Network Intrusion Detection Using Linear and Ensemble ML Modeling

2022 ◽  
pp. 27-50
Author(s):  
Shilpi Hiteshkumar Parikh ◽  
Anushka Gaurang Sandesara ◽  
Chintan Bhatt
Keyword(s):  
Logistic Regression ◽  
Intrusion Detection ◽  
Detection System ◽  
Denial Of Service ◽  
Stochastic Gradient Descent ◽  
Network Intrusion Detection ◽  
Network Attacks ◽  
Redundant Data ◽  
System A ◽  
Network Intrusion

Network attacks are continuously surging, and attackers keep on changing their ways in penetrating a system. A network intrusion detection system is created to monitor traffic in the network and to warn regarding the breach in security by invading foreign entities in the network. Specific experiments have been performed on the NSL-KDD dataset instead of the KDD dataset because it does not have redundant data so the output produced from classifiers will not be biased. The main types of attacks are divided into four categories: denial of service (DoS), probe attack, user to root attack (U2R), remote to local attack (R2L). Overall, this chapter proposes an intense study on linear and ensemble models such as logistic regression, stochastic gradient descent (SGD), naïve bayes, light GBM (LGBM), and XGBoost. Lastly, a stacked model is developed that is trained on the above-mentioned classifiers, and it is applied to detect intrusion in networks. From the plethora of approaches taken into consideration, the authors have found maximum accuracy (98.6%) from stacked model and XGBoost.

Proposed Hybrid Classifier to Improve Network Intrusion Detection System using Data Mining Techniques

2020 ◽  
Vol 38 (1B) ◽  
pp. 6-14
Author(s):  
ٍٍSarah M. Shareef ◽  
Soukaena H. Hashim
Keyword(s):  
Intrusion Detection ◽  
False Alarm ◽  
Intrusion Detection System ◽  
Detection System ◽  
Multinomial Logistic Regression ◽  
Network Intrusion Detection ◽  
Limiting Factor ◽  
Network Intrusion ◽  
Network Intrusion Detection System ◽  
Normal Behavior

Network intrusion detection system (NIDS) is a software system which plays an important role to protect network system and can be used to monitor network activities to detect different kinds of attacks from normal behavior in network traffics. A false alarm is one of the most identified problems in relation to the intrusion detection system which can be a limiting factor for the performance and accuracy of the intrusion detection system. The proposed system involves mining techniques at two sequential levels, which are: at the first level Naïve Bayes algorithm is used to detect abnormal activity from normal behavior. The second level is the multinomial logistic regression algorithm of which is used to classify abnormal activity into main four attack types in addition to a normal class. To evaluate the proposed system, the KDDCUP99 dataset of the intrusion detection system was used and K-fold cross-validation was performed. The experimental results show that the performance of the proposed system is improved with less false alarm rate.

Sign in / Sign up

Export Citation Format

Share Document