Network intrusion detection using oversampling technique and machine learning algorithms

Author:

Ahmed Hafiza Anisa,Hameed Anum,Bawany Narmeen Zakaria

Abstract

The expeditious growth of the World Wide Web and the rampant flow of network traffic have resulted in a continuous increase of network security threats. Cyber attackers seek to exploit vulnerabilities in network architecture to steal valuable information or disrupt computer resources. Network Intrusion Detection System (NIDS) is used to effectively detect various attacks, thus providing timely protection to network resources from these attacks. To implement NIDS, a stream of supervised and unsupervised machine learning approaches is applied to detect irregularities in network traffic and to address network security issues. Such NIDSs are trained using various datasets that include attack traces. However, due to the advancement in modern-day attacks, these systems are unable to detect the emerging threats. Therefore, NIDS needs to be trained and developed with a modern comprehensive dataset which contains contemporary common and attack activities. This paper presents a framework in which different machine learning classification schemes are employed to detect various types of network attack categories. Five machine learning algorithms: Random Forest, Decision Tree, Logistic Regression, K-Nearest Neighbors and Artificial Neural Networks, are used for attack detection. This study uses a dataset published by the University of New South Wales (UNSW-NB15), a relatively new dataset that contains a large amount of network traffic data with nine categories of network attacks. The results show that the classification models achieved the highest accuracy of 89.29% by applying the Random Forest algorithm. Further improvement in the accuracy of classification models is observed when Synthetic Minority Oversampling Technique (SMOTE) is applied to address the class imbalance problem. After applying the SMOTE, the Random Forest classifier showed an accuracy of 95.1% with 24 selected features from the Principal Component Analysis method.

Publisher

PeerJ

Subject

General Computer Science

Reference49 articles.

1. Developing intelligent classification models for rock burst prediction after recognizing significant predictor variables, Section 2: designing classifiers;Afraei,2019

2. Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set;Ahmad;EURASIP Journal on Wireless Communications and Networking,2021

3. A survey of network anomaly detection techniques;Ahmed;Journal of Network and Computer Applications,2016

4. NSNAD : negative selection-based network anomaly detection approach with relevant feature subset;Aissa;Neural Computing and Applications,2020

5. An analysis of the KDD99 and UNSW-NB15 datasets for the intrusion detection system;Al-Daweri;Symmetry,2020

Cited by 32 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

1. A lightweight SEL for attack detection in IoT/IIoT networks;Journal of Network and Computer Applications;2024-10

2. PPFCM-SMOTE: a novel balancing system for anomaly detection in IoT edge using probabilistic possibilistic fuzzy clustering and SMOTE;International Journal of Information Technology;2024-08-13

3. A hybrid machine learning framework for intrusion detection system in smart cities;Evolving Systems;2024-07-09

4. Performance Analysis of Machine Learning Algorithms on Imbalanced DDoS Attack Dataset;2024 IEEE World AI IoT Congress (AIIoT);2024-05-29

5. LSTM-MI: Revolutionizing Intrusion Detection Through Adaptive Learning and Mutual Information Analysis;2024 Third International Conference on Distributed Computing and Electrical Circuits and Electronics (ICDCECE);2024-04-26

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3