FCNN-SE: An Intrusion Detection Model Based on a Fusion CNN and Stacked Ensemble

Chen, Chen; Song, Yafei; Yue, Shaohua; Xu, Xiaodong; Zhou, Lihua; Lv, Qibin; Yang, Lintao

doi:10.3390/app12178601

Cited by 14 publications

(4 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They used stacked auto-encoding network for feature extraction followed by several classification algorithms on The ISCX 2012 dataset. In the same direction, Chen et al [16] proposed a method which uses the fusion convolutional neural network (FCNN) for feature extraction and stacked ensemble (SE) for classification.…”

Section: Related Workmentioning

confidence: 99%

Hybrid Machine Learning-Based Approach for Anomaly Detection using Apache Spark

Chliah¹,

Battou²,

hadj³

et al. 2023

IJACSA

View full text Add to dashboard Cite

Over the past few decades, the volume of data has increased significantly in both scientific institutions and universities, with a large number of students enrolled and a high volume of related data. Furthermore, network traffic has increased with post-pandemic and the use of online learning. Therefore, processing network traffic data is a complex and challenging task that increases the possibility of intrusions and anomalies. Traditional security systems cannot deal with such high-speed and big data traffic. Real-time anomaly detection should be able to process data as quickly as possible to detect abnormal and malicious data. This paper proposes a hybrid approach consisting of supervised and unsupervised learning for anomaly detection based on the big data engine Apache Spark. Initially, the k-means algorithm was implemented in Sparks MLlib for clustering network traffic, then for each cluster, K-nearest neighbors algorithm (KN N ) was implemented for classification and anomaly detection. The proposed model was trained and validated against a real dataset from Ibn Zohr University. The results indicate that the proposed model outperformed other well-known algorithms in detecting anomalies based on the aforementioned dataset. The experimental results show that the proposed hybrid approach can reach up to 99.94 % accuracy using the k-fold cross-validation method in the complete dataset with all 48 features.

show abstract

Section: Related Workmentioning

confidence: 99%

Hybrid Machine Learning-Based Approach for Anomaly Detection using Apache Spark

Chliah¹,

Battou²,

hadj³

et al. 2023

IJACSA

View full text Add to dashboard Cite

show abstract

“…To validate the detection capability of the model, this study first selected recently proposed intrusion detection models, including CNN [32], CNN-LSTM [32], CBA-CLSVE [33], SSC-OCSVM [22], CNN-GRU [34], and FCNN-SE [35], which have shown good performance on the NSL-KDD dataset. Additionally, several intrusion detection models using a Transformer as the base model were selected for comparison, namely RTIDS [26], VIT [27], and CNN-Transformer [28].…”

Section: Performance Analysis and Comparison Experimentsmentioning

confidence: 99%

Intrusion Detection Model Based on Improved Transformer

Liu

2023

Applied Sciences

View full text Add to dashboard Cite

This paper proposes an enhanced Transformer-based intrusion detection model to tackle the challenges of lengthy training time, inaccurate detection of overlapping classes, and poor performance in multi-class classification of current intrusion detection models. Specifically, the proposed model includes the following: (i) A data processing strategy that initially reduces the data dimension using a stacked auto-encoder to speed up training. In addition, a novel under-sampling method based on the KNN principle is introduced, along with the Borderline-SMOTE over-sampling method, for hybrid data sampling that balances the dataset while addressing the issue of low detection accuracy in overlapping data classes. (ii) An improved position encoding method for the Transformer model that effectively learns the dependencies between features by embedding the position information of features, resulting in better classification accuracy. (iii) A two-stage learning strategy in which the model first performs rough binary prediction (determining whether it is an illegal intrusion) and then inputs the prediction value and original features together for further multi-class prediction (predicting the intrusion category), addressing the issue of low accuracy in multi-class classification. Experimental results on the official NSL-KDD test set demonstrate that the proposed model achieves an accuracy of 88.7% and an F1-score of 88.2% in binary classification and an accuracy of 84.1% and an F1-score of 83.8% in multi-class classification. Compared to existing intrusion detection models, our model exhibits higher accuracy and F1-score and trains faster than other models.

show abstract

“…If all features were coded with it, the amount of calculation was too large, which would easily lead to information redundancy. There was also a cascade intrusion detection system [8] which integrated various classifiers. This system integrated the advantages of various classifiers, but it would increase time and cost, and might not be suitable for all types of attacks.…”

Section: Introductionmentioning

confidence: 99%

Intrusion detection model based on genetic algorithm optimization extreme learning machine of K-fold stratified cross-validation

Chen¹,

Shi²,

Ye³

et al. 2023

International Conference on Signal Processing and Communication Technology (SPCT 2022)

View full text Add to dashboard Cite

Aiming at the problem of random generation of Extreme Learning Machine (ELM) parameters, an intrusion detection model based on GA-ELM of K-fold stratified cross-validation is proposed. Genetic Algorithm (GA) is used to optimize the parameters of ELM. The simulation experiment is carried out on NSL-KDD data set, and the GA-ELM model is trained by K-fold stratified cross-validation method. The experimental results show that the proposed model has a higher detec tion rate than ELM, GA-ELM and GA-ELM of nonstratified cross-validation.

show abstract

FCNN-SE: An Intrusion Detection Model Based on a Fusion CNN and Stacked Ensemble

Cited by 14 publications

References 43 publications

Hybrid Machine Learning-Based Approach for Anomaly Detection using Apache Spark

Hybrid Machine Learning-Based Approach for Anomaly Detection using Apache Spark

Intrusion Detection Model Based on Improved Transformer

Intrusion detection model based on genetic algorithm optimization extreme learning machine of K-fold stratified cross-validation

Contact Info

Product

Resources

About