The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems

The pursuit to spot abnormal behaviors in and out of a network system is what led to a system known as intrusion detection systems for soft computing besides many researchers have applied machine learning around this area. Obviously, a single classifier alone in the classifications seems impossible...

Descripción completa

Detalles Bibliográficos
Autores principales: Iwendi, Celestine, Khan, Suleman, Anajemba, Joseph Henry, Mittal, Mohit, Alenezi, Mamdouh, Alazab, Mamoun
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2020
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7249012/
https://www.ncbi.nlm.nih.gov/pubmed/32365937
http://dx.doi.org/10.3390/s20092559
_version_ 1783538504774451200
author Iwendi, Celestine
Khan, Suleman
Anajemba, Joseph Henry
Mittal, Mohit
Alenezi, Mamdouh
Alazab, Mamoun
author_facet Iwendi, Celestine
Khan, Suleman
Anajemba, Joseph Henry
Mittal, Mohit
Alenezi, Mamdouh
Alazab, Mamoun
author_sort Iwendi, Celestine
collection PubMed
description The pursuit to spot abnormal behaviors in and out of a network system is what led to a system known as intrusion detection systems for soft computing besides many researchers have applied machine learning around this area. Obviously, a single classifier alone in the classifications seems impossible to control network intruders. This limitation is what led us to perform dimensionality reduction by means of correlation-based feature selection approach (CFS approach) in addition to a refined ensemble model. The paper aims to improve the Intrusion Detection System (IDS) by proposing a CFS + Ensemble Classifiers (Bagging and Adaboost) which has high accuracy, high packet detection rate, and low false alarm rate. Machine Learning Ensemble Models with base classifiers (J48, Random Forest, and Reptree) were built. Binary classification, as well as Multiclass classification for KDD99 and NSLKDD datasets, was done while all the attacks were named as an anomaly and normal traffic. Class labels consisted of five major attacks, namely Denial of Service (DoS), Probe, User-to-Root (U2R), Root to Local attacks (R2L), and Normal class attacks. Results from the experiment showed that our proposed model produces 0 false alarm rate (FAR) and 99.90% detection rate (DR) for the KDD99 dataset, and 0.5% FAR and 98.60% DR for NSLKDD dataset when working with 6 and 13 selected features.
format Online
Article
Text
id pubmed-7249012
institution National Center for Biotechnology Information
language English
publishDate 2020
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-72490122020-06-10 The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems Iwendi, Celestine Khan, Suleman Anajemba, Joseph Henry Mittal, Mohit Alenezi, Mamdouh Alazab, Mamoun Sensors (Basel) Article The pursuit to spot abnormal behaviors in and out of a network system is what led to a system known as intrusion detection systems for soft computing besides many researchers have applied machine learning around this area. Obviously, a single classifier alone in the classifications seems impossible to control network intruders. This limitation is what led us to perform dimensionality reduction by means of correlation-based feature selection approach (CFS approach) in addition to a refined ensemble model. The paper aims to improve the Intrusion Detection System (IDS) by proposing a CFS + Ensemble Classifiers (Bagging and Adaboost) which has high accuracy, high packet detection rate, and low false alarm rate. Machine Learning Ensemble Models with base classifiers (J48, Random Forest, and Reptree) were built. Binary classification, as well as Multiclass classification for KDD99 and NSLKDD datasets, was done while all the attacks were named as an anomaly and normal traffic. Class labels consisted of five major attacks, namely Denial of Service (DoS), Probe, User-to-Root (U2R), Root to Local attacks (R2L), and Normal class attacks. Results from the experiment showed that our proposed model produces 0 false alarm rate (FAR) and 99.90% detection rate (DR) for the KDD99 dataset, and 0.5% FAR and 98.60% DR for NSLKDD dataset when working with 6 and 13 selected features. MDPI 2020-04-30 /pmc/articles/PMC7249012/ /pubmed/32365937 http://dx.doi.org/10.3390/s20092559 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Iwendi, Celestine
Khan, Suleman
Anajemba, Joseph Henry
Mittal, Mohit
Alenezi, Mamdouh
Alazab, Mamoun
The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems
title The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems
title_full The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems
title_fullStr The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems
title_full_unstemmed The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems
title_short The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems
title_sort use of ensemble models for multiple class and binary class classification for improving intrusion detection systems
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7249012/
https://www.ncbi.nlm.nih.gov/pubmed/32365937
http://dx.doi.org/10.3390/s20092559
work_keys_str_mv AT iwendicelestine theuseofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT khansuleman theuseofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT anajembajosephhenry theuseofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT mittalmohit theuseofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT alenezimamdouh theuseofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT alazabmamoun theuseofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT iwendicelestine useofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT khansuleman useofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT anajembajosephhenry useofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT mittalmohit useofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT alenezimamdouh useofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems
AT alazabmamoun useofensemblemodelsformultipleclassandbinaryclassclassificationforimprovingintrusiondetectionsystems

Ejemplares similares