Extreme Gradient Boosting Based Tuning for Classification in Intrusion Detection Systems

In a fast-growing digital era, the increase in devices connected to internet have raised many security issues. For providing security, varieties of the system are available in the IT sector, Intrusion Detection system is one of such system. The design of an efficient intrusion detection system is an open problem to the research community. In this paper, various machine learning algorithms have been used for detecting different types of Denial-of-Service attack. The performance of the models have been measured on the basis of binary and multi-classification. Furthermore, parameter tuning algorithm has been discussed. On the basis of performance parameters, XGBoost performs efficiently and in robust manner to find an intrusion. The proposed method i.e. XGBoost has been compared with other classifiers like AdaBoost, Naive Bayes, Multi-layer perceptron (MLP) and K-Nearest Neighbour (KNN) on recently captured network traffic by Canadian Institute of Cybersecurity (CIC). In this research, average class error and overall error have been calculated for the multi-classification problem.

[1]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[2]  R. Polikar,et al.  Ensemble based systems in decision making , 2006, IEEE Circuits and Systems Magazine.

[3]  Andrew H. Sung,et al.  Intrusion detection using neural networks and support vector machines , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[4]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[5]  Ali A. Ghorbani,et al.  Towards a Reliable Intrusion Detection Benchmark Dataset , 2017 .

[6]  Yi-Ming Chen,et al.  Combining incremental Hidden Markov Model and Adaboost algorithm for anomaly intrusion detection , 2009, CSI-KDD '09.

[7]  Manas Ranjan Patra,et al.  NETWORK INTRUSION DETECTION USING NAÏVE BAYES , 2007 .

[8]  Luca Dieci,et al.  Continuation of invariant subspaces , 2001, Numer. Linear Algebra Appl..

[9]  Yue Wu,et al.  A New Intrusion Detection System Based on KNN Classification Algorithm in Wireless Sensor Network , 2014, J. Electr. Comput. Eng..

[10]  Dhruba Kumar Bhattacharyya,et al.  Anomaly based intrusion detection using meta ensemble classifier , 2012, SIN '12.

[11]  Alexander Vezhnevets,et al.  Avoiding Boosting Overfitting by Removing Confusing Samples , 2007, ECML.

[12]  R. Schapire The Strength of Weak Learnability , 1990, Machine Learning.

[13]  Robin Sommer Viable Network Intrusion Detection: Trade-Offs in High-Performance Environments , 2008 .

[14]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[15]  Wei Hu,et al.  AdaBoost-Based Algorithm for Network Intrusion Detection , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).