Network Intrusion Detection Framework Based on Embedded Tree Model

Network intrusion detection system plays a vital role in network security protections that could be used to protect personal privacy and property security so as to protect users from attackers. However, there are a few samples of attack types with various characteristics. To solve the problem of class-imbalance in network security and correctly detect the attack, this paper proposes a network intrusion detection framework: random forest and gradient boosting decision tree (RF-GBDT). Random forest model is used for feature transformation and gradient boosting decision tree model is used for classification. RF-GBDT was used on the UNSW-NB15 dataset in which only 8 features were selected for training and a large number of irrelevant features were deleted. RF-GBDT not only reduced the training time but also improved the detection rate. The experiment result shows that RF-GBDT model has a higher detection rate and lower false alarm rate compared with other relative algorithms.

[1]  Bartosz Krawczyk Cost-sensitive one-vs-one ensemble for multi-class imbalanced data , 2016, 2016 International Joint Conference on Neural Networks (IJCNN).

[2]  Nitesh V. Chawla,et al.  SMOTEBoost: Improving Prediction of the Minority Class in Boosting , 2003, PKDD.

[3]  Francisco Herrera,et al.  Evolutionary-based selection of generalized instances for imbalanced classification , 2012, Knowl. Based Syst..

[4]  Shan Ding,et al.  Research on intrusion detection technology based on deep learning , 2017, 2017 3rd IEEE International Conference on Computer and Communications (ICCC).

[5]  Yuming Zhou,et al.  A novel ensemble method for classifying imbalanced data , 2015, Pattern Recognit..

[6]  Francisco Herrera,et al.  Empowering one-vs-one decomposition with ensemble learning for multi-class imbalanced data , 2016, Knowl. Based Syst..

[7]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[8]  Joaquin Quiñonero Candela,et al.  Practical Lessons from Predicting Clicks on Ads at Facebook , 2014, ADKDD'14.

[9]  Santi Wulan Purnami,et al.  Combine Sampling Support Vector Machine for Imbalanced Data Classification , 2015 .

[10]  J. Friedman Greedy function approximation: A gradient boosting machine. , 2001 .

[11]  Jian Gao,et al.  A new sampling method for classifying imbalanced data based on support vector machine ensemble , 2016, Neurocomputing.