Background: Building an effective Intrusion detection system in a multi-attack classification environment is challenging due to the diversity of modern, sophisticated attacks. High-performance classification methods are needed for Intrusion Detection Systems as attackers can establish intrusive methods and easily evade the detection tools deployed in a computing environment. Moreover, it is challenging to use a single classifier to efficiently detect all kinds of attacks. Aims: To propose a unique ensemble framework that can effectively detect different attack categories. Method: The proposed approach is based on building an ensemble by ranking the detection ability of different base classifiers to identify various types of attacks. The F1-score of an algorithm is used to compute the rank matrix for different attack categories. For final prediction algorithm's output for an attack is only considered if the algorithm has the highest F1-Score in the rank matrix for the particular attack category. This approach contrasts with the voting approach where the final classification is based on the voting of all classifiers in the ensemble irrespective of the fact if the algorithm is efficient enough to detect that attack or not. Results: With the proposed method, the final accuracy obtained is 96.97 %, a recall rate of 97.4%, and a better attack detection rate than the baseline classifiers and other existing approaches for different attack categories.
Background The ever increasing sophistication of intrusion approaches has led to the dire necessity for developing Intrusion Detection Systems with optimal efficacy. However, existing Intrusion Detection Systems have been developed using outdated attack datasets, with more focus on prediction accuracy and less on prediction latency. The smart Intrusion Detection System framework evolution looks forward to designing and deploying security systems that use various parameters for analyzing current and dynamic traffic trends and are highly time-efficient in predicting intrusions. Aims This paper proposes a novel approach for a time-efficient and smart Intrusion Detection System. Method Herein, we propose a Hybrid Feature Selection approach that aims to reduce the prediction latency without affecting attack prediction performance by lowering the model's complexity. Light Gradient Boosting Machine (LightGBM), a fast gradient boosting framework, is used to build the model on the latest CIC-IDS 2018 dataset. Results The proposed feature selection reduces the prediction latency ranging from 44.52% to 2.25% and the model building time ranging from 52.68% to 17.94% in various algorithms on the CIC-IDS 2018 dataset. The proposed model with hybrid feature selection and LightGBM gives 97.73% accuracy, 96% sensitivity, 99.3% precision rate, and comparatively low prediction latency. The proposed model successfully achieved a raise of 1.5% in accuracy rate and 3% precision rate over the existing model. An in-depth analysis of network parameters is also performed, which gives a deep insight into the variation of network parameters during the benign and malicious sessions.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.