preprocessing and rule-based labeling into three classes Safe, Suspicious, and Dangerous dimensionality reduction was applied via Linear Discriminant Analysis (LDA) before classification using five algorithms: SVM-RBF, SVM-Linear, SVM-Polynomial, K-NN via GridSearch, and Decision Tree. Results show that SVM-RBF delivers the most stable performance, achieving a training accuracy of 88% and testing accuracy of 86%. However, class imbalance affects recall scores for certain categories. This study confirms the effectiveness of combining LDA and SVM-RBF as a basis for log-based intrusion detection systems, while also highlighting the need for further development through data balancing techniques and additional feature engineering.]]>
Copyrights © 2026
