Abstract

The effectiveness of an organization in detecting and preventing computer network (CN) attacks is significantly influenced by the performance of intrusion detection systems (IDS) and intrusion prevention systems (IPS). This research focuses on IDS based on machine learning (ML), asserting that ML-based IDS are effective and accurate in detecting network attacks. The study examines the UNSW-NB15 network IDS dataset, which is used for training and testing the models. Furthermore, a filter-based attribute reduction approach was implemented using the extreme gradient boosting (XGBoost) algorithm. The condensed feature space then facilitates the application of various methods including support vector machine (SVM), logistic regression (LR), k-nearest neighbour (KNN), decision tree (DT), and convolutional neural network (CNN). A suitable feature selection approach is essential to eliminate features with minimal impact on the classification process. Additionally, the study notes that many ML-based IDS suffer from limited identification accuracy and a higher false positive rate (FPR) when trained on highly imbalanced datasets. The research considers configurations for both binary and multiclass classification. Results indicate that the XGBoost based attribute selection approach allows techniques such as DT to enhance the test accuracy of the binary-classification scheme from 88.13% to 90.85%. Moreover, the XGBoost-KNN and XGBoost-DT configurations demonstrate improved performance.

Keyword

Machine learning (ML), Intrusion detection system (IDS), UNSW-NB15 dataset, XGBoost algorithm, Convolutional neural network (CNN).

Cite this article

Sugin SV, Kanchana M.Enhancing intrusion detection with imbalanced data classification and feature selection in machine learning algorithms. International Journal of Advanced Technology and Engineering Exploration. 2024;11(112):405-419. DOI:10.19101/IJATEE.2023.10101620

Refference

[1]Keserwani PK, Govil MC, Pilli ES, Govil P. A smart anomaly-based intrusion detection system for the internet of things (IoT) network using GWO–PSO–RF model. Journal of Reliable Intelligent Environments. 2021; 7:3-21.

[2]Maseer ZK, Yusof R, Bahaman N, Mostafa SA, Foozy CF. Benchmarking of machine learning for anomaly based intrusion detection systems in the CICIDS2017 dataset. IEEE Access. 2021; 9:22351-70.

[3]Le JL, Goedeme T, Mentens N. Machine learning for misuse-based network intrusion detection: overview, unified evaluation and feature choice comparison framework. IEEE Access. 2021; 9:63995-4015.

[4]Rizvi S, Scanlon M, Mcgibney J, Sheppard J. Deep learning based network intrusion detection system for resource-constrained environments. In international conference on digital forensics and cyber crime 2022 (pp. 355-67). Cham: Springer Nature Switzerland.

[5]Kim T, Pak W. Robust network intrusion detection system based on machine-learning with early classification. IEEE Access. 2022; 10:10754-67.

[6]Maddu M, Rao YN. Network intrusion detection and mitigation in SDN using deep learning models. International Journal of Information Security. 2023:1-4.

[7]Brindha DV, Ranjan NM, Sharma H. IoT attack detection and mitigation with optimized deep learning techniques. Cybernetics and Systems. 2022:1-27.

[8]Bashah NS, Simbas TS, Janom N, Aris SR. Proactive DDoS attack detection in software-defined networks with snort rule-based algorithms. International Journal of Advanced Technology and Engineering Exploration. 2023; 10(105):962-89.

[9]Chikkalwar SR, Garapati Y. Network intrusion detection system using bacterial foraging optimization with random forest. International Journal of Advanced Technology and Engineering Exploration. 2023; 10(105):1037-49.

[10]Kumar V, Sinha D, Das AK, Pandey SC, Goswami RT. An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset. Cluster Computing. 2020; 23:1397-418.

[11]Horak T, Strelec P, Huraj L, Tanuska P, Vaclavova A, Kebisek M. The vulnerability of the production line using industrial IoT systems under DDOS attack. Electronics. 2021; 10(4):1-31.

[12]Ravi V, Chaganti R, Alazab M. Recurrent deep learning-based feature fusion ensemble meta-classifier approach for intelligent network intrusion detection system. Computers and Electrical Engineering. 2022; 102:108156.

[13]Al S, Dener M. STL-HDL: a new hybrid network intrusion detection system for imbalanced dataset on big data environment. Computers & Security. 2021; 110:102435.

[14]Riyad AM. A DDoS defence framework in software defined network using ensemble classifier with rough set theory based feature selection. International Journal of Advanced Technology and Engineering Exploration. 2021; 8(82):1120-35.

[15]Ali M, Haque MU, Durad MH, Usman A, Mohsin SM, Mujlid H, et al. Effective network intrusion detection using stacking-based ensemble approach. International Journal of Information Security. 2023; 22(6):1781-98.

[16]Alazzam H, Sharieh A, Sabri KE. A feature selection algorithm for intrusion detection system based on pigeon inspired optimizer. Expert Systems with Applications. 2020; 148:113249.

[17]Kamalakkannan D, Menaga D, Shobana S, Daya SKV, Rajagopal R, Tiwari M. A detection of intrusions based on deep learning. Cybernetics and Systems. 2023:1-5.

[18]Albasheer H, Md SM, Mubarakali A, Elsier TO, Salih S, Hamdan M, et al. Cyber-attack prediction based on network intrusion detection systems for alert correlation techniques: a survey. Sensors. 2022; 22(4):1-15.

[19]Wang Z, Jiang D, Huo L, Yang W. An efficient network intrusion detection approach based on deep learning. Wireless Networks. 2021:1-4.

[20]Nazir S, Patel S, Patel D. Autoencoder based anomaly detection for SCADA networks. International Journal of Artificial Intelligence and Machine Learning. 2021; 11(2):83-99.

[21]Laskar MT, Huang JX, Smetana V, Stewart C, Pouw K, An A, et al. Extending isolation forest for anomaly detection in big data via K-means. ACM Transactions on Cyber-Physical Systems. 2021; 5(4):1-26.

[22]Ortega-fernandez I, Sestelo M, Burguillo JC, Piñón-blanco C. Network intrusion detection system for DDoS attacks in ICS using deep autoencoders. Wireless Networks. 2023:1-7.

[23]Sah G, Banerjee S, Singh S. Intrusion detection system over real-time data traffic using machine learning methods with feature selection approaches. International Journal of Information Security. 2023; 22(1):1-27.

[24]Ogundokun RO, Awotunde JB, Sadiku P, Adeniyi EA, Abiodun M, Dauda OI. An enhanced intrusion detection system using particle swarm optimization feature extraction technique. Procedia Computer Science. 2021; 193:504-12.

[25]Sekhar R, Sasirekha K, Raja PS, Thangavel K. A novel GPU based intrusion detection system using deep autoencoder with fruitfly optimization. SN Applied Sciences. 2021; 3(6):1-16.

[26]Ahmadi AF, Milani FA, Khanchi S. Hybrid machine learning-based approaches for feature and overfitting reduction to model intrusion patterns. Journal of Cybersecurity and Privacy. 2023; 3(3):544-57.

[27]Sugin SV, Kanchana M. Machine learning-based intrusion detection of imbalanced traffic on the network: a review. In the international conference on recent innovations in computing 2022 (pp. 741-53). Singapore: Springer Nature Singapore.

[28]Ghani H, Salekzamankhani S, Virdee B. A hybrid dimensionality reduction for network intrusion detection. Journal of Cybersecurity and Privacy. 2023; 3(4):830-43.

[29]Soumya TR, Revathy S. A novel approach for cyber threat detection based on angle-based subspace anomaly detection. Cybernetics and Systems. 2022:1-10.

[30]Rani M, Gagandeep. Effective network intrusion detection by addressing class imbalance with deep neural networks multimedia tools and applications. Multimedia Tools and Applications. 2022; 81(6):8499-518.

[31]Kanchana M. Detection of traffic on the network based on a real dataset for the IIM method and ML-TSDS algorithm. In international conference on automation, computing and renewable systems 2022 (pp. 614-22). IEEE.

[32]Wu T, Fan H, Zhu H, You C, Zhou H, Huang X. Intrusion detection system combined enhanced random forest with SMOTE algorithm. EURASIP Journal on Advances in Signal Processing. 2022; 2022(1):1-20.

[33]Kasongo SM, Sun Y. Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset. Journal of Big Data. 2020; 7(1):1-20.

[34]Gu J, Lu S. An effective intrusion detection approach using SVM with naïve bayes feature embedding. Computers & Security. 2021; 103:102158.

[35]Asha VS, Ganesh RK. An AI based IDS framework for detecting DDoS attacks in cloud environment. Information Security Journal: A Global Perspective. 2023:1-3.

[36]Sugin SV, Kanchana M. Improved cyber attack detection using MLB-FQS: a novel modified lagrange butterfly-based fuzzy quasi-linear SVM algorithm. IETE Journal of Research. 2023:1-5.

[37]Sommestad T, Holm H, Steinvall D. Variables influencing the effectiveness of signature-based network intrusion detection systems. Information Security Journal: a Global Perspective. 2022; 31(6):711-28.

[38]Fu Y, Du Y, Cao Z, Li Q, Xiang W. A deep learning model for network intrusion detection with imbalanced data. Electronics. 2022; 11(6):1-13.

[39]Le TT, Oktian YE, Kim H. XGBoost for imbalanced multiclass classification-based industrial internet of things intrusion detection systems. Sustainability. 2022; 14(14):1-21.

[40]Bagui S, Li K. Resampling imbalanced data for network intrusion detection datasets. Journal of Big Data. 2021; 8(1):1-41.

[41]Chew YJ, Lee N, Ooi SY, Wong KS, Pang YH. Benchmarking full version of GureKDDCup, UNSW-NB15, and CIDDS-001 NIDS datasets using rolling-origin resampling. Information Security Journal: A Global Perspective. 2022; 31(5):544-65.

[42]Lee J, Park K. GAN-based imbalanced data intrusion detection system. Personal and Ubiquitous Computing. 2021; 25(1):121-8.

[43]Saba T, Rehman A, Sadad T, Kolivand H, Bahaj SA. Anomaly-based intrusion detection system for IoT networks through deep learning model. Computers and Electrical Engineering. 2022; 99:107810.

[44]Le KH, Nguyen MH, Tran TD, Tran ND. IMIDS: an intelligent intrusion detection system against cyber threats in IoT. Electronics. 2022; 11(4):1-16.

[45]Yu J, Ye X, Li H. A high precision intrusion detection system for network security communication based on multi-scale convolutional neural network. Future Generation Computer Systems. 2022; 129:399-406.

[46]Imran M, Haider N, Shoaib M, Razzak I. An intelligent and efficient network intrusion detection system using deep learning. Computers and Electrical Engineering. 2022; 99:107764.