基于特征选择技术的网络攻击检测堆叠集合方法

International Journal of Cognitive Computing in Engineering Pub Date : 2024-01-01 DOI:10.1016/j.ijcce.2024.07.005

Wahida Ferdose Urmi , Mohammed Nasir Uddin , Md Ashraf Uddin , Md. Alamin Talukder , Md. Rahat Hasan , Souvik Paul , Moumita Chanda , John Ayoade , Ansam Khraisat , Rakib Hossen , Faisal Imran

{"title":"基于特征选择技术的网络攻击检测堆叠集合方法","authors":"Wahida Ferdose Urmi , Mohammed Nasir Uddin , Md Ashraf Uddin , Md. Alamin Talukder , Md. Rahat Hasan , Souvik Paul , Moumita Chanda , John Ayoade , Ansam Khraisat , Rakib Hossen , Faisal Imran","doi":"10.1016/j.ijcce.2024.07.005","DOIUrl":null,"url":null,"abstract":"<div><p>The exponential growth of data and increased reliance on interconnected systems have heightened the need for robust network security. Cyber-Attack Detection Systems (CADS) are essential for identifying and mitigating threats through network traffic analysis. However, the effectiveness of CADS is highly dependent on selecting pertinent features. This research evaluates the impact of three feature selection techniques—Recursive Feature Elimination (RFE), Mutual Information (MI), and Lasso Feature Selection (LFS)—on CADS performance. We propose a novel stacked ensemble classification approach, combining Random Forest, XGBoost, and Extra-Trees classifiers with a Logistic Regression meta-model. Performance is assessed using CICIDS2017 and NSL-KDD datasets. Results show that RFE achieves 100% accuracy for Brute Force attacks, 99.99% for Infiltration and Web Attacks on CICIDS2017, and 99.95% accuracy for all attacks on NSL-KDD, marking a significant improvement over traditional methods. This study demonstrates that optimizing feature selection and leveraging diverse classifiers can substantially enhance the accuracy of CADS, providing stronger protection against evolving cyber threats.</p></div>","PeriodicalId":100694,"journal":{"name":"International Journal of Cognitive Computing in Engineering","volume":"5 ","pages":"Pages 316-331"},"PeriodicalIF":0.0000,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2666307424000263/pdfft?md5=828b5cf23a6da444c5619047b16891c1&pid=1-s2.0-S2666307424000263-main.pdf","citationCount":"0","resultStr":"{\"title\":\"A stacked ensemble approach to detect cyber attacks based on feature selection techniques\",\"authors\":\"Wahida Ferdose Urmi , Mohammed Nasir Uddin , Md Ashraf Uddin , Md. Alamin Talukder , Md. Rahat Hasan , Souvik Paul , Moumita Chanda , John Ayoade , Ansam Khraisat , Rakib Hossen , Faisal Imran\",\"doi\":\"10.1016/j.ijcce.2024.07.005\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>The exponential growth of data and increased reliance on interconnected systems have heightened the need for robust network security. Cyber-Attack Detection Systems (CADS) are essential for identifying and mitigating threats through network traffic analysis. However, the effectiveness of CADS is highly dependent on selecting pertinent features. This research evaluates the impact of three feature selection techniques—Recursive Feature Elimination (RFE), Mutual Information (MI), and Lasso Feature Selection (LFS)—on CADS performance. We propose a novel stacked ensemble classification approach, combining Random Forest, XGBoost, and Extra-Trees classifiers with a Logistic Regression meta-model. Performance is assessed using CICIDS2017 and NSL-KDD datasets. Results show that RFE achieves 100% accuracy for Brute Force attacks, 99.99% for Infiltration and Web Attacks on CICIDS2017, and 99.95% accuracy for all attacks on NSL-KDD, marking a significant improvement over traditional methods. This study demonstrates that optimizing feature selection and leveraging diverse classifiers can substantially enhance the accuracy of CADS, providing stronger protection against evolving cyber threats.</p></div>\",\"PeriodicalId\":100694,\"journal\":{\"name\":\"International Journal of Cognitive Computing in Engineering\",\"volume\":\"5 \",\"pages\":\"Pages 316-331\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.sciencedirect.com/science/article/pii/S2666307424000263/pdfft?md5=828b5cf23a6da444c5619047b16891c1&pid=1-s2.0-S2666307424000263-main.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Cognitive Computing in Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2666307424000263\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Cognitive Computing in Engineering","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2666307424000263","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

数据的指数级增长和对互联系统的日益依赖，提高了对强大网络安全的需求。网络攻击检测系统（CADS）对于通过网络流量分析识别和减轻威胁至关重要。然而，CADS 的有效性在很大程度上取决于对相关功能的选择。本研究评估了三种特征选择技术--递归特征消除（RFE）、互信息（MI）和拉索特征选择（LFS）--对 CADS 性能的影响。我们提出了一种新颖的堆叠组合分类方法，将随机森林、XGBoost 和 Extra-Trees 分类器与逻辑回归元模型相结合。我们使用 CICIDS2017 和 NSL-KDD 数据集对性能进行了评估。结果表明，在 CICIDS2017 上，RFE 对暴力攻击的准确率达到 100%，对渗透和网络攻击的准确率达到 99.99%，对 NSL-KDD 上所有攻击的准确率达到 99.95%，与传统方法相比有显著提高。这项研究表明，优化特征选择和利用多样化的分类器可以大幅提高 CADS 的准确性，从而为应对不断发展的网络威胁提供更有力的保护。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A stacked ensemble approach to detect cyber attacks based on feature selection techniques

The exponential growth of data and increased reliance on interconnected systems have heightened the need for robust network security. Cyber-Attack Detection Systems (CADS) are essential for identifying and mitigating threats through network traffic analysis. However, the effectiveness of CADS is highly dependent on selecting pertinent features. This research evaluates the impact of three feature selection techniques—Recursive Feature Elimination (RFE), Mutual Information (MI), and Lasso Feature Selection (LFS)—on CADS performance. We propose a novel stacked ensemble classification approach, combining Random Forest, XGBoost, and Extra-Trees classifiers with a Logistic Regression meta-model. Performance is assessed using CICIDS2017 and NSL-KDD datasets. Results show that RFE achieves 100% accuracy for Brute Force attacks, 99.99% for Infiltration and Web Attacks on CICIDS2017, and 99.95% accuracy for all attacks on NSL-KDD, marking a significant improvement over traditional methods. This study demonstrates that optimizing feature selection and leveraging diverse classifiers can substantially enhance the accuracy of CADS, providing stronger protection against evolving cyber threats.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Cognitive Computing in Engineering

CiteScore

13.80

自引率

0.00%

发文量