Improved hybrid algorithm for detection of intrusion into computer networks
Subject Areas : New technologies in distributed systems and algorithmic computingSafanaz Heidari 1 , Firozeh Razavi 2 *
1 - 2Department od Computer, Miandoab Branch, Islamic Azad University, miandoab, Iran,
2 - Department of Information Technology Management, Raja University, Qazvin, Iran
Keywords: Intrusion detection system, Attack detection, Strong gradient boosting, Clustering techniques, Machine learning,
Abstract :
Identifying malicious networks has been a subject of study for decades, and since the volume of network traffic is increasing day by day, there is a need for a successful intrusion-detection system that can make the identification process easier during attacks. The aim behind this research was to take decisions more accurately via real time and faster processing. The purpose of this research was to detect intrusion into computer networks by combining K-means and XG-boost clustering algorithms. The proposed method was performed in two stages. In the first stage, the pre-processing was done by normalizing and digitizing the data set, as well as removing outliers based on two PCA methods and reducing the dimensions of the feature, then using the learner. The researchers used the k-means algorithm to find the optimal number of clusters, finally the Elbow method was utilized to find the optimum number of clusters. The second stage consisted of classifying malicious and normal network traffic from each other by combining K-means and XG-Boost algorithms on computing platforms. The experiments in this article were done using the NSLKDD data set and its implementation in the knime emulator platform; the final evaluation results revealed the superiority of the error detection rate, and the accuracy and correctness of the proposed algorithm compared over other similar methods.
[1] Khan, S., E. Sivaraman, and P.B. Honnavalli. Performance evaluation of advanced machine learning algorithms for network intrusion detection system. in Proceedings of International Conference on IoT Inclusive Life (ICIIL 2019), NITTTR Chandigarh, India. 2020. Springer. DOI: 10.1007/978-981-15-3020-3_6
[2] Zhao, X., Application of data mining technology in software intrusion detection and information processing. Wireless Communications and Mobile Computing, 2022. 2022 DOI:10.1155/2022/3829160.
[3] Zhu, Y., et al., Application of data mining technology in detecting network intrusion and security maintenance. Journal of Intelligent Systems, 2021. 30(1): p. 664-676. DOI:10.1155/2022/3829160
[4] Shahjee, D. and N. Ware, Integrated network and security operation center: A systematic analysis. IEEE Access, 2022. 10: p. 27881-27898.DOI: 10.1109/ACCESS.2022.3157738
[5] Yang, L. and A. Shami, IoT data analytics in dynamic environments: From an automated machine learning perspective. Engineering Applications of Artificial Intelligence, 2022. 116: p. 105366. https://doi.org/10.1016/j.engappai.2022.105366
[6] Khalil, R.A., et al., Deep learning in the industrial internet of things: Potentials, challenges, and emerging applications. IEEE Internet of Things Journal, 2021. 8(14): p. 11016-11040. DOI: 10.1109/JIOT.2021.3051414
[7] Yang, L. and A. Shami. A transfer learning and optimized CNN based intrusion detection system for Internet of Vehicles. in ICC 2022-IEEE International Conference on Communications. 2022. IEEE. DOI: https://doi.org/10.1109/ICC45855.2022.9838780
[8] Sangkatsanee, P., N. Wattanapongsakorn, and C. Charnsripinyo, Practical real-time intrusion detection using machine learning approaches. Computer Communications, 2011. 34(18): p. 2227-2235. DOI: 10.1016/j.comcom.2011.07.001
[9] Axelsson, S., The base-rate fallacy and the difficulty of intrusion detection. ACM Transactions on Information and System Security (TISSEC), 2000. 3(3): p. 186-205 DOI: 10.1145/319709.319710
[10] de Sá, A.G., A.C. Pereira, and G.L. Pappa, A customized classification algorithm for credit card fraud detection. Engineering Applications of Artificial Intelligence, 2018. 72: p. 21-29. https://doi.org/10.1016/j.engappai.2018.03.011
[11] Lee, W., S.J. Stolfo, and K.W. Mok. A data mining framework for building intrusion detection models. in Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No. 99CB36344). 1999. IEEE.DOI: 10.1109/SECPRI.1999.766909
[12]. J. Kazemitabar, R. Taheri, Gh. Kheradmandian. A Novel Technique for Improvement of Intrusion Detection via Combining Random Forrest and Genetic Algorithm,1398.3:p.287-296[in persian]
[13]. Namjouye Rad, A.A. and M. Dadgarpour, Detection of network penetration by data mining and using machine learning via SVM algorithm. Karafan Quarterly Scientific Journal, 2021. 17(4): p. 13-34.DOI: ,
[14]. Mohsen Rezaei1 (M.S.) - Nazanin Zahra Jafari1 (M.S.) - Hossein Ghaffarian2 Comparison of Data Mining Algorithms' Efficiency in Thyroid Disease Diagnosisp.., 2019, p.345-358. [in persian]
[15]. Sharifi, S. and Gheisari, S., design of anomaly-based detection system using support vector machine and grasshopper optimization algorithm in IOT. JOURNAL OF SOUTHERN COMMUNICATION ENGINEERING ISLAMIC AZAD UNIVERSITY BUSHEHR BRANCH. 2023.p.42-58[in persian]
[16]. Thaseen, I.S. and C.A. Kumar, Intrusion detection model using fusion of chi-square feature selection and multi class SVM. Journal of King Saud University-Computer and Information Sciences, 2017. 29(4): p. 462-472. https://doi.org/10.1016/j.jksuci.2015.12.004
[17]. Lin, W.-C., S.-W. Ke, and C.-F. Tsai, CANN: An intrusion detection system based on combining cluster centers and nearest neighbors. Knowledge-based systems, 2015. 78: p. 13-21. https://doi.org/10.1016/j.knosys.2015.01.009
[18]. Ponmalar, A. and V. Dhanakoti, An intrusion detection approach using ensemble support vector machine based chaos game optimization algorithm in big data platform. Applied Soft Computing, 2022. 116: p. 108295 https://doi.org/10.1016/j.asoc.2021.108295.
[19]. Pattawaro, A. and C. Polprasert. Anomaly-based network intrusion detection system through feature selection and hybrid machine learning technique. in 2018 16th International Conference on ICT and Knowledge Engineering (ICT&KE). 2018. IEEE. DOI: 10.1016/j.jocs.2017.04.009
[20]. Lv, H., X. Ji, and Y. Ding. A Mixed Intrusion Detection System utilizing K-means and Extreme Gradient Boosting. in Journal of Physics: Conference Series. 2023. IOP Publishing. DOI 10.1088/1742-6596/2517/1/012016
[21]. Lv, H., X. Ji, and Y. Ding. A Mixed Intrusion Detection System utilizing K-means and Extreme GradientBoosting. in Journal of Physics: Conference Series. 2023. IOP Publishing. DOI 10.1088/1742-6596/2517/1/012016