Intrusion detection system classifier ensemble
| Authors: Lomanov A.A. |  |
| Published in issue: #3(56)/2021 | |
| DOI: 10.18698/2541-8009-2021-3-684 | |
Category: Informatics, Computer Engineering and Control | Chapter: System Analysis, Control, and Information Processing, Statistics |
|
Keywords: network attacks, signature method, intrusion detection, classification, terminal classifier, hybridization, ensemble of classifiers, machine learning |
|
| Published: 07.04.2021 | |
Various types of network attacks and methods of their detection are considered. Comparison of various methods of classification of network attacks is carried out and classifiers for the ensemble are selected. The main attention is paid to the description of the proposed solution and the structure of the classifiers ensemble for the intrusion detection system. The most popular data sets for testing are considered. The CICIDS2017 dataset was selected for training and testing. Testing has shown the advantage of using the developed approach over the use of a single classifier in the accuracy of recognizing a network attack, which confirms the effectiveness of its application in an intrusion detection system for detecting and classifying a network attack.
References
[1] Kemmerer R., Vidzhna D. Intrusion detection: short history end review. Otkrytye sistemy. SUBD [Open Systems. DBMS], 2002, no. 7–8. URL: https://www.osp.ru/os/2002/07-08/181714 (in Russ.).
[2] Branitskiy A.A., Kotenko I.V. Analysis and classification of methods for network attack detection. Trudy SPIIRAN [SPIIRAS Proceedings], 2016, no. 45, pp. 207–244. DOI: https://doi.org/10.15622/sp.45.13 (in Russ.).
[3] Novoselova N.A., Tom I.E. Design of classifier ensemble by genetic algorithm (in Russ.) .Iskusstvennyy intellect [Artificial Intelligence], 2009, no. 3. URL: http://dspace.nbuv.gov.ua/bitstream/handle/123456789/8021/09-Novoselova.pdf?sequence=1 (accessed: 26.09.2020).
[4] Pham N., Foo E., Suriadi S., et al. Improving performance of intrusion detection system using ensemble methods and feature selection. Proc. ACSW Multiconf., 2018, art. 2. DOI: https://doi.org/10.1145/3167918.3167951
[5] Ahmad Z., Khan A.S., Shiang C.W., et al. Network intrusion detection system: A systematic study of machine learning and deep learning approaches. Trans. Emerg. Telecommun. Technol., 2021, vol. 32, no. 1, art. e4150. DOI: https://doi.org/10.1002/ett.4150
[6] Gao X. Shan C., Hu C., et al. An adaptive ensemble machine learning model for intrusion detection. IEEE Access, 2019, vol. 7, pp. 82512–82521. DOI: https://doi.org/10.1109/ACCESS.2019.2923640
[7] Alguliev R., Alyguliev R., Imamverdiev Ya., et al. Obnaruzhenie DoS atak s primeneniem ansamblya klassifikatorov [DoS intrusion detection using suit of qualifiers] (in Russ.). URL: https://ict.az/uploads/konfrans/info_sec/ rs02_dos-attacks-detection-using-an-ensemble-of-classifiers.pdf (accessed: 12.11.2020).
[8] Sahu S.K., Katiyar A., Kumari K.M., et al. An SVM-based ensemble approach for intrusion detection. IJITWE, 2019, vol. 14, no. 1, pp. 66–84. DOI: https://doi.org10.4018/IJITWE.2019010104
[9] Burlakov M.E. Application the method of correspondence analysis to optimize combinations of attributes from datasets. Vestnik PNIPU [PNRPU Bulletin], 2018, no. 26, pp. 7–28 (in Russ.).
[10] Intrusion detection evaluation dataset (CICIDS2017). unb.ca: website. URL: https://www.unb.ca/cic/datasets/ids-2017.html (accessed: 15.11.2020).