Intelligent threat detection and prevention in REST APIs using machine learning

With the increasing adoption of RESTful APIs as the backbone of modern web and mobile applications, ensuring their security has become a critical concern. Traditional security mechanisms such as rule-based firewalls and static rate-limiting policies are often ineffective against sophisticated, evolving threats like zero-day attacks, automated bot traffic, and API abuse patterns.

This research proposes an intelligent, machine learning-based framework to detect and prevent malicious activity in REST API traffic. The approach involves collecting and preprocessing real-time API request logs to extract behavioural and contextual features. Supervised and unsupervised machine learning models such as isolation forests, LSTM-based anomaly detectors, and decision trees are evaluated for their effectiveness in detecting anomalies, injection attacks, and abnormal usage behavior.

Furthermore, the study incorporates reinforcement learning to dynamically adjust security policies (e.g., rate limits, IP bans) in response to detected threats without impacting legitimate users. A proof-of-concept prototype will be developed and deployed in a controlled environment to evaluate performance in terms of detection accuracy, false positive rates, and system latency.

The outcome of this research aims to advance the state-of-the-art in API security by introducing adaptive, self-learning mechanisms capable of protecting APIs from modern security threats while maintaining usability and performance.