Attack Detection From Network Traffic using Machine Learning
DOI:
https://doi.org/10.21015/vtse.v8i1.571Abstract
Network Security Management is not only becoming difficult but also becoming impossible as size of networks grow. Attacks grow beyond the current ability of security related management tools to identify the attacks and respond quickly. So a machine learning based model is designed to detect most recent and up to date attacks from network flow data of network devices, i.e. network switches, routers, wireless routers, firewalls, etc. Extreme Gradient Boosting based model is designed for attack detection that provides 91.61% detection rate, generate very few false alarms at rate of 0.005% and misses attacks at 8.38% rate over CICIDS dataset which recent open source dataset containing network flow information of network devices.
References
Khraisat, A., Gondal, I., Vamplew, P., & Kamruzzaman, J. (2019). Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity, 2(1), 20.
Panigrahi, R., & Borah, S. (2018). A detailed analysis of CICIDS2017 dataset for designing Intrusion Detection Systems. International Journal of Engineering & Technology, 7(3.24), 479-482.
Boukhamla, A., & Coronel, J. (2018). Cicids 2017 dataset: performance improvements and validation as a robust intrusion detection system testbed. International Journal of Information and Computer Security, 9.
Ustebay, S., Turgut, Z., & Aydin, M. A. (2018, December). Intrusion detection system with recursive feature elimination by using random forest and deep learning classifier. In 2018 international congress on big data, deep learning and fighting cyber terrorism (IBIGDELFT) (pp. 71-76). IEEE.
Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018, January). Toward generating a new intrusion detection dataset and intrusion traffic characterization. In ICISSP (pp. 108-116). DOI: https://doi.org/10.5220/0006639801080116
Ahmim, A., Maglaras, L., Ferrag, M. A., Derdour, M., & Janicke, H. (2019, May). A novel hierarchical intrusion detection system based on decision tree and rules-based models. In 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS) (pp. 228-233). IEEE.
Downloads
Published
How to Cite
Issue
Section
License
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC-By) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
This work is licensed under a Creative Commons Attribution License CC BY