A comprehensive intrusion detection framework using boosting algorithms

•A new cyber security intrusion detection dataset (CCiDD) has been created by performing various scenarios with today's widely used attack methods and internet applications.•The most optimum features of the data sets have been selected with the extra tree algorithm in order to process the data...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Computers & electrical engineering Ročník 100; s. 107869
Hlavní autoři: Kilincer, Ilhan Firat, Ertam, Fatih, Sengur, Abdulkadir
Médium: Journal Article
Jazyk:angličtina
Vydáno: Amsterdam Elsevier Ltd 01.05.2022
Elsevier BV
Témata:
Algorithms
Boosting algorithms
Classification
Classifiers
Cyber security
Cybersecurity
Datasets
Extra tree algorithm
IDS
Intrusion detection systems
Machine learning
Optimization
Parameters
System effectiveness
IDS
Extra tree algorithm
Cyber security
Boosting algorithms
Machine learning
ISSN:0045-7906, 1879-0755
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:•A new cyber security intrusion detection dataset (CCiDD) has been created by performing various scenarios with today's widely used attack methods and internet applications.•The most optimum features of the data sets have been selected with the extra tree algorithm in order to process the data received over the network quickly and successfully.•The data sets were classified using high performance GBM, LGBM, XGBoost, catboost algorithms. Intrusion Detection Systems are one of the most effective technologies that protect systems against cyber-attacks. In this study, a new Comprehensive Cyber Security Intrusion Detection Dataset (CCiDD) was created. The CCiDD_A and CCiDD_B datasets are derived from the created dataset. Two datasets were compared with the NSL-KDD, UNSW-NB15 and CSE-CIC-IDS2018 datasets. In the study, the most optimal features for all datasets were determined by the Extra Tree algorithm and the new sub-datasets were classified by machine learning methods with default parameters. As a result of the classification, LGBM and XGBoost algorithms were selected as the most successful algorithms. Hyper parameter optimization was applied to LGBM and XGBoost algorithms to increase classification performance. LGBM classifier surpassed XGBoost classifier in terms of performance and processing time. LGBM algorithm achieved performance values of 99.84%, 98.02%, 99.94%, 95.68% and 99.98% for NSL-KDD, UNSW-NB15, CSE-CIC-IDS2018, CCiDD_A and CCiDD_B datasets, respectively. Since detection time of attacks is a critical issue, the LGBM classifier is recommended for attack detection in terms of time and performance. [Display omitted]
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0045-7906
1879-0755
DOI:10.1016/j.compeleceng.2022.107869