Network Intrusion Detection with XGBoost and Deep Learning Algorithms: An Evaluation Study

2020 International Conference on Computational Science and Computational Intelligence (CSCI) Pub Date : 2020-12-01 DOI:10.1109/CSCI51800.2020.00031

Amr Attia, M. Faezipour, Abdel-shakour Abuzneid

{"title":"Network Intrusion Detection with XGBoost and Deep Learning Algorithms: An Evaluation Study","authors":"Amr Attia, M. Faezipour, Abdel-shakour Abuzneid","doi":"10.1109/CSCI51800.2020.00031","DOIUrl":null,"url":null,"abstract":"This paper introduces an effective Network Intrusion Detection Systems (NIDS) framework that deploys incremental statistical damping features of the packets along with state-of- the-art machine/deep learning algorithms to detect malicious patterns. A comprehensive evaluation study is conducted between eXtreme Gradient Boosting (XGBoost) and Artificial Neural Networks (ANN) where feature selection and/or feature dimensionality reduction techniques such as Principal Component Analysis (PCA) and Linear Discriminant Analysis (LDA) are also integrated into the models to decrease the system complexity for achieving fast responses. Several experimental runs confirm how powerful machine/deep learning algorithms are for intrusion detection on known attacks when combined with the appropriate features extracted. To investigate unknown attacks, the models were trained on a subset of the attack datasets, while a different set (with a different attack type) was kept aside for testing. The decent results achieved further support the belief that through supervised learning, the model could additionally detect unknown attacks.","PeriodicalId":336929,"journal":{"name":"2020 International Conference on Computational Science and Computational Intelligence (CSCI)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 International Conference on Computational Science and Computational Intelligence (CSCI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSCI51800.2020.00031","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

This paper introduces an effective Network Intrusion Detection Systems (NIDS) framework that deploys incremental statistical damping features of the packets along with state-of- the-art machine/deep learning algorithms to detect malicious patterns. A comprehensive evaluation study is conducted between eXtreme Gradient Boosting (XGBoost) and Artificial Neural Networks (ANN) where feature selection and/or feature dimensionality reduction techniques such as Principal Component Analysis (PCA) and Linear Discriminant Analysis (LDA) are also integrated into the models to decrease the system complexity for achieving fast responses. Several experimental runs confirm how powerful machine/deep learning algorithms are for intrusion detection on known attacks when combined with the appropriate features extracted. To investigate unknown attacks, the models were trained on a subset of the attack datasets, while a different set (with a different attack type) was kept aside for testing. The decent results achieved further support the belief that through supervised learning, the model could additionally detect unknown attacks.

查看原文本刊更多论文

基于XGBoost和深度学习算法的网络入侵检测:评估研究

本文介绍了一个有效的网络入侵检测系统(NIDS)框架，该框架部署了数据包的增量统计阻尼特征以及最先进的机器/深度学习算法来检测恶意模式。在极端梯度增强(XGBoost)和人工神经网络(ANN)之间进行了全面的评估研究，其中特征选择和/或特征降维技术，如主成分分析(PCA)和线性判别分析(LDA)也集成到模型中，以降低系统复杂性，实现快速响应。几个实验运行证实了机器/深度学习算法在与提取的适当特征相结合时对已知攻击的入侵检测是多么强大。为了调查未知的攻击，模型在攻击数据集的一个子集上进行训练，而另一个集(具有不同的攻击类型)被保留下来进行测试。取得的良好结果进一步支持了通过监督学习，模型可以额外检测未知攻击的信念。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 International Conference on Computational Science and Computational Intelligence (CSCI)

自引率

0.00%

发文量