Handling Minority Class Problem in Threats Detection Based on Heterogeneous Ensemble Learning Approach

Eke, Hope Nkiruka; Petrovski, Andrei; Ahriz, Hatem

doi:10.4018/ijsssp.2020070102

Cited by 4 publications

(2 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The method employs cost-sensitive learning during the training phase, which is then followed by a weighted approach that balances the classes. In the same vein, Eke et al [22] proposed a heterogeneous ensemble model for data resampling in an imbalanced dataset. The kernel-based mechanism was proposed [23] for improved generalisation in a binary class dataset using orthogonal forward selection (OFS) algorithms.…”

Section: Related Workmentioning

confidence: 99%

Improving Intrusion Detection Through Training Data Augmentation

Otokwala

Petrovski

Kalutarage

2021

2021 14th International Conference on Security of Information and Networks (SIN)

Self Cite

View full text Add to dashboard Cite

Imbalanced classes in datasets are common problems often found in security data. Therefore, several strategies like class resampling and cost-sensitive training have been proposed to address it. In this paper, we propose a data augmentation strategy to oversample the minority classes in the dataset. Using our Sort-Augment-Combine (SAC) technique, we split the dataset into subsets of the class labels and then generate synthetic data from each of the subsets. The synthetic data were then used to oversample the minority classes. Upon the completion of the oversampling, the independent classes were combined to form an augmented training data for model fitting. Using performance metrics such as accuracy, recall (sensitivity) and true positives (specificity), the models trained using the augmented datasets show an improvement in performance metrics over the original dataset. Similarly, in a binary class dataset, SAC performed optimally and the combination of SAC and ROSE model shows an improvement in overall accuracy, sensitivity and specificity when compared with the performance of the Random Forest model on the original dataset, ROSE and SMOTE augmented datasets.

show abstract

Section: Related Workmentioning

confidence: 99%

Improving Intrusion Detection Through Training Data Augmentation

Otokwala

Petrovski

Kalutarage

2021

2021 14th International Conference on Security of Information and Networks (SIN)

Self Cite

View full text Add to dashboard Cite

show abstract

“…Numerous techniques have been proposed and successfully implemented to detect these type of attacks. However, most of these proposed works has led to a significant pool of solutions geared towards addressing securing the CPS [5]. One of this threat detection model in a specific critical infrastructures was carried out by Linda et al in [16] using a hybrid of two neural network learning algorithms -the Error-Back Propagation and Levenberg-Marquardt, for normal behavior modeling to develop an IDS using Neural Network based Modeling (IDS-NNM).…”

Section: Related Workmentioning

confidence: 99%

Detection of False Command and Response Injection Attacks for Cyber Physical Systems Security and Resilience

Eke

Petrovski

Ahriz

2020

13th International Conference on Security of Information and Networks

Self Cite

View full text Add to dashboard Cite

The operational cyber-physical system (CPS) state, safety and resource availability is impacted by the safety and security measures in place. This paper focused on i) command injection (CI) attack that alters the system behaviour through injection of false control and configuration commands into a control system and ii) response injection (RI) attacks that modifies the response from server to client, thereby providing false information about system state. In this project, we implemented deep learning (DL) multi-layered security model approach for securing industrial control system (ICS) against malicious CI and RI attacks. We validated this approach with two case studies: i) network transactions between a Remote Terminal Unit (RTU) and a Master Control Unit (MTU) in-house SCADA gas pipeline control system and ii) a case study of command and response injection attacks. Based on this project result, we show that the proposed approach achieved a significant attacks detection capability of 96.50%. Also, demonstrated that performance of attack detection techniques applied can be influences by the nature of network transactions with respect to the domain of application. Hence, robustness and resilience of operational CPS state and performance are influenced by the safety and security measures in place which is specific to the CPS device in question. CCS CONCEPTS • Security and privacy → Distributed systems security.

show abstract

Advanced Persistent Threats Detection based on Deep Learning Approach

Eke

Petrovski²

2023

2023 IEEE 6th International Conference on Industrial Cyber-Physical Systems (ICPS)

View full text Add to dashboard Cite

Handling Minority Class Problem in Threats Detection Based on Heterogeneous Ensemble Learning Approach

Cited by 4 publications

References 46 publications

Improving Intrusion Detection Through Training Data Augmentation

Improving Intrusion Detection Through Training Data Augmentation

Detection of False Command and Response Injection Attacks for Cyber Physical Systems Security and Resilience

Advanced Persistent Threats Detection based on Deep Learning Approach

Contact Info

Product

Resources

About