Identifikasi Serangan Injeksi pada Website Berdasarkan Data Log Menggunakan Algoritma Support Vector Machine

Abstract

Injection attacks on websites, such as SQL Injection (SQLi) and Cross-Site Scripting (XSS), are dangerous threats to website application security. These attacks exploit vulnerabilities in website applications to inject malicious code that steals data or damages the system. One of the main challenges in detecting these attacks is the identification process, which requires a long time and is often done manually. Therefore, an approach is needed that can detect injection attacks on websites accurately and quickly. The aim of this research is to identify injection attacks on websites, particularly SQLi and XSS, using the Support Vector Machine (SVM) algorithm based on website server log data. The data used in this research was obtained from attack simulations using tools like SQLMap and XSSer, which were then processed to identify attack patterns. The methodology used includes feature extraction from URIs, as well as data processing using TF-IDF for text representation. The results of the research and testing show that the SVM model, combined with feature extraction, can classify attacks with accuracy of 93.7%. The developed system is implemented as a Flask-based website application that allows users to upload log files and receive interactive attack classification results. With this approach, attack detection can be performed automatically with adequate accuracy, reducing reliance on rule-based systems and improving effectiveness in detecting new attacks.