Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection
TLDR
A Multi-Class Combined performance metric is proposed to compare various multi-class and binary classification systems through incorporating FAR, DR, Accuracy, and class distribution parameters and a uniform distribution based balancing approach is developed to handle the imbalanced distribution of the minority class instances in the CICIDS2017 network intrusion dataset.Abstract:
The security of networked systems has become a critical universal issue that influences individuals, enterprises and governments. The rate of attacks against networked systems has increased dramatically, and the tactics used by the attackers are continuing to evolve. Intrusion detection is one of the solutions against these attacks. A common and effective approach for designing Intrusion Detection Systems (IDS) is Machine Learning. The performance of an IDS is significantly improved when the features are more discriminative and representative. This study uses two feature dimensionality reduction approaches: (i) Auto-Encoder (AE): an instance of deep learning, for dimensionality reduction, and (ii) Principle Component Analysis (PCA). The resulting low-dimensional features from both techniques are then used to build various classifiers such as Random Forest (RF), Bayesian Network, Linear Discriminant Analysis (LDA) and Quadratic Discriminant Analysis (QDA) for designing an IDS. The experimental findings with low-dimensional features in binary and multi-class classification show better performance in terms of Detection Rate (DR), F-Measure, False Alarm Rate (FAR), and Accuracy. This research effort is able to reduce the CICIDS2017 dataset’s feature dimensions from 81 to 10, while maintaining a high accuracy of 99.6% in multi-class and binary classification. Furthermore, in this paper, we propose a Multi-Class Combined performance metric C o m b i n e d M c with respect to class distribution to compare various multi-class and binary classification systems through incorporating FAR, DR, Accuracy, and class distribution parameters. In addition, we developed a uniform distribution based balancing approach to handle the imbalanced distribution of the minority class instances in the CICIDS2017 network intrusion dataset.read more
Citations
More filters
Journal ArticleDOI
Network Intrusion Detection System: A systematic study of Machine Learning and Deep Learning approaches
Zeeshan Ahmad,Zeeshan Ahmad,Adnan Shahid Khan,Cheah Wai Shiang,Johari Abdullah,Farhan Ahmad,Farhan Ahmad +6 more
TL;DR: The concept of IDS is clarified and the taxonomy based on the notable ML and DL techniques adopted in designing network‐based IDS (NIDS) systems is provided, which highlights various research challenges and provided the future scope for the research in improving ML andDL‐based NIDS.
Journal ArticleDOI
An effective convolutional neural network based on SMOTE and Gaussian mixture model for intrusion detection in imbalanced dataset
TL;DR: A flow-based intrusion detection model, SGM-CNN, which integrates imbalanced class processing with convolutional neural network, and investigates the impact of different numbers of convolution kernels and different learning rates on model performance is designed.
Journal ArticleDOI
Effective Attack Detection in Internet of Medical Things Smart Environment Using a Deep Belief Neural Network
S. Manimurugan,Saad Almutairi,Majed Mohammed Aborokbah,Naveen Chilamkurti,Subramaniam Ganesan,Rizwan Patan +5 more
TL;DR: This work has proposed a deep learning-based method Deep Belief Network (DBN) algorithm model for the intrusion detection system and produced better results in all the parameters in relation to accuracy, recall, precision, F1-score, and detection rate.
Journal ArticleDOI
An effective intrusion detection approach using SVM with naïve Bayes feature embedding
TL;DR: Wang et al. as discussed by the authors proposed an effective intrusion detection framework based on SVM with naive Bayes feature embedding, which takes the data quality into consideration, which is essential for constructing a well-performed intrusion detection system beyond machine learning techniques.
Journal ArticleDOI
Hybrid Deep Learning for Botnet Attack Detection in the Internet-of-Things Networks
TL;DR: This article reduces the feature dimensionality of large-scale IoT network traffic data using the encoding phase of long short-term memory autoencoder (LAE), and the deep BLSTM model demonstrates robustness against model underfitting and overfitting and achieves good generalisation ability in binary and multiclass classification scenarios.
References
More filters
Proceedings Article
Auto-Encoding Variational Bayes
Diederik P. Kingma,Max Welling +1 more
TL;DR: A stochastic variational inference and learning algorithm that scales to large datasets and, under some mild differentiability conditions, even works in the intractable case is introduced.
Posted Content
Auto-Encoding Variational Bayes
Diederik P. Kingma,Max Welling +1 more
TL;DR: In this paper, a stochastic variational inference and learning algorithm was proposed for directed probabilistic models with intractable posterior distributions and large datasets, which scales to large datasets.
Posted Content
Stochastic Backpropagation and Approximate Inference in Deep Generative Models
TL;DR: In this article, a generative and recognition model is proposed to represent approximate posterior distributions and act as a stochastic encoder of the data, which allows for joint optimisation of the parameters of both the generative model and the recognition model.
Journal ArticleDOI
Random forest in remote sensing: A review of applications and future directions
Mariana Belgiu,Lucian Drăguţ +1 more
TL;DR: This review has revealed that RF classifier can successfully handle high data dimensionality and multicolinearity, being both fast and insensitive to overfitting.
Dimensionality Reduction: A Comparative Review
TL;DR: The results of the experiments reveal that nonlinear techniques perform well on selected artificial tasks, but that this strong performance does not necessarily extend to real-world tasks.
Related Papers (5)
UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)
Nour Moustafa,Jill Slay +1 more