Attack Detection Availing Feature Discretion using Random Forest Classifier

Computer Science & Engineering: An International Journal Pub Date : 2022-12-30 DOI:10.5121/cseij.2022.12611

Anne Dickson, Ciza Thomas

{"title":"Attack Detection Availing Feature Discretion using Random Forest Classifier","authors":"Anne Dickson, Ciza Thomas","doi":"10.5121/cseij.2022.12611","DOIUrl":null,"url":null,"abstract":"The widespread use of the Internet has an adverse effect of being vulnerable to cyber attacks. Defensive mechanisms like firewalls and IDSs have evolved with a lot of research contributions happening in these areas. Machine learning techniques have been successfully used in these defense mechanisms especially IDSs. Although they are effective to some extent in identifying new patterns and variants of existing malicious patterns, many attacks are still left as undetected. The objective is to develop an algorithm for detecting malicious domains based on passive traffic measurements. In this paper, an anomaly-based intrusion detection system based on an ensemble based machine learning classifier called Random Forest with gradient boosting is deployed. NSL-KDD cup dataset is used for analysis and out of 41 features, 32 features were identified as significant using feature discretion. Our observations confirm the conjecture that both the feature selection and stochastic based genetic operators improves the accuracy and the effectiveness. The training time is shown to be reduced tremendously by 98.59% and accuracy improved to 98.75%.","PeriodicalId":361871,"journal":{"name":"Computer Science & Engineering: An International Journal","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science & Engineering: An International Journal","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5121/cseij.2022.12611","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The widespread use of the Internet has an adverse effect of being vulnerable to cyber attacks. Defensive mechanisms like firewalls and IDSs have evolved with a lot of research contributions happening in these areas. Machine learning techniques have been successfully used in these defense mechanisms especially IDSs. Although they are effective to some extent in identifying new patterns and variants of existing malicious patterns, many attacks are still left as undetected. The objective is to develop an algorithm for detecting malicious domains based on passive traffic measurements. In this paper, an anomaly-based intrusion detection system based on an ensemble based machine learning classifier called Random Forest with gradient boosting is deployed. NSL-KDD cup dataset is used for analysis and out of 41 features, 32 features were identified as significant using feature discretion. Our observations confirm the conjecture that both the feature selection and stochastic based genetic operators improves the accuracy and the effectiveness. The training time is shown to be reduced tremendously by 98.59% and accuracy improved to 98.75%.

查看原文本刊更多论文

基于随机森林分类器特征自由裁量的攻击检测

互联网的广泛使用产生了易受网络攻击的不利影响。防火墙和入侵防御系统等防御机制随着这些领域的大量研究贡献而发展。机器学习技术已经成功地应用于这些防御机制，特别是入侵防御系统。尽管它们在识别新模式和现有恶意模式的变体方面在一定程度上是有效的，但许多攻击仍然未被检测到。目标是开发一种基于被动流量测量的恶意域检测算法。本文提出了一种基于集成机器学习分类器随机森林梯度增强的基于异常的入侵检测系统。NSL-KDD杯数据集用于分析，在41个特征中，使用特征自由裁量权确定了32个特征为重要特征。我们的观察证实了特征选择和基于随机的遗传算子都提高了准确性和有效性的猜想。训练时间大大缩短了98.59%，准确率提高到98.75%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Science & Engineering: An International Journal

自引率

0.00%

发文量