基于机器学习的入侵检测

2022 IEEE Fourth International Conference on Advances in Electronics, Computers and Communications (ICAECC) Pub Date : 2022-01-10 DOI:10.1109/ICAECC54045.2022.9716648

Shivam Kejriwal, Devika Patadia, Saloni Dagli, Prachi Tawde

{"title":"基于机器学习的入侵检测","authors":"Shivam Kejriwal, Devika Patadia, Saloni Dagli, Prachi Tawde","doi":"10.1109/ICAECC54045.2022.9716648","DOIUrl":null,"url":null,"abstract":"Intrusion refers to any malicious activity done in order to access confidential data. An intrusion detection system (IDS) detects these attacks and, on detection, it reports them to the administrator. It does so either by comparing the new activity with the past activities or by analyzing the network performance. This system forms a part of the vast security module and works with several other such sub-modules in order to make sure that these unwanted intrusions do not go unreported. The system that has been implemented in this paper is an anomaly-based Intrusion Detection System (IDS). The primary purpose of this implementation is to develop an efficient system in order to detect any external or internal unauthenticated activity. Several models have been experimented with in order to find one that suits the system the best and gives a good enough accuracy. The models that have been experimented with include Logistic Regressor, Random Forest Classifier, K Nearest Neighbor classifier, XGBoost Classifier, Gaussian Naive Bayes Classifier and a Multi-Layer Perceptron Classifier (MLP). Further, the accuracy of each of these models was calculated, and a comparative analysis was done between the performance of these models. The model that performed the best in this particular use case was the Random Forest Classifier giving an accuracy of 99.8% and a macro average F1-Score of 0.98.","PeriodicalId":199351,"journal":{"name":"2022 IEEE Fourth International Conference on Advances in Electronics, Computers and Communications (ICAECC)","volume":"58 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Machine Learning Based Intrusion Detection\",\"authors\":\"Shivam Kejriwal, Devika Patadia, Saloni Dagli, Prachi Tawde\",\"doi\":\"10.1109/ICAECC54045.2022.9716648\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusion refers to any malicious activity done in order to access confidential data. An intrusion detection system (IDS) detects these attacks and, on detection, it reports them to the administrator. It does so either by comparing the new activity with the past activities or by analyzing the network performance. This system forms a part of the vast security module and works with several other such sub-modules in order to make sure that these unwanted intrusions do not go unreported. The system that has been implemented in this paper is an anomaly-based Intrusion Detection System (IDS). The primary purpose of this implementation is to develop an efficient system in order to detect any external or internal unauthenticated activity. Several models have been experimented with in order to find one that suits the system the best and gives a good enough accuracy. The models that have been experimented with include Logistic Regressor, Random Forest Classifier, K Nearest Neighbor classifier, XGBoost Classifier, Gaussian Naive Bayes Classifier and a Multi-Layer Perceptron Classifier (MLP). Further, the accuracy of each of these models was calculated, and a comparative analysis was done between the performance of these models. The model that performed the best in this particular use case was the Random Forest Classifier giving an accuracy of 99.8% and a macro average F1-Score of 0.98.\",\"PeriodicalId\":199351,\"journal\":{\"name\":\"2022 IEEE Fourth International Conference on Advances in Electronics, Computers and Communications (ICAECC)\",\"volume\":\"58 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-01-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE Fourth International Conference on Advances in Electronics, Computers and Communications (ICAECC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICAECC54045.2022.9716648\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE Fourth International Conference on Advances in Electronics, Computers and Communications (ICAECC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICAECC54045.2022.9716648","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

入侵是指为了访问机密数据而进行的任何恶意活动。入侵检测系统(IDS)检测这些攻击，并将其报告给管理员。它通过将新活动与过去的活动进行比较或分析网络性能来实现这一点。该系统构成了庞大的安全模块的一部分，并与其他几个这样的子模块一起工作，以确保这些不必要的入侵不会不报告。本文所实现的系统是一个基于异常的入侵检测系统。此实现的主要目的是开发一个有效的系统，以便检测任何外部或内部未经身份验证的活动。为了找到一个最适合系统并提供足够好的精度的模型，已经试验了几个模型。已经实验的模型包括逻辑回归器、随机森林分类器、K近邻分类器、XGBoost分类器、高斯朴素贝叶斯分类器和多层感知器分类器(MLP)。进一步计算了各模型的精度，并对各模型的性能进行了对比分析。在这个特定的用例中，表现最好的模型是随机森林分类器，它的准确率为99.8%，宏观平均F1-Score为0.98。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Machine Learning Based Intrusion Detection

Intrusion refers to any malicious activity done in order to access confidential data. An intrusion detection system (IDS) detects these attacks and, on detection, it reports them to the administrator. It does so either by comparing the new activity with the past activities or by analyzing the network performance. This system forms a part of the vast security module and works with several other such sub-modules in order to make sure that these unwanted intrusions do not go unreported. The system that has been implemented in this paper is an anomaly-based Intrusion Detection System (IDS). The primary purpose of this implementation is to develop an efficient system in order to detect any external or internal unauthenticated activity. Several models have been experimented with in order to find one that suits the system the best and gives a good enough accuracy. The models that have been experimented with include Logistic Regressor, Random Forest Classifier, K Nearest Neighbor classifier, XGBoost Classifier, Gaussian Naive Bayes Classifier and a Multi-Layer Perceptron Classifier (MLP). Further, the accuracy of each of these models was calculated, and a comparative analysis was done between the performance of these models. The model that performed the best in this particular use case was the Random Forest Classifier giving an accuracy of 99.8% and a macro average F1-Score of 0.98.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 IEEE Fourth International Conference on Advances in Electronics, Computers and Communications (ICAECC)

自引率

0.00%

发文量