Adaptive machine learning based network intrusion detection
- Chindove, Hatitye E, Brown, Dane L
- Authors: Chindove, Hatitye E , Brown, Dane L
- Date: 2021
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/464052 , vital:76471 , xlink:href="https://doi.org/10.1145/3487923.3487938"
- Description: Network intrusion detection system (NIDS) adoption is essential for mitigating computer network attacks in various scenarios. However, the increasing complexity of computer networks and attacks make it challenging to classify network traffic. Machine learning (ML) techniques in a NIDS can be affected by different scenarios, and thus the recency, size and applicability of datasets are vital factors to consider when selecting and tuning a machine learning classifier. The proposed approach evaluates relatively new datasets constructed such that they depict real-world scenarios. It includes analyses of dataset balancing and sampling, feature engineering and systematic ML-based NIDS model tuning focused on the adaptive improvement of intrusion detection. A comparison between machine learning classifiers forms part of the evaluation process. Results on the proposed approach model effectiveness for NIDS are discussed. Recurrent neural networks and random forests models consistently achieved high f1-score results with macro f1-scores of 0.73 and 0.87 for the CICIDS 2017 dataset; and 0.73 and 0.72 against the CICIDS 2018 dataset, respectively.
- Full Text:
- Date Issued: 2021
- Authors: Chindove, Hatitye E , Brown, Dane L
- Date: 2021
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/464052 , vital:76471 , xlink:href="https://doi.org/10.1145/3487923.3487938"
- Description: Network intrusion detection system (NIDS) adoption is essential for mitigating computer network attacks in various scenarios. However, the increasing complexity of computer networks and attacks make it challenging to classify network traffic. Machine learning (ML) techniques in a NIDS can be affected by different scenarios, and thus the recency, size and applicability of datasets are vital factors to consider when selecting and tuning a machine learning classifier. The proposed approach evaluates relatively new datasets constructed such that they depict real-world scenarios. It includes analyses of dataset balancing and sampling, feature engineering and systematic ML-based NIDS model tuning focused on the adaptive improvement of intrusion detection. A comparison between machine learning classifiers forms part of the evaluation process. Results on the proposed approach model effectiveness for NIDS are discussed. Recurrent neural networks and random forests models consistently achieved high f1-score results with macro f1-scores of 0.73 and 0.87 for the CICIDS 2017 dataset; and 0.73 and 0.72 against the CICIDS 2018 dataset, respectively.
- Full Text:
- Date Issued: 2021
Adaptive network intrusion detection using optimised machine learning models
- Chindove, Hatitye E, Brown, Dane L
- Authors: Chindove, Hatitye E , Brown, Dane L
- Date: 2021
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/465634 , vital:76627 , xlink:href="https://www.researchgate.net/publication/358046953_Adaptive_Network_Intrusion_Detection_using_Optimised_Machine_Learning_Models"
- Description: Network intrusion detection system (NIDS) adoption is essential for mitigating computer network attacks in various scenarios. However, the increasing complexity of computer networks and attacks make it challenging to classify network traffic. Machine learning (ML) techniques in a NIDS can be affected by different scenarios, and thus the recency, size and applicability of datasets are vital factors to consider when selecting and tuning a machine learning classifier. The proposed approach evaluates relatively new datasets constructed such that they depict real-world scenarios. It includes empirical analyses of practical, systematic ML-based NIDS with significant network traffic for improved intrusion detection. A comparison between machine learning classifiers, including deep learning, form part of the evaluation process. Results on how the proposed approach increased model effectiveness for NIDS in a more practical setting are discussed. Recurrent neural networks and random forests models consistently achieved the best results.
- Full Text:
- Date Issued: 2021
- Authors: Chindove, Hatitye E , Brown, Dane L
- Date: 2021
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/465634 , vital:76627 , xlink:href="https://www.researchgate.net/publication/358046953_Adaptive_Network_Intrusion_Detection_using_Optimised_Machine_Learning_Models"
- Description: Network intrusion detection system (NIDS) adoption is essential for mitigating computer network attacks in various scenarios. However, the increasing complexity of computer networks and attacks make it challenging to classify network traffic. Machine learning (ML) techniques in a NIDS can be affected by different scenarios, and thus the recency, size and applicability of datasets are vital factors to consider when selecting and tuning a machine learning classifier. The proposed approach evaluates relatively new datasets constructed such that they depict real-world scenarios. It includes empirical analyses of practical, systematic ML-based NIDS with significant network traffic for improved intrusion detection. A comparison between machine learning classifiers, including deep learning, form part of the evaluation process. Results on how the proposed approach increased model effectiveness for NIDS in a more practical setting are discussed. Recurrent neural networks and random forests models consistently achieved the best results.
- Full Text:
- Date Issued: 2021
- «
- ‹
- 1
- ›
- »