An efficient XGBoost–DNN-based classification model for network intrusion detection system

Devan, P. Arun Mozhi; Khare, Neelu

doi:10.1007/s00521-020-04708-x

Cited by 188 publications

(70 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The most crucial point in the process of feature selection is meant to overcome the curse of high dimensionality [37], [38]. This operation removes unwanted features based on the feature importance top score and uses the feature ranking, leading to increased learning algorithm performance [39], [40]. Also, this process provides the model with the removal of the redundant information and improvement in the generalization [41].…”

Section: Effectiveness Of Dimensionality Reduction For Feature Selectionmentioning

confidence: 99%

Evaluation of Classification Algorithms for Intrusion Detection System: A Review

Salih

Abdulazeez

2021

JSCDM

View full text Add to dashboard Cite

Intrusion detection is one of the most critical network security problems in the technology world. Machine learning techniques are being implemented to improve the Intrusion Detection System (IDS). In order to enhance the performance of IDS, different classification algorithms are applied to detect various types of attacks. Choosing a suitable classification algorithm for building IDS is not an easy task. The best method is to test the performance of the different classification algorithms. This paper aims to present the result of evaluating different classification algorithms to build an IDS model in terms of confusion matrix, accuracy, recall, precision, f-score, specificity and sensitivity. Nevertheless, most researchers have focused on the confusion matrix and accuracy metric as measurements of classification performance. It also provides a detailed comparison with the dataset, data preprocessing, number of features selected, feature selection technique, classification algorithms, and evaluation performance of algorithms described in the intrusion detection system.

show abstract

Section: Effectiveness Of Dimensionality Reduction For Feature Selectionmentioning

confidence: 99%

Evaluation of Classification Algorithms for Intrusion Detection System: A Review

Salih

Abdulazeez

2021

JSCDM

View full text Add to dashboard Cite

show abstract

“…It was created by modeling the US Air Force network and simulating 38 network intrusion detection attacks [28]. Recently, many researchers have demonstrated excellence in experimental evaluation using NSL-KDD as a standard benchmark data set [29,30,31]. The NSL-KDD data set has an advantage in that the training data set and the test data set are configured separately, and the number of records is a reasonable number.…”

Section: B Nsl-kddmentioning

confidence: 99%

Host-Based Intrusion Detection Model Using Siamese Network

Park

Kim

Kwon³

et al. 2021

IEEE Access

View full text Add to dashboard Cite

As cyberattacks become more intelligent, the difficulty increases for traditional intrusion detection systems to detect advanced attacks that deviate from previously stored patterns. To solve this problem, a deep learning-based intrusion detection system model has emerged that analyzes intelligent attack patterns through data learning. However, deep learning models have the disadvantage of having to re-learn each time a new cyberattack method emerges. The time required to learn a large amount of data is not efficient. In this paper, an experiment was conducted using the Leipzig Intrusion Detection Data Set (LID-DS), which is a host-based intrusion detection data set released in 2018. In addition, in order to evaluate and improve the performance of the system, a host-based intrusion detection model consisting of pre-processing, vector-toimage processing, training and testing steps is proposed. In the training and testing steps, a Siamese Convolutional Neural Network (Siamese-CNN) is constructed using the few-shot learning method, which shows excellent performance by learning a small amount of data. Siamese-CNN determines whether the attack type is the same based on the similarity score of each cyberattack sample converted to an image. The accuracy was calculated using the few-shot learning technique. The performance of the Vanilla Convolutional Neural Network (Vanilla-CNN) and Siamese-CNN are compared to confirm the performance of Siamese-CNN. As a result of measuring the accuracy, precision, recall, and F1-score indicators, it was confirmed that the recall of the Siamese-CNN model proposed in this study increased by about 6% compared to the Vanilla-CNN model.

show abstract

“…In order to test the performance of SwitchTree, we implemented SwitchTree 7 inside the BMV2 behavioral model 8 of the P4 switch. Note that BMV2 is not meant to be production grade and is meant for developing and testing P4 programs.…”

Section: Switchtree Performancementioning

confidence: 99%