基于同构集成技术的有效入侵检测系统

IF 0.5 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING

International Journal of Information Security and Privacy Pub Date : 2022-01-01 DOI:10.4018/ijisp.2022010112

F. Masoodi, Iram Abrar, A. Bamhdi

{"title":"基于同构集成技术的有效入侵检测系统","authors":"F. Masoodi, Iram Abrar, A. Bamhdi","doi":"10.4018/ijisp.2022010112","DOIUrl":null,"url":null,"abstract":"In this work, homogeneous ensemble techniques, namely bagging and boosting were employed for intrusion detection to determine the intrusive activities in network by monitoring the network traffic. Simultaneously, model diversity was enhanced as numerous algorithms were taken into account, thereby leading to an increase in the detection rate Several classifiers, i.e., SVM, KNN, RF, ETC and MLP) were used in case of bagging approach. Likewise, tree-based classifiers have been employed for boosting. The proposed model was tested on NSL-KDD dataset that was initially subjected to preprocessing. Accordingly, ten most significant features were identified using decision tree and recursive feature elimination method. Furthermore, the dataset was divided into five subsets, each one them being subjected to training, and the final results were obtained based on majority voting. Experimental results proved that the model was effective for detecting intrusive activities. Bagged ETC and boosted RF outperformed all the other classifiers with an accuracy of 99.123% and 99.309%, respectively.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"16 1","pages":"1-18"},"PeriodicalIF":0.5000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"An Effective Intrusion Detection System Using Homogeneous Ensemble Techniques\",\"authors\":\"F. Masoodi, Iram Abrar, A. Bamhdi\",\"doi\":\"10.4018/ijisp.2022010112\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this work, homogeneous ensemble techniques, namely bagging and boosting were employed for intrusion detection to determine the intrusive activities in network by monitoring the network traffic. Simultaneously, model diversity was enhanced as numerous algorithms were taken into account, thereby leading to an increase in the detection rate Several classifiers, i.e., SVM, KNN, RF, ETC and MLP) were used in case of bagging approach. Likewise, tree-based classifiers have been employed for boosting. The proposed model was tested on NSL-KDD dataset that was initially subjected to preprocessing. Accordingly, ten most significant features were identified using decision tree and recursive feature elimination method. Furthermore, the dataset was divided into five subsets, each one them being subjected to training, and the final results were obtained based on majority voting. Experimental results proved that the model was effective for detecting intrusive activities. Bagged ETC and boosted RF outperformed all the other classifiers with an accuracy of 99.123% and 99.309%, respectively.\",\"PeriodicalId\":44332,\"journal\":{\"name\":\"International Journal of Information Security and Privacy\",\"volume\":\"16 1\",\"pages\":\"1-18\"},\"PeriodicalIF\":0.5000,\"publicationDate\":\"2022-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Information Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/ijisp.2022010112\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijisp.2022010112","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 2

摘要

在本研究中，入侵检测采用同构集成技术，即bagging和boosting，通过监测网络流量来确定网络中的入侵活动。同时，由于考虑了多种算法，增强了模型的多样性，从而提高了检测率。在bagging方法中，使用了SVM、KNN、RF、ETC和MLP等几种分类器。同样，基于树的分类器也被用于提升。在初步预处理的NSL-KDD数据集上对该模型进行了测试。利用决策树和递归特征消去法，识别出10个最显著的特征。进一步，将数据集分成5个子集，每个子集都进行训练，并基于多数投票获得最终结果。实验结果表明，该模型对入侵活动检测是有效的。Bagged ETC和boosting RF分别以99.123%和99.309%的准确率优于所有其他分类器。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Effective Intrusion Detection System Using Homogeneous Ensemble Techniques

In this work, homogeneous ensemble techniques, namely bagging and boosting were employed for intrusion detection to determine the intrusive activities in network by monitoring the network traffic. Simultaneously, model diversity was enhanced as numerous algorithms were taken into account, thereby leading to an increase in the detection rate Several classifiers, i.e., SVM, KNN, RF, ETC and MLP) were used in case of bagging approach. Likewise, tree-based classifiers have been employed for boosting. The proposed model was tested on NSL-KDD dataset that was initially subjected to preprocessing. Accordingly, ten most significant features were identified using decision tree and recursive feature elimination method. Furthermore, the dataset was divided into five subsets, each one them being subjected to training, and the final results were obtained based on majority voting. Experimental results proved that the model was effective for detecting intrusive activities. Bagged ETC and boosted RF outperformed all the other classifiers with an accuracy of 99.123% and 99.309%, respectively.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Information Security and Privacy COMPUTER SCIENCE, SOFTWARE ENGINEERING-

CiteScore

2.50

自引率

0.00%

发文量

期刊介绍： As information technology and the Internet become more and more ubiquitous and pervasive in our daily lives, there is an essential need for a more thorough understanding of information security and privacy issues and concerns. The International Journal of Information Security and Privacy (IJISP) creates and fosters a forum where research in the theory and practice of information security and privacy is advanced. IJISP publishes high quality papers dealing with a wide range of issues, ranging from technical, legal, regulatory, organizational, managerial, cultural, ethical and human aspects of information security and privacy, through a balanced mix of theoretical and empirical research articles, case studies, book reviews, tutorials, and editorials. This journal encourages submission of manuscripts that present research frameworks, methods, methodologies, theory development and validation, case studies, simulation results and analysis, technological architectures, infrastructure issues in design, and implementation and maintenance of secure and privacy preserving initiatives.