Solution to Data Imbalance Problem in Application Layer Anomaly Detection Systems

Currently, we can observe the increasing number of successful cyber attacks which use vulnerable web pages which allow the hacker (]or cracker) to breach the network security (]e.g. to deliver a malicious content). This trend is caused by the web applications complexity and diversity, which make it difficult to provide the effective and efficient cyber security countermeasures. Moreover, there are lots of different obfuscation techniques that allow the attacker to overcome signature-based attacks detections mechanisms. Therefore, in this paper we propose a machine-learning web-layer anomaly detection system that adapts our algorithm for packet segmentation and an ensemble of REPTree classifiers. In our experiments we prove that this approach can substantially increase the effectiveness of cyber attacks detection. Moreover, we present the solution to counter the data imbalance problem in cyber security.