Affiliation:
1. Department of Computer Engineering Bahçeşehir Cyprus University Nicosia Northern Cyprus Turkey
Abstract
SummaryWith digitization and modern network applications, information security has gained a tremendous importance. Therefore, accurate and efficient detection systems are crucial for maintaining proactive security in computer networks. Machine learning (ML) has shown great potential as a promising solution since it can teach a machine to distinguish malicious and normal network activities. However, recently proposed methods are suffering from at least one of the following: detection accuracy, false alarm rate, and computational complexity issues. The main reason behind this problem is the complexity of the model in terms of attack types. From the ML perspective, intrusion detection is a classification problem where each attack type is identified by a set of different features, and features are used for classifying network activities. Thus, training an ML algorithm to detect more than one attack type leads to a more complex model; the increasing number of used features contributes positively to the model complexity, and may result in relatively lower detection accuracy or a higher false positive rate. To tackle this problem, this study proposes an attack‐wise customized network intrusion detection system (AWC‐NIDS) based on ML, concurrency, and distributed systems to achieve accurate and efficient network‐wide intrusion detection. Since CICIDS2017 contains many modern attacks, it was used for model development and performance evaluation. The experimental results showed that the proposed methodology achieved high classification performance for all datasets with a small number of features. However, it was observed that the lowest accuracy was achieved for the comprehensive dataset (which contains all attack types); for the single attack‐type datasets, the obtained accuracy was above 99%. This finding proves the concept of attack‐wise customization for intrusion detection and shows the significance of the proposed methodology. In conclusion, this framework is promising for implementing robust and accurate cybersecurity systems for traditional and modern networking.
Subject
Computational Theory and Mathematics,Computer Networks and Communications,Computer Science Applications,Theoretical Computer Science,Software
Reference56 articles.
1. PetrosyanA.Number of internet users worldwide by region 2022. Statista. February 13 2023. Accessed January 10 2023.https://www.statista.com/statistics/249562/number‐of‐worldwide‐internet‐users‐by‐region/
2. BroadbandSearchnet Key internet statistics in 2023 (including mobile) 2023
3. Toward a Better Understanding of “Cybersecurity”
4. Network intrusion detection system: A systematic study of machine learning and deep learning approaches