{"title":"基于特征选择和混合机器学习技术的异常网络入侵检测系统","authors":"Apichit Pattawaro, Chantri Polprasert","doi":"10.1109/ICTKE.2018.8612331","DOIUrl":null,"url":null,"abstract":"In this paper, we propose an anomaly-based network intrusion detection system based on a combination of feature selection, K-Means clustering and XGBoost classification model. We test the performance of our proposed system over NSL-KDD dataset using KDDTest+ dataset. A feature selection method based on attribute ratio (AR) [14] is applied to construct a reduced feature subset of NSL-KDD dataset. After applying K-Means clustering, hyperparameter tuning of each classification model corresponding to each cluster is implemented. Using only 2 clusters, our proposed model obtains accuracy equal to 84.41% with detection rate equal to 86.36% and false alarm rate equal to 18.20% for KDDTest+ dataset. The performance of our proposed model outperforms those obtained using the recurrent neural network (RNN)-based deep neural network and other tree-based classifiers. In addition, due to feature selection, our proposed model employs only 75 out of 122 features (61.47%) to achieve this level of performance comparable to those using full number of features to train the model.","PeriodicalId":342802,"journal":{"name":"2018 16th International Conference on ICT and Knowledge Engineering (ICT&KE)","volume":"44 4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Anomaly-Based Network Intrusion Detection System through Feature Selection and Hybrid Machine Learning Technique\",\"authors\":\"Apichit Pattawaro, Chantri Polprasert\",\"doi\":\"10.1109/ICTKE.2018.8612331\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we propose an anomaly-based network intrusion detection system based on a combination of feature selection, K-Means clustering and XGBoost classification model. We test the performance of our proposed system over NSL-KDD dataset using KDDTest+ dataset. A feature selection method based on attribute ratio (AR) [14] is applied to construct a reduced feature subset of NSL-KDD dataset. After applying K-Means clustering, hyperparameter tuning of each classification model corresponding to each cluster is implemented. Using only 2 clusters, our proposed model obtains accuracy equal to 84.41% with detection rate equal to 86.36% and false alarm rate equal to 18.20% for KDDTest+ dataset. The performance of our proposed model outperforms those obtained using the recurrent neural network (RNN)-based deep neural network and other tree-based classifiers. In addition, due to feature selection, our proposed model employs only 75 out of 122 features (61.47%) to achieve this level of performance comparable to those using full number of features to train the model.\",\"PeriodicalId\":342802,\"journal\":{\"name\":\"2018 16th International Conference on ICT and Knowledge Engineering (ICT&KE)\",\"volume\":\"44 4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 16th International Conference on ICT and Knowledge Engineering (ICT&KE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICTKE.2018.8612331\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 16th International Conference on ICT and Knowledge Engineering (ICT&KE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICTKE.2018.8612331","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Anomaly-Based Network Intrusion Detection System through Feature Selection and Hybrid Machine Learning Technique
In this paper, we propose an anomaly-based network intrusion detection system based on a combination of feature selection, K-Means clustering and XGBoost classification model. We test the performance of our proposed system over NSL-KDD dataset using KDDTest+ dataset. A feature selection method based on attribute ratio (AR) [14] is applied to construct a reduced feature subset of NSL-KDD dataset. After applying K-Means clustering, hyperparameter tuning of each classification model corresponding to each cluster is implemented. Using only 2 clusters, our proposed model obtains accuracy equal to 84.41% with detection rate equal to 86.36% and false alarm rate equal to 18.20% for KDDTest+ dataset. The performance of our proposed model outperforms those obtained using the recurrent neural network (RNN)-based deep neural network and other tree-based classifiers. In addition, due to feature selection, our proposed model employs only 75 out of 122 features (61.47%) to achieve this level of performance comparable to those using full number of features to train the model.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
