Hybrid Intrusion Detection System Based on Combination of Random Forest and Autoencoder

To cope with the rising threats posed by network attacks, machine learning-based intrusion detection systems (IDSs) have been intensively researched. However, there are several issues that need to be addressed. It is difficult to deal with unknown attacks that do not appear in the training set, and as a result, poor detection rates are produced for these unknown attacks. Furthermore, IDSs suffer from high false positive rate. As different models learn data characteristics from different perspectives, in this work we propose a hybrid IDS which leverages both random forest (RF) and autoencoder (AE). The hybrid model operates in two steps. In particular, in the first step, we utilize the probability output of the RF classifier to determine whether a sample belongs to attack. The unknown attacks can be identified with the assistance of the probability output. In the second step, an additional AE is coupled to reduce the false positive rate. To simulate an unknown attack in experiments, we explicitly remove some samples belonging to one attack class from the training set. Compared with various baselines, our suggested technique demonstrates a high detection rate. Furthermore, the additional AE detection module decreases the false positive rate.

[1]  Brian A. Lee,et al.  A Study of Network Intrusion Detection Systems Using Artificial Intelligence/Machine Learning , 2022, Applied Sciences.

[2]  A. Aldallal Toward Efficient Intrusion Detection System Using Hybrid Deep Learning Approach , 2022, Symmetry.

[3]  S. Ahuja,et al.  A Hybrid Intrusion Detection Model Using EGA-PSO and Improved Random Forest Method , 2022, Sensors.

[4]  Ammar Aldallal,et al.  Effective Intrusion Detection System to Secure Data in Cloud Using Machine Learning , 2021, Symmetry.

[5]  Jehn-Ruey Jiang,et al.  Credit Card Fraud Detection with Autoencoder and Probabilistic Random Forest , 2021, Mathematics.

[6]  K. Narayana Rao,et al.  A hybrid Intrusion Detection System based on Sparse autoencoder and Deep Neural Network , 2021, Comput. Commun..

[7]  Yun-Gyung Cheong,et al.  Analysis of Autoencoders for Network Intrusion Detection † , 2021, Sensors.

[8]  Giancarlo Fortino,et al.  Supervised Feature Selection Techniques in Network Intrusion Detection: a Critical Review , 2021, Eng. Appl. Artif. Intell..

[9]  Robiah Yusof,et al.  Benchmarking of Machine Learning for Anomaly Based Intrusion Detection Systems in the CICIDS2017 Dataset , 2021, IEEE Access.

[10]  M. Portmann,et al.  Towards a Standard Feature Set for Network Intrusion Detection System Datasets , 2021, Mobile Networks and Applications.

[11]  Adnan Shahid Khan,et al.  Network intrusion detection system: A systematic study of machine learning and deep learning approaches , 2020, Trans. Emerg. Telecommun. Technol..

[12]  Byung Moo Lee,et al.  ODPV: An Efficient Protocol to Mitigate Data Integrity Attacks in Intelligent Transport Systems , 2020, IEEE Access.

[13]  Bernabé Dorronsoro,et al.  Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches , 2020, Applied Sciences.

[14]  Bo Lang,et al.  Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey , 2019, Applied Sciences.

[15]  Miguel Nicolau,et al.  Learning Neural Representations for Network Anomaly Detection , 2019, IEEE Transactions on Cybernetics.

[16]  K. P. Soman,et al.  Deep Learning Approach for Intelligent Intrusion Detection System , 2019, IEEE Access.

[17]  Guang Cheng,et al.  An Efficient Network Intrusion Detection System Based on Feature Selection and Ensemble Classifier , 2019, ArXiv.

[18]  Miad Faezipour,et al.  Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection , 2019, Electronics.

[19]  Zhixian Yang,et al.  A Feature Extraction Method for P2P Botnet Detection Using Graphic Symmetry Concept , 2019, Symmetry.

[20]  Elena Sitnikova,et al.  Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset , 2018, Future Gener. Comput. Syst..

[21]  Yong-Hyuk Kim,et al.  Machine-Learning Approach to Optimize SMOTE Ratio in Class Imbalance Dataset for Intrusion Detection , 2018, Comput. Intell. Neurosci..

[22]  Yu Lasheng,et al.  Deep Learning Approach Combining Sparse Autoencoder With SVM for Network Intrusion Detection , 2018, IEEE Access.

[23]  André C. Drummond,et al.  A Survey of Random Forest Based Methods for Intrusion Detection Systems , 2018, ACM Comput. Surv..

[24]  Anamika Yadav,et al.  Decision Tree Based Intrusion Detection System for NSL-KDD Dataset , 2017 .

[25]  Terrance E. Boult,et al.  A Survey of Stealth Malware Attacks, Mitigation Measures, and Steps Toward Autonomous Open World Solutions , 2016, IEEE Communications Surveys & Tutorials.

[26]  Geoffrey E. Hinton,et al.  Deep Learning , 2015, Nature.

[27]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[28]  Michael Biehl,et al.  Advances in machine learning and computational intelligence , 2009, Neurocomputing.

[29]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[30]  Bernhard Schölkopf,et al.  Estimating the Support of a High-Dimensional Distribution , 2001, Neural Computation.

[31]  Abdullah Muhammed,et al.  An Intrusion Detection System for the Internet of Things Based on Machine Learning: Review and Challenges , 2021, Symmetry.

[32]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.

[33]  Yuanqing Li,et al.  Neural Information Processing , 2017, Lecture Notes in Computer Science.