Feature selection approach using ensemble learning for network anomaly detection

Doreswamy,; Hooshmand, Mohammad Kazim; Gad, Ibrahim

doi:10.1049/trit.2020.0073

Cited by 41 publications

(16 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…), it does not take into account features that characterize novel cyber attacks. Other works in the field of machine learning applied to intrusion detection rely on more recent datasets such as UNSW-NB15 [84,85,86,87]. Although quite recent, such a dataset has two limitations: first, the traffic has been collected in a reduced testbed; and secondly, the number of features is limited to 49, which is too small to appreciate the effectiveness of feature selection techniques.…”

Section: Related Work On Feature Selection Applied To Ml-based Intrusion Detectionmentioning

confidence: 99%

“…), it does not take into account features that characterize novel cyber attacks. Other works in the field of machine learning applied to intrusion detection rely on more recent datasets such as UNSW-NB15 [84,85,86,87] Going more specifically into the set of works that share with this paper the aim to compare or survey FS methods for intrusion detection, we have collected the significant papers in Table 1. In it, we have identified the material covered in the literature, which helps appreciating the contributions of our paper.…”

Section: Related Work On Feature Selection Applied To Ml-based Intrus...mentioning

confidence: 99%

See 1 more Smart Citation

Supervised feature selection techniques in network intrusion detection: A critical review

Mauro

Galatro²,

Fortino

et al. 2021

Engineering Applications of Artificial Intelligence

118

View full text Add to dashboard Cite

Machine Learning (ML) techniques are becoming an invaluable support for network intrusion detection, especially in revealing anomalous flows, which often hide cyber-threats. Typically, ML algorithms are exploited to classify/recognize data traffic on the basis of statistical features such as inter-arrival times, packets length distribution, mean number of flows, etc. Dealing with the vast diversity and number of features that typically characterize data traffic is a hard problem. This results in the following issues: i) the presence of so many features leads to lengthy training processes (particularly when features are highly correlated), while prediction accuracy does not proportionally improve; ii) some of the features may introduce bias during the classification process, particularly those that have scarce relation with the data traffic to be classified. To this end, by reducing the feature space and retaining only the most significant features, Feature Selection (FS) becomes a crucial pre-processing step in network management and, specifically, for the purposes of network intrusion detection. In this review paper, we complement other surveys in multiple ways: i) evaluating more recent datasets (updated w.r.t. obsolete KDD 99) by means of a designed-from-scratch Python-based procedure; ii) providing a synopsis of most credited FS approaches in the field of intrusion detection, including Multi-Objective Evolutionary techniques; iii) assessing various experimental analyses such as feature correlation, time complexity, and performance. Our comparisons offer useful guidelines to network/security managers who are considering the incorporation of ML concepts into network intrusion detection, where trade-offs between performance and resource consumption are crucial.

show abstract

Section: Related Work On Feature Selection Applied To Ml-based Intrusion Detectionmentioning

confidence: 99%

“…), it does not take into account features that characterize novel cyber attacks. Other works in the field of machine learning applied to intrusion detection rely on more recent datasets such as UNSW-NB15 [84,85,86,87] Going more specifically into the set of works that share with this paper the aim to compare or survey FS methods for intrusion detection, we have collected the significant papers in Table 1. In it, we have identified the material covered in the literature, which helps appreciating the contributions of our paper.…”

Section: Related Work On Feature Selection Applied To Ml-based Intrus...mentioning

confidence: 99%

Supervised feature selection techniques in network intrusion detection: A critical review

Mauro

Galatro²,

Fortino

et al. 2021

Engineering Applications of Artificial Intelligence

118

View full text Add to dashboard Cite

show abstract

“…A minor data breach in the IoT device can make the entire network vulnerable to the attacker. So data encryption, as well as access control over data before transmission, is suggested by many researchers to prevent data from unwanted cyberattacks 9–13 . There exist various security protocols in literature, including digital signature, public‐key cryptosystems, authentication algorithms, and many more, which can ensure data security, integrity, authentication, and confidentiality.…”

Section: Introductionmentioning

confidence: 99%

MACPABE: Multi‐Authority‐based CP‐ABE with efficient attribute revocation for IoT‐enabled healthcare infrastructure

Das

Namasudra

2022

Int J Network Mgmt

View full text Add to dashboard Cite

The Internet of Things (IoT) technology along with cloud computing has gained much attention in recent years for its potential to upgrade conventional healthcare systems. Outsourcing healthcare data to a cloud environment from IoT devices is very essential as IoT devices are lightweight. To maintain confidentiality and to achieve fine‐grained access control, the ciphertext policy attribute‐based encryption (CP‐ABE) technique is utilized very often in an IoT‐based healthcare system for encrypting patients' healthcare data. However, an attribute revocation may affect the other users with the same attribute set, as well as the entire system due to its security concerns. This paper proposes a novel CP‐ABE‐based fine‐grained access control scheme to solve the attribute revocation problem. The proposed technique includes multiple attribute authorities to reduce the work overhead of having a single authority in the traditional CP‐ABE systems. In addition, the proposed scheme outsources the decryption process to a decryption assistant entity to reduce the decryption overhead of the end‐users. To prove the efficiency of the proposed scheme, both formal security analysis and performance comparisons are presented in this paper. Results and discussion prove the effectiveness of the proposed scheme over some well‐known schemes.

show abstract

“…On the basis of prediction of test dataset, images can be arranged in a semantic and meaningful order. Selection of discriminating and unique features is always beneficial as it can enhance the performance of any classification-based system [4][5][6]. In remote sensing, the problem of image classification is more challenging as objects are rotated within a view and background is usually more complex [7].…”

Section: Introductionmentioning

confidence: 99%

Satellite and Scene Image Classification Based on Transfer Learning and Fine Tuning of ResNet50

Shabbir

Ali

Ahmed

et al. 2021

Mathematical Problems in Engineering

View full text Add to dashboard Cite

Image classification has gained lot of attention due to its application in different computer vision tasks such as remote sensing, scene analysis, surveillance, object detection, and image retrieval. The primary goal of image classification is to assign the class labels to images according to the image contents. The applications of image classification and image analysis in remote sensing are important as they are used in various applied domains such as military and civil fields. Earlier approaches for remote sensing images and scene analysis are based on low-level feature representations such as color- and texture-based features. Vector of Locally Aggregated Descriptors (VLAD) and orderless Bag-of-Features (BoF) representations are the examples of mid-level approaches for remote sensing image classification. Recent trends for remote sensing and scene classification are focused on the use of Convolutional Neural Network (CNN). Keeping in view the success of CNN models, in this research, we aim to fine-tune ResNet50 by using network surgery and creation of network head along with the fine-tuning of hyperparameters. The learning of hyperparameters is tuned by using a linear decay learning rate scheduler known as piecewise scheduler. To tune the optimizer hyperparameter, Stochastic Gradient Descent with Momentum (SGDM) is used with the usage of weight learn and bias learn rate factor. Experiments and analysis are conducted on five different datasets, that is, UC Merced Land Use Dataset (UCM), RSSCN (the remote sensing scene classification image dataset), SIRI-WHU, Corel-1K, and Corel-1.5K. The analysis and competitive results exemplify that our proposed image classification-based model can classify the images in a more effective and efficient manner as compared to the state-of-the-art research.

show abstract

Feature selection approach using ensemble learning for network anomaly detection

Cited by 41 publications

References 28 publications

Supervised feature selection techniques in network intrusion detection: A critical review

Supervised feature selection techniques in network intrusion detection: A critical review

MACPABE: Multi‐Authority‐based CP‐ABE with efficient attribute revocation for IoT‐enabled healthcare infrastructure

Satellite and Scene Image Classification Based on Transfer Learning and Fine Tuning of ResNet50

Contact Info

Product

Resources

About