Network intrusion detection using oversampling technique and machine learning algorithms

Ahmed, Hafiza Anisa; Hameed, Anum; Bawany, Narmeen Zakaria

doi:10.7717/peerj-cs.820

Cited by 54 publications

(20 citation statements)

References 48 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In ML and statistics, there are a variety of methods for evaluating the performance of a classifer. Te most common metrics are as follows: Applied Computational Intelligence and Soft Computing (i) Confusion matrix is the most widely used metric (see Table 3) [29,30].…”

Section: Evaluation Metricsmentioning

confidence: 99%

Machine Learning-Based Ransomware Classification of Bitcoin Transactions

Alsaif

2023

Applied Computational Intelligence and Soft Computing

View full text Add to dashboard Cite

Ransomware attacks are one of the most dangerous related crimes in the coin market. To increase the challenge of fighting the attack, early detection of ransomware seems necessary. In this article, we propose a high-performance Bitcoin transaction predictive system that investigates Bitcoin payment transactions to learn data patterns that can recognize and classify ransomware payments for heterogeneous bitcoin networks into malicious or benign transactions. The proposed approach makes use of three supervised machine learning methods to learn the distinctive patterns in Bitcoin payment transactions, namely, logistic regression (LR), random forest (RF), and Extreme Gradient Boosting (XGBoost). We evaluate these ML-based predictive models on the BitcoinHeist ransomware dataset in terms of classification accuracy and other evaluation measures such as confusion matrix, recall, and F1-score. It turned out that the experimental results recorded by the XGBoost model achieved an accuracy of 99.08%. As a result, the resulting model accuracy is higher than many recent state-of-the-art models developed to detect ransomware payments in Bitcoin transactions.

show abstract

Section: Evaluation Metricsmentioning

confidence: 99%

Machine Learning-Based Ransomware Classification of Bitcoin Transactions

Alsaif

2023

Applied Computational Intelligence and Soft Computing

View full text Add to dashboard Cite

show abstract

“…erefore, this paper uses a modified Tent chaotic mapping to initialize the population. e expression of this chaotic mapping is shown in (1). Random variables rand × (1/N T ) are added to avoid the Tent mapping from falling into small or unstable periodic points without destroying the properties of chaotic variables, where N T is the quantity of particles in the chaotic sequence; rand is a random variable with values in the range [0, 1].…”

Section: Initialization Of Bat Populationsmentioning

confidence: 99%

“…e security of computer networks has received an increasing amount of focus as a natural consequence of the ongoing development of both computer technology and networks. However, there are a large number of complex attacks in the network, and these attacks have become the main threats to network and information security [1]. As the second line of defense after the firewall, intrusion detection has proactive and dynamic defense capabilities, effectively making up for the deficiencies of traditional security technologies [2][3][4].…”

Section: Introductionmentioning

confidence: 99%

Cyber Intrusion Detection Based on a Mutative Scale Chaotic Bat Algorithm with Backpropagation Neural Network

Qin

Zhou

2022

Security and Communication Networks

View full text Add to dashboard Cite

In the current complex cyber environment, malicious attacks take various forms and constantly change. To overcome the problems of low detection efficiency and high false alarm rate in traditional intrusion detection techniques, a new method of network intrusion detection combining the variable scale chaos bat (MSCB) algorithm and BP neural network (BPNN) called MSCB-BPNN is proposed in this paper. In the proposed approach, a new MSCB algorithm is proposed to improve the BPNN by optimizing its thresholds and weights so as to prevent it from falling into local optimum. To verify the practical classification performance of the proposed method for intrusion detection, some experiments are carried out. In these experiments, the proposed approach is compared with BPNN, SA-BPNN, and GA-BPNN on the benchmark intrusion detection datasets KDD cup 99 and UNSW-NB15. The experimental results show that the accuracy of the proposed method can reach 99.4% and 99.8% accuracy on the KDD cup 99 training and test sets, respectively, while 89.0% and 93.9% accuracy on the UNSW-NB15 training and test sets, respectively, which are higher than BPNN, SA-BPNN, and GA-BPNN. Furthermore, the precision and recall ratio of MSCB-BPNN are also superior to other approaches. Thus, the proposed model has significant advantages over BPNN, SA-BPNN, and GA-BPNN methods.

show abstract

“…Hasil menunjukkan Random Forest dengan menggunakan teknik ADASYN lebih unggul dari pada menggunakan teknik SMOTE. Pada beberapa penelitian dengan menggunakan algoritma Random Fores dan dataset yang sama yaitu UNSW-NB15, menggunakan teknik SMOTE [11] mendapatkan akurasi 95,1%, dengan teknik clustering under-sampling [12] mendapatkan akurasi 97,1%, dengan teknik Random Over-sampling [13] mendapatkan akurasi 87,82%, dan menggunakan algoritma Random Fores saja [14] mendapatkan hasil akurasi 98,86%.…”

Section: Pendahuluanunclassified

Implementasi Adasyn Untuk Imbalance Data Pada Dataset UNSW-NB15 Adasyn Implementation For Data Imbalance on UNSW-NB15 Dataset

Amien¹,

Rizki

Nasution³

2022

CoSciTech

View full text Add to dashboard Cite

Di masa Machine Learning pada saat ini, para peneliti bekerja keras untuk mengembangkan algoritma yang meningkatkan kemungkinan prediksi yang benar dengan akurasi yang lebih baik. Data tidak seimbang adalah ketika ukuran sampel dari satu kelas jauh lebih besar dari kelas lain, sampel minoritas dapat diperlakukan sebagai noise dalam proses klasifikasi, yang mengakibatkan hasil algoritma klasifikasi yang tidak memuaskan. Pada penelitian ini peneliti menggunakan dataset UNSW-NB15, setelah menggabungkan data train dan test, terdapat data tidak seimbangan pada kelas label, yaitu 164673 untuk label 1 dan 93000 untuk label 0. Tujuan penelitian ini untuk mengatasi masalah ketidakseimbangan data pada binary class dengan menggunakan teknik ADASYN dan mendeteksi serangan malware pada dataset UNSW-NB15 dengan menerapkan model algoritma Random Forest dan teknik ADASYN agar mendapatkan performa yang cukup baik. Berdasarkan hasil pengujian dengan teknik ADASYN untuk penanganan ketidakseimbangan data pada Binarry Class dan menggunakan model algoritma Random Forest, serta Hyperparameter Optuna untuk klasifikasi Anomali pada data UNSW-NB15 memperoleh akurasi yang cukup baik. Pada beberapa split data mendapatkan nilai akurasi tertinggi pada split data 90/10 dengan hasil 99.86%. dari segi waktu tercepat didapat pada split data 60/40 yaitu 1,85 seconds.

show abstract

Network intrusion detection using oversampling technique and machine learning algorithms

Cited by 54 publications

References 48 publications

Machine Learning-Based Ransomware Classification of Bitcoin Transactions

Machine Learning-Based Ransomware Classification of Bitcoin Transactions

Cyber Intrusion Detection Based on a Mutative Scale Chaotic Bat Algorithm with Backpropagation Neural Network

Implementasi Adasyn Untuk Imbalance Data Pada Dataset UNSW-NB15 Adasyn Implementation For Data Imbalance on UNSW-NB15 Dataset

Contact Info

Product

Resources

About