A comprehensive intrusion detection framework using boosting algorithms

•A new cyber security intrusion detection dataset (CCiDD) has been created by performing various scenarios with today's widely used attack methods and internet applications.•The most optimum features of the data sets have been selected with the extra tree algorithm in order to process the data...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:Computers & electrical engineering Ročník 100; s. 107869
Hlavní autori: Kilincer, Ilhan Firat, Ertam, Fatih, Sengur, Abdulkadir
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Amsterdam Elsevier Ltd 01.05.2022
Elsevier BV
Predmet:
Algorithms
Boosting algorithms
Classification
Classifiers
Cyber security
Cybersecurity
Datasets
Extra tree algorithm
IDS
Intrusion detection systems
Machine learning
Optimization
Parameters
System effectiveness
IDS
Extra tree algorithm
Cyber security
Boosting algorithms
Machine learning
ISSN:0045-7906, 1879-0755
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:•A new cyber security intrusion detection dataset (CCiDD) has been created by performing various scenarios with today's widely used attack methods and internet applications.•The most optimum features of the data sets have been selected with the extra tree algorithm in order to process the data received over the network quickly and successfully.•The data sets were classified using high performance GBM, LGBM, XGBoost, catboost algorithms. Intrusion Detection Systems are one of the most effective technologies that protect systems against cyber-attacks. In this study, a new Comprehensive Cyber Security Intrusion Detection Dataset (CCiDD) was created. The CCiDD_A and CCiDD_B datasets are derived from the created dataset. Two datasets were compared with the NSL-KDD, UNSW-NB15 and CSE-CIC-IDS2018 datasets. In the study, the most optimal features for all datasets were determined by the Extra Tree algorithm and the new sub-datasets were classified by machine learning methods with default parameters. As a result of the classification, LGBM and XGBoost algorithms were selected as the most successful algorithms. Hyper parameter optimization was applied to LGBM and XGBoost algorithms to increase classification performance. LGBM classifier surpassed XGBoost classifier in terms of performance and processing time. LGBM algorithm achieved performance values of 99.84%, 98.02%, 99.94%, 95.68% and 99.98% for NSL-KDD, UNSW-NB15, CSE-CIC-IDS2018, CCiDD_A and CCiDD_B datasets, respectively. Since detection time of attacks is a critical issue, the LGBM classifier is recommended for attack detection in terms of time and performance. [Display omitted]
Bibliografia:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0045-7906
1879-0755
DOI:10.1016/j.compeleceng.2022.107869