Supervised Learning Approach for Intrusion Detection in Unbalanced Network Traffic

Zeeshan Ali; Adnan Akram; Naeem Aslam; Muhammad Saeed Khurram

doi:10.21015/vtse.v13i2.2116

Authors

Zeeshan Ali Department of Information Engineering and Computer Science and Mathematics, University of L'Aquila, Italy https://orcid.org/0000-0002-3577-7413
Adnan Akram Department of Computer Science, NFC Institute of Engineering and Technology, Multan, Pakistan https://orcid.org/0009-0009-7589-3492
Naeem Aslam Department of Computer Science, National College of Business Administration and Economics Lahore, Pakistan https://orcid.org/0009-0008-0662-2739
Muhammad Saeed Khurram Department of Computer Science, National College of Business Administration and Economics Lahore, Pakistan https://orcid.org/0009-0003-2444-7552

DOI:

https://doi.org/10.21015/vtse.v13i2.2116

Abstract

Intrusion detection systems (IDS) serve as critical sentinels in network security, assuming a paramount role in identifying and mitigating potential threats. With the evolution of our digital landscape, robust and productive intrusion detection mechanisms have become increasingly imperative. The significance of IDS lies in their ability to safeguard network resources’ integrity, confidentiality, and availability. In an era where cyber threats constantly evolve in complexity and scale, IDS serves as the front line of defence, tirelessly monitoring network traffic to pinpoint suspicious activities and mitigate potential security breaches. To address the class imbalance problem, the Synthetic Minority Over-sampling Technique (SMOTE) was applied to pre-process the CIC-IDS 2017 and NSL-KDD 2009 datasets. Advanced machine learning technique is harnessed to enhance IDS capabilities, specifically through utilising Support Vector Machines (SVM) for subsequent classification tasks. The experimental outcomes on both datasets unveil exceptional accuracy of 99% and performance across multiple intrusion types, underscoring the effectiveness of our SVM-based approach in strengthening IDS.

References

Nandanwar H, Katarya R. Deep learning enabled intrusion detection system for industrial IoT environment. Expert Syst Appl. 2024;249:123808.

Wang Z, Zhu Y. A centralized HIDS framework for private cloud. In: 2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD). IEEE; 2017. p. 115–120.

Zhang T, Bao S. A novel deep neural network model for computer network intrusion detection considering connection efficiency of network systems. In: 2022 4th International Conference on Smart Systems and Inventive Technology (ICSSIT). IEEE; 2022. p. 962–965.

Jin S, Chung JG, Xu Y. Signature-based intrusion detection system (IDS) for in-vehicle CAN bus network. In: 2021 IEEE International Symposium on Circuits and Systems (ISCAS). IEEE; 2021. p. 1–5.

Bhadauria S, Mohanty T. Hybrid intrusion detection system using an unsupervised method for anomaly-based detection. In: 2021 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS). IEEE; 2021. p. 1–6.

Surya V, Selvam MM. An effective machine learning approach for IoT intrusion detection system based on SMOTE. In: 2022 6th International Conference on Electronics, Communication and Aerospace Technology. IEEE; 2022. p. 905–911.

Hearst M, Dumais S, Osuna E, Platt J, Scholkopf B. Support vector machines. IEEE Intell Syst Appl. 1998;13(4):18–28.

Hafeez S, Kathirisetty N. Effects and comparison of different data pre-processing techniques and ML and deep learning models for sentiment analysis: SVM, KNN, PCA with SVM and CNN. In: 2022 First International Conference on Artificial Intelligence Trends and Pattern Recognition (ICAITPR). IEEE; 2022. p. 1–6.

Aslahi-Shahri B, Rahmani R, Chizari M, Maralani A, Eslami M, Golkar MJ, et al. A hybrid method consisting of GA and SVM for intrusion detection system. Neural Comput Appl. 2016;27:1669–76.

Tavallaee M, Bagheri E, Lu W, Ghorbani AA. A detailed analysis of the KDD Cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. IEEE; 2009. p. 1–6.

Alazzam H, Sharieh A, Sabri KE. A feature selection algorithm for intrusion detection system based on pigeon inspired optimizer. Expert Syst Appl. 2020;148:113249.

Khammassi C, Krichen S. A GA-LR wrapper approach for feature selection in network intrusion detection. Comput Secur. 2017;70:255–77.

Zhang H, Huang L, Wu CQ, Li Z. An effective convolutional neural network based on SMOTE and Gaussian mixture model for intrusion detection in imbalanced dataset. Comput Netw. 2020;177:107315.

Mimura M, Tanaka H. Reading network packets as a natural language for intrusion detection. In: Information Security and Cryptology–ICISC 2017. Springer; 2018. p. 339–350.

Zhang Y, Chen X, Guo D, Song M, Teng Y, Wang X. PCCN: Parallel cross convolutional neural network for abnormal network traffic flows detection in multi-class imbalanced network traffic flows. IEEE Access. 2019;7:119904–16.

Joloudari JH, Marefat A, Nematollahi MA, Oyelere SS, Hussain S. Effective class-imbalance learning based on SMOTE and convolutional neural networks. Appl Sci. 2023;13(6):4006.

Ali Z, Tiberti W, Marotta A, Cassioli D. Empowering network security: BERT transformer learning approach and MLP for intrusion detection in imbalanced network traffic. IEEE Access. 2024;12:137618–33.

Sharafaldin I, Lashkari AH, Ghorbani AA. Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSP. 2018;1:108–16.Nandanwar H, Katarya R. Deep learning enabled intrusion detection system for industrial IoT environment. Expert Syst Appl. 2024;249:123808.

Wang Z, Zhu Y. A centralized HIDS framework for private cloud. In: 2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD). IEEE; 2017. p. 115–120. DOI: https://doi.org/10.1109/SNPD.2017.8022709

Zhang T, Bao S. A novel deep neural network model for computer network intrusion detection considering connection efficiency of network systems. In: 2022 4th International Conference on Smart Systems and Inventive Technology (ICSSIT). IEEE; 2022. p. 962–965.

Jin S, Chung JG, Xu Y. Signature-based intrusion detection system (IDS) for in-vehicle CAN bus network. In: 2021 IEEE International Symposium on Circuits and Systems (ISCAS). IEEE; 2021. p. 1–5.

Bhadauria S, Mohanty T. Hybrid intrusion detection system using an unsupervised method for anomaly-based detection. In: 2021 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS). IEEE; 2021. p. 1–6.

Surya V, Selvam MM. An effective machine learning approach for IoT intrusion detection system based on SMOTE. In: 2022 6th International Conference on Electronics, Communication and Aerospace Technology. IEEE; 2022. p. 905–911.

Hearst M, Dumais S, Osuna E, Platt J, Scholkopf B. Support vector machines. IEEE Intell Syst Appl. 1998;13(4):18–28. DOI: https://doi.org/10.1109/5254.708428

Hafeez S, Kathirisetty N. Effects and comparison of different data pre-processing techniques and ML and deep learning models for sentiment analysis: SVM, KNN, PCA with SVM and CNN. In: 2022 First International Conference on Artificial Intelligence Trends and Pattern Recognition (ICAITPR). IEEE; 2022. p. 1–6.

Aslahi-Shahri B, Rahmani R, Chizari M, Maralani A, Eslami M, Golkar MJ, et al. A hybrid method consisting of GA and SVM for intrusion detection system. Neural Comput Appl. 2016;27:1669–76. DOI: https://doi.org/10.1007/s00521-015-1964-2

Tavallaee M, Bagheri E, Lu W, Ghorbani AA. A detailed analysis of the KDD Cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. IEEE; 2009. p. 1–6. DOI: https://doi.org/10.1109/CISDA.2009.5356528

Alazzam H, Sharieh A, Sabri KE. A feature selection algorithm for intrusion detection system based on pigeon inspired optimizer. Expert Syst Appl. 2020;148:113249.

Khammassi C, Krichen S. A GA-LR wrapper approach for feature selection in network intrusion detection. Comput Secur. 2017;70:255–77. DOI: https://doi.org/10.1016/j.cose.2017.06.005

Zhang H, Huang L, Wu CQ, Li Z. An effective convolutional neural network based on SMOTE and Gaussian mixture model for intrusion detection in imbalanced dataset. Comput Netw. 2020;177:107315.

Mimura M, Tanaka H. Reading network packets as a natural language for intrusion detection. In: Information Security and Cryptology–ICISC 2017. Springer; 2018. p. 339–350. DOI: https://doi.org/10.1007/978-3-319-78556-1_19

Zhang Y, Chen X, Guo D, Song M, Teng Y, Wang X. PCCN: Parallel cross convolutional neural network for abnormal network traffic flows detection in multi-class imbalanced network traffic flows. IEEE Access. 2019;7:119904–16.

Joloudari JH, Marefat A, Nematollahi MA, Oyelere SS, Hussain S. Effective class-imbalance learning based on SMOTE and convolutional neural networks. Appl Sci. 2023;13(6):4006.

Ali Z, Tiberti W, Marotta A, Cassioli D. Empowering network security: BERT transformer learning approach and MLP for intrusion detection in imbalanced network traffic. IEEE Access. 2024;12:137618–33.

Sharafaldin I, Lashkari AH, Ghorbani AA. Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSP. 2018;1:108–16. DOI: https://doi.org/10.5220/0006639801080116

Supervised Learning Approach for Intrusion Detection in Unbalanced Network Traffic

Authors

DOI:

Abstract

References

Downloads

Published

How to Cite

Issue

Section

License

Information

ISSN

Make a Submission