Effective network intrusion detection using stacking-based ensemble approach

Ali, Muhammad; Haque, M. Aminul; Durad, Muhammad Hanif; Usman, Anila; Mohsin, Syed Muhammad; Mujlid, Hana; Maple, Carsten

doi:10.1007/s10207-023-00718-7

Cited by 9 publications

(3 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To reduce the quantity of input qualities essential for the testing and training of their model, the authors of [15] built IDS. The correlation input selection method was combined with the DT classifier.…”

Section: Literature Reviewmentioning

confidence: 99%

Enhancing intrusion detection with imbalanced data classification and feature selection in machine learning algorithms

2024

IJATEE

View full text Add to dashboard Cite

Hackers have evolved at a faster rate in terms of their capabilities because of precise technological developments like networks and communication systems. These crooks are constantly looking for new ways to jeopardize the security of computer networks (CN). Intrusion detection systems (IDS) consequently automatically become important parts of a CN. An IDS is a piece of software or hardware that tracks a company's network for potential threats. Meanwhile, an IDS is capable of reacting to and reporting any fraudulent activity. Node-based or host-based IDS (HIDS) [1, 2] Network based IDS (NIDS) or distributed-based IDS (DIDS), and hybrid-based IDS (HYIDS) are the three basic categories into which IDSs fall based on the unique IDS operation concept, this classification was created. *Author for correspondenceThe primary fundamental design goals of IDS are a decrease in false positive (FP) alerts and an increase in detection accuracy. Subsequently, when designing and implementing any IDS, that perspective must be taken into consideration [3]. In currently decades, machine learning (ML)-based IDS have taken over as the industry standard. According to ML systems may now potentially learn from the past and improve. Broadly speaking, the two ML philosophies of supervised ML and unsupervised ML can be separated. Models are learned using labeled data in supervised ML [4]. Unsupervised ML uses unstructured data to train models.The multiclass and binary classification objectives are carefully taken into consideration when using supervised ML techniques in this study. The classification process occurs whenever a supervised ML technique is asked to identify a specific quality. The training data for the techniques in this configuration frequently has large sizes and high-

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Enhancing intrusion detection with imbalanced data classification and feature selection in machine learning algorithms

2024

IJATEE

View full text Add to dashboard Cite

show abstract

“…Base Classifiers These are the foundational models that are responsible for making initial predictions about URLs. These classifiers operate independently, considering different aspects of URL attributes [12]. 2.…”

Section: Ensemble Learning Modelmentioning

confidence: 99%

“…Meta-Classifier This operates at a higher level, taking the outputs of the base classifiers as its input. Its role is to synthesize these diverse predictions and make the final decision regarding the maliciousness or benign nature of a URL [12]. The meta-classifier effectively combines the knowledge and strengths of the base classifiers, allowing the system to benefit from their collective wisdom.…”

Section: Ensemble Learning Modelmentioning

confidence: 99%

Meta Learning for Enhanced Web Security Against Malicious URLs

Singh,

Menon,

et al. 2023

Preprint

View full text Add to dashboard Cite

The identification of malicious Uniform Resource Locators (URLs) plays a pivotal role in strengthening network and cyber security. Over the years, the Internet has increasingly become a breeding ground for a multitude of cybercrimes. Malicious URLs can disrupt network performance, compromise data integrity, and introduce vulnerabilities into the system, impacting the network’s overall security and reliability. Taking precautions and implementing preventative techniques is crucial for shielding users from cyberattacks. This study utilizes meta-learning, which is a machine learning technique that learns from the predictions of other machine learning algorithms to make better decisions. For a comprehensive evaluation, the ISCX-URL-2016 dataset was utilized, a resource curated by the Canadian Institute for Cyber Security. The proposed approach focuses on utilizing URL strings as the primary source of information for detecting malicious content.The performance of different machine learning algorithms, including Histogram-based Gradient Boosting Classification Tree, XGBoost Classifier, CatBoost Classifier, Random Forest Classifier and more, were compared for the detection of malicious URLs. The two best performing base classifiers were identified and evaluated as potential meta-classifiers. Various combinations of base classifiers were then tested in conjunction with these two selected meta-classifiers. A significant improvement in the accuracy was observed and the best accuracy of 98.25% was achieved using All Base Classifiers + Meta Classifier XGBoost. Closely followed by the Three Best Base Classifiers + Meta Classifier XGBoost, which achieved an accuracy of 98.2%.

show abstract