Science, Technology, Engineering and Mathematics.
Open Access
  1. Home
  2. Journals
  3. Journal of Trends in Applied Science and Advanced Technologies
  4. Volume 2, Issue 1

ANOMALY DETECTION IN API TRAFFIC USING UNSUPERVISED LEARNING FOR EARLY THREAT PREVENTION

Download as PDF

Volume 2, Issue 1, Pp 31-36, 2025

DOI: https://doi.org/10.61784/asat3014

Author(s)

Peter Novak1, Karolina Svoboda2*

Affiliation(s)

1School of Computer Science, Charles University, Prague, Czech Republic.

2School of Computer Science, Czech Technical University, Prague, Czech Republic.

Corresponding Author

Karolina Svoboda

ABSTRACT

The growing complexity and volume of API-based communication in modern web services have made API gateways increasingly vulnerable to attacks such as abuse, fraud, and volumetric threats. Traditional rule-based or signature-based detection methods struggle to identify novel or evolving attack patterns in real time. This paper proposes an unsupervised learning-based framework for early anomaly detection in API traffic to address these limitations. Leveraging clustering algorithms and autoencoders, the system learns the normal patterns of API usage without labeled data and flags deviations as potential threats. The approach is designed to be protocol-agnostic and scalable across diverse microservice architectures. Empirical evaluation using real-world API traffic datasets shows that our method achieves high detection accuracy and low false positive rates while significantly reducing manual configuration effort. The findings suggest that unsupervised learning is a promising direction for proactive, adaptive API threat detection.

KEYWORDS

API security; Anomaly detection; Unsupervised learning; Autoencoders; clustering; Cybersecurity; Early threat prevention; Microservices

CITE THIS PAPER

Peter Novak, Karolina Svoboda. Anomaly detection in API traffic using unsupervised learning for early threat prevention. Journal of Trends in Applied Science and Advanced Technologies. 2025, 2(1): 31-36. DOI: https://doi.org/10.61784/asat3014.

REFERENCES

[1] Oyeniran O C, Adewusi A O, Adeleke A G, et al. Microservices architecture in cloud-native applications: Design patterns and scalability. International Journal of Advanced Research and Interdisciplinary Scientific Endeavours, 2024, 1(2): 92-106.

[2] Guo L, Hu X, Liu W, et al. Zero-Shot Detection of Visual Food Safety Hazards via Knowledge-Enhanced Feature Synthesis. Applied Sciences, 2025, 15(11): 6338.

[3] Wu B, Qiu S, Liu W. Addressing Sensor Data Heterogeneity and Sample Imbalance: A Transformer-Based Approach for Battery Degradation Prediction in Electric Vehicles. Sensors, 2025, 25(11): 3564.

[4] Basak A, Tiwari D. API security risk and resilience in financial institutions. Laurea University of Applied Sciences, Finland. 2025.

[5] Prinakaa S, Bavanika V, Sanjana S, et al. A Real-Time Approach to Detecting API Abuses Based on Behavioral Patterns.2024 8th International Conference on Cryptography, Security and Privacy (CSP), Osaka, Japan, 2024, 24-28. DOI: 10.1109/CSP62567.2024.00012.

[6] Applebaum S, Gaber T, Ahmed A. Signature-based and machine-learning-based web application firewalls: A short survey. Procedia Computer Science, 2021, 189, 359-367.

[7] Li P, Ren S, Zhang Q, et al. Think4SCND: Reinforcement Learning with Thinking Model for Dynamic Supply Chain Network Design. IEEE Access, 12,  195974-195985.

[8] Mahfouz A. Towards a Holistic Efficient Stacking Ensemble Intrusion Detection System Using Newly Generated Heterogeneous Datasets. The University of Memphis, USA. 2021.

[9] Golmohammadi A, Zhang M, Arcuri A. Testing restful apis: A survey. ACM Transactions on Software Engineering and Methodology, 2023, 33(1): 1-41.

[10] Ren S, Jin J, Niu G, et al. ARCS: Adaptive Reinforcement Learning Framework for Automated Cybersecurity Incident Response Strategy Optimization. Applied Sciences, 2025, 15(2): 951.

[11] Usmani U A, Happonen A, Watada J. A review of unsupervised machine learning frameworks for anomaly detection in industrial applications. Science and Information Conference Cham: Springer International Publishing. 2022, 158-189.

[12] Tan Y, Wu B, Cao J, et al. LLaMA-UTP: Knowledge-Guided Expert Mixture for Analyzing Uncertain Tax Positions. IEEE Access, 2025, 13, 90637-90650. DOI: 10.1109/ACCESS.2025.3571502.

[13] Paul J. Comparative Analysis of Supervised vs. Unsupervised Learning in API Threat Detection. Researchgate, 2024. https://www.researchgate.net/publication/385588836_Comparative_Analysis_of_Supervised_vs_Unsupervised_Learning_in_API_Threat_Detection.

[14] Usama M, Qadir J, Raza A, et al. Unsupervised machine learning for networking: Techniques, applications and research challenges. IEEE access, 2019, 7, 65579-65615. DOI: 10.1109/ACCESS.2019.2916648.

[15] Ranjan P, Dahiya S. Advanced threat detection in api security: Leveraging machine learning algorithms. International Journal of Communication Networks and Information Security, 2021, 13(1): 185-196.

[16] Domoney C. Defending APIs: Uncover advanced defense techniques to craft secure application programming interfaces. Packt Publishing Ltd. 2024.

[17] Bayer M, Frey T, Reuter C. Multi-level fine-tuning, data augmentation, and few-shot learning for specialized cyber threat intelligence. Computers & Security, 2023, 134, 103430.

[18] G Martín A, Fernández-Isabel A, Martín de Diego I, et al. A survey for user behavior analysis based on machine learning techniques: current models and applications. Applied Intelligence, 2021, 51(8): 6029-6055.

[19] Abdallah E E, Otoom A F. Intrusion detection systems using supervised machine learning techniques: a survey. Procedia Computer Science, 2022, 201, 205-212.

[20] Wang J, Tan Y, Jiang B, et al. Dynamic Marketing Uplift Modeling: A Symmetry-Preserving Framework Integrating Causal Forests with Deep Reinforcement Learning for Personalized Intervention Strategies. Symmetry, 2025, 17(4): 610.

[21] Guerra J L, Catania C, Veas E. Datasets are not enough: Challenges in labeling network traffic. Computers & Security, 2022, 120, 102810.

[22] Seydali M, Khunjush F, Dogani J. Streaming traffic classification: a hybrid deep learning and big data approach. Cluster Computing, 2024, 27(4): 5165-5193.

[23] Demestichas K, Alexakis T, Peppes N, et al. Comparative analysis of machine learning-based approaches for anomaly detection in vehicular data. Vehicles, 2021, 3(2): 171-186.

[24] Méndez C, García L, Torres J. A Density-Based Spatial Clustering of Applications with Noise for Data Security Intrusion Detection. Optimizations in Applied Machine Learning, 2025, 5(1): 1-19.

[25] Azfar T, Li J, Yu H, et al. Deep learning-based computer vision methods for complex traffic environments perception: A review. Data Science for Transportation, 2024, 6(1). DOI: https://doi.org/10.1007/s42421-023-00086-7

[26] Jin J, Xing S, Ji E, et al. XGate: Explainable Reinforcement Learning for Transparent and Trustworthy API Traffic Management in IoT Sensor Networks. Sensors (Basel, Switzerland), 2025, 25(7): 2183.

[27] Mienye I D, Swart T G. Deep autoencoder neural networks: a comprehensive review and new perspectives. Archives of computational methods in engineering, 2025, 1-20.

[28] Gribbestad M, Hassan M U, Hameed I A, et al. Health monitoring of air compressors using reconstruction-based deep learning for anomaly detection with increased transparency. Entropy, 2021, 23(1): 83.

[29] Paul J. The Role of Anomaly Detection in API Security: A Machine Learning Approach. Researchgate, 2024. https://www.researchgate.net/publication/385587499_The_Role_of_Anomaly_Detection_in_API_Security_A_Machine_Learning_Approach

[30] Nassif A B, Talib M A, Nasir Q, et al. Machine learning for anomaly detection: A systematic review. IEEE Access, 2021, 9, 78658-78700. DOI: 10.1109/ACCESS.2021.3083060.

RESOURCES

JOIN US

PUBLICATION SERVICES

CONTACT US

All published work is licensed under a Creative Commons Attribution 4.0 International License. sitemap
Copyright © 2017 - 2025 Science, Technology, Engineering and Mathematics.   All Rights Reserved.