基于Amazon SageMaker的入侵检测系统异常检测

2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA) Pub Date : 2023-05-23 DOI:10.1109/SERA57763.2023.10197735

Ian Trawinski, H. Wimmer, Jongyeop Kim

{"title":"基于Amazon SageMaker的入侵检测系统异常检测","authors":"Ian Trawinski, H. Wimmer, Jongyeop Kim","doi":"10.1109/SERA57763.2023.10197735","DOIUrl":null,"url":null,"abstract":"Applying artificial intelligence and machine learning to analyzing network traffic has the potential to be transformative in protecting organizations from cyber threats. Intrusion detection systems (IDS) are historically rule-based; however, they could be improved. Applying machine learning in the form of Anomaly Detection could be the next step in preventing cyber threats from causing malicious activity on the network. Two algorithms that are implemented in anomaly detection through the use of Amazon SageMaker are Random Cut Forest (RCF) and XGBoost. The data for this project are the training and testing data set provided by the UNSW-15 data set. The models are created using the Jupiter Notebook on the Amazon SageMaker Studio Lab platform. The models were tested using the metrics of accuracy, precision, recall, and F1 score. The best-performing model was the XGBoost model, with an accuracy of 61.83%. The recall for this model was 96.49%, and the f1 score was 73.24%.","PeriodicalId":211080,"journal":{"name":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Anomaly Detection in Intrusion Detection System using Amazon SageMaker\",\"authors\":\"Ian Trawinski, H. Wimmer, Jongyeop Kim\",\"doi\":\"10.1109/SERA57763.2023.10197735\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Applying artificial intelligence and machine learning to analyzing network traffic has the potential to be transformative in protecting organizations from cyber threats. Intrusion detection systems (IDS) are historically rule-based; however, they could be improved. Applying machine learning in the form of Anomaly Detection could be the next step in preventing cyber threats from causing malicious activity on the network. Two algorithms that are implemented in anomaly detection through the use of Amazon SageMaker are Random Cut Forest (RCF) and XGBoost. The data for this project are the training and testing data set provided by the UNSW-15 data set. The models are created using the Jupiter Notebook on the Amazon SageMaker Studio Lab platform. The models were tested using the metrics of accuracy, precision, recall, and F1 score. The best-performing model was the XGBoost model, with an accuracy of 61.83%. The recall for this model was 96.49%, and the f1 score was 73.24%.\",\"PeriodicalId\":211080,\"journal\":{\"name\":\"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERA57763.2023.10197735\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERA57763.2023.10197735","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

将人工智能和机器学习应用于网络流量分析，在保护组织免受网络威胁方面具有变革性的潜力。入侵检测系统(IDS)历来是基于规则的;然而，它们还可以改进。以异常检测的形式应用机器学习可能是防止网络威胁在网络上引起恶意活动的下一步。通过使用Amazon SageMaker实现异常检测的两种算法是Random Cut Forest (RCF)和XGBoost。本项目数据为UNSW-15数据集提供的训练和测试数据集。这些模型是使用Amazon SageMaker Studio Lab平台上的Jupiter Notebook创建的。使用准确性、精密度、召回率和F1分数对模型进行了测试。其中，XGBoost模型表现最好，准确率为61.83%。该模型的召回率为96.49%，f1得分为73.24%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Anomaly Detection in Intrusion Detection System using Amazon SageMaker

Applying artificial intelligence and machine learning to analyzing network traffic has the potential to be transformative in protecting organizations from cyber threats. Intrusion detection systems (IDS) are historically rule-based; however, they could be improved. Applying machine learning in the form of Anomaly Detection could be the next step in preventing cyber threats from causing malicious activity on the network. Two algorithms that are implemented in anomaly detection through the use of Amazon SageMaker are Random Cut Forest (RCF) and XGBoost. The data for this project are the training and testing data set provided by the UNSW-15 data set. The models are created using the Jupiter Notebook on the Amazon SageMaker Studio Lab platform. The models were tested using the metrics of accuracy, precision, recall, and F1 score. The best-performing model was the XGBoost model, with an accuracy of 61.83%. The recall for this model was 96.49%, and the f1 score was 73.24%.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2023 IEEE/ACIS 21st International Conference on Software Engineering Research, Management and Applications (SERA)

自引率

0.00%

发文量