(Publisher of Peer Reviewed Open Access Journals)
Navigation

International Journal of Advanced Technology and Engineering Exploration (IJATEE)

ISSN (Print):2394-5443    ISSN (Online):2394-7454
Volume-11 Issue-112 March-2024
Full-Text PDF
Paper Title : Enhancing intrusion detection with imbalanced data classification and feature selection in machine learning algorithms
Author Name : S. V. Sugin and M. Kanchana
Abstract :

The effectiveness of an organization in detecting and preventing computer network (CN) attacks is significantly influenced by the performance of intrusion detection systems (IDS) and intrusion prevention systems (IPS). This research focuses on IDS based on machine learning (ML), asserting that ML-based IDS are effective and accurate in detecting network attacks. The study examines the UNSW-NB15 network IDS dataset, which is used for training and testing the models. Furthermore, a filter-based attribute reduction approach was implemented using the extreme gradient boosting (XGBoost) algorithm. The condensed feature space then facilitates the application of various methods including support vector machine (SVM), logistic regression (LR), k-nearest neighbour (KNN), decision tree (DT), and convolutional neural network (CNN). A suitable feature selection approach is essential to eliminate features with minimal impact on the classification process. Additionally, the study notes that many ML-based IDS suffer from limited identification accuracy and a higher false positive rate (FPR) when trained on highly imbalanced datasets. The research considers configurations for both binary and multiclass classification. Results indicate that the XGBoost based attribute selection approach allows techniques such as DT to enhance the test accuracy of the binary-classification scheme from 88.13% to 90.85%. Moreover, the XGBoost-KNN and XGBoost-DT configurations demonstrate improved performance.
Keywords : Machine learning (ML), Intrusion detection system (IDS), UNSW-NB15 dataset, XGBoost algorithm, Convolutional neural network (CNN).
Cite this article : Sugin SV, Kanchana M. Enhancing intrusion detection with imbalanced data classification and feature selection in machine learning algorithms. International Journal of Advanced Technology and Engineering Exploration. 2024; 11(112):405-419. DOI:10.19101/IJATEE.2023.10101620.
References :
[1]Keserwani PK, Govil MC, Pilli ES, Govil P. A smart anomaly-based intrusion detection system for the internet of things (IoT) network using GWO–PSO–RF model. Journal of Reliable Intelligent Environments. 2021; 7:3-21.
[Crossref] [Google Scholar]
[2]Maseer ZK, Yusof R, Bahaman N, Mostafa SA, Foozy CF. Benchmarking of machine learning for anomaly based intrusion detection systems in the CICIDS2017 dataset. IEEE Access. 2021; 9:22351-70.
[Crossref] [Google Scholar]
[3]Le JL, Goedeme T, Mentens N. Machine learning for misuse-based network intrusion detection: overview, unified evaluation and feature choice comparison framework. IEEE Access. 2021; 9:63995-4015.
[Crossref] [Google Scholar]
[4]Rizvi S, Scanlon M, Mcgibney J, Sheppard J. Deep learning based network intrusion detection system for resource-constrained environments. In international conference on digital forensics and cyber crime 2022 (pp. 355-67). Cham: Springer Nature Switzerland.
[Crossref] [Google Scholar]
[5]Kim T, Pak W. Robust network intrusion detection system based on machine-learning with early classification. IEEE Access. 2022; 10:10754-67.
[Crossref]
[6]Maddu M, Rao YN. Network intrusion detection and mitigation in SDN using deep learning models. International Journal of Information Security. 2023:1-4.
[Crossref] [Google Scholar]
[7]Brindha DV, Ranjan NM, Sharma H. IoT attack detection and mitigation with optimized deep learning techniques. Cybernetics and Systems. 2022:1-27.
[Crossref] [Google Scholar]
[8]Bashah NS, Simbas TS, Janom N, Aris SR. Proactive DDoS attack detection in software-defined networks with snort rule-based algorithms. International Journal of Advanced Technology and Engineering Exploration. 2023; 10(105):962-89.
[Crossref] [Google Scholar]
[9]Chikkalwar SR, Garapati Y. Network intrusion detection system using bacterial foraging optimization with random forest. International Journal of Advanced Technology and Engineering Exploration. 2023; 10(105):1037-49.
[Crossref] [Google Scholar]
[10]Kumar V, Sinha D, Das AK, Pandey SC, Goswami RT. An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset. Cluster Computing. 2020; 23:1397-418.
[Crossref] [Google Scholar]
[11]Horak T, Strelec P, Huraj L, Tanuska P, Vaclavova A, Kebisek M. The vulnerability of the production line using industrial IoT systems under DDOS attack. Electronics. 2021; 10(4):1-31.
[Crossref] [Google Scholar]
[12]Ravi V, Chaganti R, Alazab M. Recurrent deep learning-based feature fusion ensemble meta-classifier approach for intelligent network intrusion detection system. Computers and Electrical Engineering. 2022; 102:108156.
[Crossref] [Google Scholar]
[13]Al S, Dener M. STL-HDL: a new hybrid network intrusion detection system for imbalanced dataset on big data environment. Computers & Security. 2021; 110:102435.
[Crossref] [Google Scholar]
[14]Riyad AM. A DDoS defence framework in software defined network using ensemble classifier with rough set theory based feature selection. International Journal of Advanced Technology and Engineering Exploration. 2021; 8(82):1120-35.
[Crossref] [Google Scholar]
[15]Ali M, Haque MU, Durad MH, Usman A, Mohsin SM, Mujlid H, et al. Effective network intrusion detection using stacking-based ensemble approach. International Journal of Information Security. 2023; 22(6):1781-98.
[Crossref] [Google Scholar]
[16]Alazzam H, Sharieh A, Sabri KE. A feature selection algorithm for intrusion detection system based on pigeon inspired optimizer. Expert Systems with Applications. 2020; 148:113249.
[Crossref] [Google Scholar]
[17]Kamalakkannan D, Menaga D, Shobana S, Daya SKV, Rajagopal R, Tiwari M. A detection of intrusions based on deep learning. Cybernetics and Systems. 2023:1-5.
[Crossref] [Google Scholar]
[18]Albasheer H, Md SM, Mubarakali A, Elsier TO, Salih S, Hamdan M, et al. Cyber-attack prediction based on network intrusion detection systems for alert correlation techniques: a survey. Sensors. 2022; 22(4):1-15.
[Crossref] [Google Scholar]
[19]Wang Z, Jiang D, Huo L, Yang W. An efficient network intrusion detection approach based on deep learning. Wireless Networks. 2021:1-4.
[Crossref] [Google Scholar]
[20]Nazir S, Patel S, Patel D. Autoencoder based anomaly detection for SCADA networks. International Journal of Artificial Intelligence and Machine Learning. 2021; 11(2):83-99.
[Crossref] [Google Scholar]
[21]Laskar MT, Huang JX, Smetana V, Stewart C, Pouw K, An A, et al. Extending isolation forest for anomaly detection in big data via K-means. ACM Transactions on Cyber-Physical Systems. 2021; 5(4):1-26.
[Crossref] [Google Scholar]
[22]Ortega-fernandez I, Sestelo M, Burguillo JC, Piñón-blanco C. Network intrusion detection system for DDoS attacks in ICS using deep autoencoders. Wireless Networks. 2023:1-7.
[Google Scholar]
[23]Sah G, Banerjee S, Singh S. Intrusion detection system over real-time data traffic using machine learning methods with feature selection approaches. International Journal of Information Security. 2023; 22(1):1-27.
[Crossref] [Google Scholar]
[24]Ogundokun RO, Awotunde JB, Sadiku P, Adeniyi EA, Abiodun M, Dauda OI. An enhanced intrusion detection system using particle swarm optimization feature extraction technique. Procedia Computer Science. 2021; 193:504-12.
[Crossref] [Google Scholar]
[25]Sekhar R, Sasirekha K, Raja PS, Thangavel K. A novel GPU based intrusion detection system using deep autoencoder with fruitfly optimization. SN Applied Sciences. 2021; 3(6):1-16.
[Crossref] [Google Scholar]
[26]Ahmadi AF, Milani FA, Khanchi S. Hybrid machine learning-based approaches for feature and overfitting reduction to model intrusion patterns. Journal of Cybersecurity and Privacy. 2023; 3(3):544-57.
[Crossref] [Google Scholar]
[27]Sugin SV, Kanchana M. Machine learning-based intrusion detection of imbalanced traffic on the network: a review. In the international conference on recent innovations in computing 2022 (pp. 741-53). Singapore: Springer Nature Singapore.
[Crossref] [Google Scholar]
[28]Ghani H, Salekzamankhani S, Virdee B. A hybrid dimensionality reduction for network intrusion detection. Journal of Cybersecurity and Privacy. 2023; 3(4):830-43.
[Crossref] [Google Scholar]
[29]Soumya TR, Revathy S. A novel approach for cyber threat detection based on angle-based subspace anomaly detection. Cybernetics and Systems. 2022:1-10.
[Crossref] [Google Scholar]
[30]Rani M, Gagandeep. Effective network intrusion detection by addressing class imbalance with deep neural networks multimedia tools and applications. Multimedia Tools and Applications. 2022; 81(6):8499-518.
[Crossref] [Google Scholar]
[31]Kanchana M. Detection of traffic on the network based on a real dataset for the IIM method and ML-TSDS algorithm. In international conference on automation, computing and renewable systems 2022 (pp. 614-22). IEEE.
[Crossref] [Google Scholar]
[32]Wu T, Fan H, Zhu H, You C, Zhou H, Huang X. Intrusion detection system combined enhanced random forest with SMOTE algorithm. EURASIP Journal on Advances in Signal Processing. 2022; 2022(1):1-20.
[Crossref] [Google Scholar]
[33]Kasongo SM, Sun Y. Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset. Journal of Big Data. 2020; 7(1):1-20.
[Crossref] [Google Scholar]
[34]Gu J, Lu S. An effective intrusion detection approach using SVM with naïve bayes feature embedding. Computers & Security. 2021; 103:102158.
[Crossref] [Google Scholar]
[35]Asha VS, Ganesh RK. An AI based IDS framework for detecting DDoS attacks in cloud environment. Information Security Journal: A Global Perspective. 2023:1-3.
[Crossref] [Google Scholar]
[36]Sugin SV, Kanchana M. Improved cyber attack detection using MLB-FQS: a novel modified lagrange butterfly-based fuzzy quasi-linear SVM algorithm. IETE Journal of Research. 2023:1-5.
[Crossref] [Google Scholar]
[37]Sommestad T, Holm H, Steinvall D. Variables influencing the effectiveness of signature-based network intrusion detection systems. Information Security Journal: a Global Perspective. 2022; 31(6):711-28.
[Crossref] [Google Scholar]
[38]Fu Y, Du Y, Cao Z, Li Q, Xiang W. A deep learning model for network intrusion detection with imbalanced data. Electronics. 2022; 11(6):1-13.
[Crossref] [Google Scholar]
[39]Le TT, Oktian YE, Kim H. XGBoost for imbalanced multiclass classification-based industrial internet of things intrusion detection systems. Sustainability. 2022; 14(14):1-21.
[Crossref] [Google Scholar]
[40]Bagui S, Li K. Resampling imbalanced data for network intrusion detection datasets. Journal of Big Data. 2021; 8(1):1-41.
[Crossref] [Google Scholar]
[41]Chew YJ, Lee N, Ooi SY, Wong KS, Pang YH. Benchmarking full version of GureKDDCup, UNSW-NB15, and CIDDS-001 NIDS datasets using rolling-origin resampling. Information Security Journal: A Global Perspective. 2022; 31(5):544-65.
[Google Scholar]
[42]Lee J, Park K. GAN-based imbalanced data intrusion detection system. Personal and Ubiquitous Computing. 2021; 25(1):121-8.
[Crossref] [Google Scholar]
[43]Saba T, Rehman A, Sadad T, Kolivand H, Bahaj SA. Anomaly-based intrusion detection system for IoT networks through deep learning model. Computers and Electrical Engineering. 2022; 99:107810.
[Crossref] [Google Scholar]
[44]Le KH, Nguyen MH, Tran TD, Tran ND. IMIDS: an intelligent intrusion detection system against cyber threats in IoT. Electronics. 2022; 11(4):1-16.
[Crossref] [Google Scholar]
[45]Yu J, Ye X, Li H. A high precision intrusion detection system for network security communication based on multi-scale convolutional neural network. Future Generation Computer Systems. 2022; 129:399-406.
[Crossref] [Google Scholar]
[46]Imran M, Haider N, Shoaib M, Razzak I. An intelligent and efficient network intrusion detection system using deep learning. Computers and Electrical Engineering. 2022; 99:107764.
[Crossref] [Google Scholar]