Attack Detection From Network Traffic using Machine Learning

Authors

  • Maryum Nawaz Department of Computer and Information Sciences Pakistan Institute of Engineering and Applied Sciences, Islamabad
  • Muhammad Arsalan Paracha Department of Computer and Information Sciences Pakistan Institute of Engineering and Applied Sciences, Islamabad
  • Abdul Majid Department of Computer and Information Sciences Pakistan Institute of Engineering and Applied Sciences, Islamabad
  • Hanif Durad Department of Computer and Information Sciences Pakistan Institute of Engineering and Applied Sciences, Islamabad

DOI:

https://doi.org/10.21015/vtse.v8i1.571

Abstract

Network Security Management is not only becoming difficult but also becoming impossible as size of networks grow. Attacks grow beyond the current ability of security related management tools to identify the attacks and respond quickly.   So a machine learning based model is designed to detect most recent and up to date attacks from network flow data of network devices, i.e. network switches, routers, wireless routers, firewalls, etc. Extreme Gradient Boosting based model is designed for attack detection that provides 91.61% detection rate, generate very few false alarms at rate of 0.005% and misses attacks at 8.38% rate over CICIDS dataset which recent open source dataset containing network flow information of network devices.

References

Khraisat, A., Gondal, I., Vamplew, P., & Kamruzzaman, J. (2019). Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity, 2(1), 20.

Panigrahi, R., & Borah, S. (2018). A detailed analysis of CICIDS2017 dataset for designing Intrusion Detection Systems. International Journal of Engineering & Technology, 7(3.24), 479-482.

Boukhamla, A., & Coronel, J. (2018). Cicids 2017 dataset: performance improvements and validation as a robust intrusion detection system testbed. International Journal of Information and Computer Security, 9.

Ustebay, S., Turgut, Z., & Aydin, M. A. (2018, December). Intrusion detection system with recursive feature elimination by using random forest and deep learning classifier. In 2018 international congress on big data, deep learning and fighting cyber terrorism (IBIGDELFT) (pp. 71-76). IEEE.

Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018, January). Toward generating a new intrusion detection dataset and intrusion traffic characterization. In ICISSP (pp. 108-116). DOI: https://doi.org/10.5220/0006639801080116

Ahmim, A., Maglaras, L., Ferrag, M. A., Derdour, M., & Janicke, H. (2019, May). A novel hierarchical intrusion detection system based on decision tree and rules-based models. In 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS) (pp. 228-233). IEEE.

Downloads

Published

2020-11-17

How to Cite

Nawaz, M., Paracha, M. A., Majid, A., & Durad, H. (2020). Attack Detection From Network Traffic using Machine Learning. VFAST Transactions on Software Engineering, 8(1), 1–7. https://doi.org/10.21015/vtse.v8i1.571