Ensuring network security with a robust intrusion detection system using ensemble-based machine learning

IF 2.3 Q2 COMPUTER SCIENCE, THEORY & METHODS
Array Pub Date : 2023-09-01 DOI:10.1016/j.array.2023.100306
Md. Alamgir Hossain, Md. Saiful Islam
{"title":"Ensuring network security with a robust intrusion detection system using ensemble-based machine learning","authors":"Md. Alamgir Hossain,&nbsp;Md. Saiful Islam","doi":"10.1016/j.array.2023.100306","DOIUrl":null,"url":null,"abstract":"<div><p>Intrusion detection is a critical aspect of network security to protect computer systems from unauthorized access and attacks. The capacity of traditional intrusion detection systems (IDS) to identify unknown sophisticated threats is constrained by their reliance on signature-based detection. Approaches based on machine learning have shown promising results in identifying unknown malicious attacks. No learning algorithm-based model, however, is able to accurately and consistently detect all different kinds of attacks. Besides that, the existing models are tested for a specific dataset. In this research, a novel ensemble-based machine-learning technique for intrusion detection is presented. Numerous public datasets and multiple ensemble strategies, including Random Forest, Gradient Boosting, Adaboost, Gradient XGBoost, Bagging, and Simple Stacking, will be employed to evaluate the performance of the proposed approach. The most relevant features for the detection of intrusion are selected using correlation analysis, mutual information, and principal component analysis. Our research using different ensemble methods demonstrates that the proposed approach using the Random Forest technique outperforms existing approaches in terms of accuracy and FPR, typically exceeding 99% with better evaluation metrics like Precision, Recall, F1-score, Balanced Accuracy, Cohen's Kappa, etc. This strategy may be a useful tool for strengthening the safety of computer systems and networks against emerging cyber threats.</p></div>","PeriodicalId":8417,"journal":{"name":"Array","volume":null,"pages":null},"PeriodicalIF":2.3000,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Array","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2590005623000310","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 4

Abstract

Intrusion detection is a critical aspect of network security to protect computer systems from unauthorized access and attacks. The capacity of traditional intrusion detection systems (IDS) to identify unknown sophisticated threats is constrained by their reliance on signature-based detection. Approaches based on machine learning have shown promising results in identifying unknown malicious attacks. No learning algorithm-based model, however, is able to accurately and consistently detect all different kinds of attacks. Besides that, the existing models are tested for a specific dataset. In this research, a novel ensemble-based machine-learning technique for intrusion detection is presented. Numerous public datasets and multiple ensemble strategies, including Random Forest, Gradient Boosting, Adaboost, Gradient XGBoost, Bagging, and Simple Stacking, will be employed to evaluate the performance of the proposed approach. The most relevant features for the detection of intrusion are selected using correlation analysis, mutual information, and principal component analysis. Our research using different ensemble methods demonstrates that the proposed approach using the Random Forest technique outperforms existing approaches in terms of accuracy and FPR, typically exceeding 99% with better evaluation metrics like Precision, Recall, F1-score, Balanced Accuracy, Cohen's Kappa, etc. This strategy may be a useful tool for strengthening the safety of computer systems and networks against emerging cyber threats.

使用基于集成的机器学习的强大入侵检测系统确保网络安全
入侵检测是保护计算机系统免受未经授权的访问和攻击的一个重要方面。传统入侵检测系统对未知复杂威胁的识别能力受到基于签名检测的限制。基于机器学习的方法在识别未知恶意攻击方面显示出有希望的结果。然而,没有一种基于学习算法的模型能够准确、一致地检测到所有不同类型的攻击。此外,针对特定数据集对现有模型进行了测试。本文提出了一种新的基于集成的入侵检测机器学习技术。将使用大量公共数据集和多种集成策略(包括Random Forest、Gradient Boosting、Adaboost、Gradient XGBoost、Bagging和Simple Stacking)来评估所提出方法的性能。利用相关分析、互信息分析和主成分分析,选择与入侵检测最相关的特征。我们使用不同的集成方法进行的研究表明,使用随机森林技术的方法在准确性和FPR方面优于现有方法,通常超过99%,具有更好的评估指标,如Precision, Recall, F1-score, Balanced accuracy, Cohen's Kappa等。这一战略可能是加强计算机系统和网络安全以抵御新出现的网络威胁的有用工具。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Array
Array Computer Science-General Computer Science
CiteScore
4.40
自引率
0.00%
发文量
93
审稿时长
45 days
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信