Hybrid Intrusion Detection System: Leveraging XGBoost, Genetic Algorithms, and k-Means Clustering
Subject Areas : Multimedia Processing, Communications Systems, Intelligent Systems
1 - Assistant Professor, Department of Information Technology Management, Science and Research Branch, Islamic Azad University, Tehran, Iran
Keywords: Intrusion Detection In Computer Networks, XGboost Algorithm, Clustering, K-Means Algorithm,
Abstract :
Introduction: The proliferation of internet applications has led to an interconnected digital landscape where network security is a paramount concern. Intrusion detection systems (IDS) play a critical role in safeguarding networks by identifying and mitigating unauthorized access and malicious activities. This research proposes a novel IDS framework that integrates XGBoost, k-Means clustering, and genetic algorithms to enhance intrusion detection capabilities.
Method: The proposed IDS framework commences with data preprocessing to ensure compatibility with machine learning algorithms. Subsequently, k-Means clustering is employed to group unlabeled data, generating valuable insights that augment the dataset. To optimize feature selection, a genetic algorithm is integrated into the framework. This algorithm iteratively evaluates feature subsets using XGBoost to identify the most informative features for intrusion detection.
Results: The efficacy of the proposed IDS was evaluated using the NSL-KDD dataset. Comparative analysis with established methods, including decision trees, XGBoost, KNN, and random forests, demonstrated the superior performance of the proposed approach in terms of precision, recall, and F1-score.
Discussion: The integration of XGBoost, k-Means clustering, and genetic algorithms in the proposed IDS framework offers significant advantages. k-Means clustering provides valuable insights into unlabeled data, while genetic algorithms enable efficient feature selection. The empirical results underscore the effectiveness of the proposed approach in accurately detecting intrusions in computer networks.
[1] H. N. Mohsenabad, A. Asghari, “Intrusion detection in computer networks using data mining techniques based on feature selection,” The first international conference on new research achievements in electrical and computer engineering, Amirkabir University, Tehran, 2016 https://civilica.com/doc/496737 [Persian]
[2] T. Fawcett, “An introduction to ROC analysis,” Pattern recognition letters, vol. 27, no. 8, pp. 861-74, 2006.
[3] S. Thapa, M. Akalanka, “The role of intrusion detection/prevention systems in modern computer networks: A review,” In Conference: Midwest Instruction and Computing Symposium (MICS), vol. 53, pp. 1-14. 2020.
[4] M.K. Yadav, K.P. Sharma, “Intrusion Detection System using Machine Learning Algorithms: A Comparative Study,” In 2021 2nd International Conference on Secure Cyber Computing and Communications (ICSCCC), pp. 415-420. IEEE, 2021.
[5] S. Norouzi, M. Mousavi, M. Kazemi, “Intrusion detection using hybrid clustering algorithm and KNN,” The 4th National Conference on Information Technology, Computers and Telecommunications, Mashad, 2017. [Persian]. https://civilica.com/doc/668971
[6] M. Ghale, A. Rezaiepanah, “Intrusion detection in computer networks by combining particle swarm and decision tree algorithms,” The 2nd international conference of new approaches in science, technology and engineering, 2016. [Persian] https://scholar.conference.ac/index.php/download/file/12441-Intrusion-detection-in-computer-networks-by-combining-particle-swarm-algorithms-and-decision-tree
[7] K. Keshavarz, R. Farazkish, “Intrusion detection in computer networks using self-organizing mapping neural network and big data approach,” National conference of new researches in electricity, computer and medical engineering, Kazeroun, 2017. [Persian] https://civilica.com/doc/658034
[8] M. Mozafari, Development of an intrusion detection system (IDS) in computer networks using Bayesian networks, 2016. [Persian]
[9] M. A. Ferrag, L. Maglaras, S. Moschoyiannis, H. Janicke, “Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study,” Journal of Information Security and Applications, vol. 50, Article ID 102419, 2020.
[10] J. Hui, Z. He, G. Ye, and H. Zhang, “Network intrusion detection based on PSO-XGBoost model,” IEEE Access vol. 8, pp. 58392-58401, 2020.
[11] S. Bhattacharya, P. K. R. Maddikunta, R. Kaluri, S. Singh, T. R. Gadekallu, M. Alazab, U. Tariq, “A novel PCA-firefly based XGBoost classification model for intrusion detection in networks using GPU,” Electronics, vol. 9, no. 2, p. 219, 2020.
[12] S. Deshmukh-Bhosale, S.S. Sonavane, “A real-time intrusion detection system for wormhole attack in the RPL based Internet of Things,” Procedia Manufacturing, vol. 32, pp. 840-847, 2019.
[13] P. Lin, Y. Kejiang, X. Cheng-Zhong, “Dynamic network anomaly detection system by using deep learning techniques,” In International conference on cloud computing, pp. 161-176. Springer, Cham, 2019.
[14] S. Manimurugan, M. Al-qdah, M. Mustaffa, C. Narmatha, R. Varatharajan, “Intrusion detection in networks using crow search optimization algorithm with adaptive neuro-fuzzy inference system,” Microprocessors and Microsystems, vol. 79, p. 103261, 2020.
[15] A. Golrang, A. Mohammadi Golrang, S. Yildirim Yayilgan, O. Elezaj, “A novel hybrid IDS based on modified NSGAII-ANN and random forest,” Electronics, vol. 9, no. 4, p. 577, 2020.
[16] T.A. Alamiedy, M. Anbar, Z.N.M. Alqattan, Q.M. Alzubi, “Anomaly-based intrusion detection system using multi-objective grey wolf optimisation algorithm,” Journal of Ambient Intelligence and Humanized Computing, pp. 1-22, 2019.
[17] S. S. Ghanadpour, A. Hezarkhani, “Investigating the behavior of copper element with respect to molybdenum, lead and zinc elements in Perkam porphyry copper deposit in Kerman province, using K-Means method,” Advanced applied geology, vol. 3, No. 1, pp. 43-53, 2013. [Persian]
[18] M. H. Aghdam, P. Kabiri, “Feature selection for intrusion detection system using ant colony optimization,” International Journal of Network Security, Vol.18, no.3, PP.420-432, 2016
