Effective Intrusion Detection System Using XGBoost

As the world is on the verge of venturing into fifth-generation communication technology and embracing concepts such as virtualization and cloudification, the most crucial aspect remains “security”, as more and more data get attached to the internet. This paper reflects a model designed to measure the various parameters of data in a network such as accuracy, precision, confusion matrix, and others. XGBoost is employed on the NSL-KDD (network socket layer-knowledge discovery in databases) dataset to get the desired results. The whole motive is to learn about the integrity of data and have a higher accuracy in the prediction of data. By doing so, the amount of mischievous data floating in a network can be minimized, making the network a secure place to share information. The more secure a network is, the fewer situations where data is hacked or modified. By changing various parameters of the model, future research can be done to get the most out of the data entering and leaving a network. The most important player in the network is data, and getting to know it more closely and precisely is half the work done. Studying data in a network and analyzing the pattern and volume of data leads to the emergence of a solid Intrusion Detection System (IDS), that keeps the network healthy and a safe place to share confidential information.

[1]  Qiang Wang,et al.  A clustering algorithm for intrusion detection , 2005, SPIE Defense + Commercial Sensing.

[3]  Tsuhan Chen,et al.  Semi-supervised co-training and active learning based approach for multi-view intrusion detection , 2009, SAC '09.

[4]  Lilly Suriani Affendey,et al.  Intrusion detection using data mining techniques , 2010, 2010 International Conference on Information Retrieval & Knowledge Management (CAMP).

[5]  Philip K. Chan,et al.  PHAD: packet header anomaly detection for identifying hostile network traffic , 2001 .

[6]  Philip K. Chan,et al.  Incrementally Learning Rules for Anomaly Detection , 2010, FLAIRS.

[7]  Marcus A. Maloof,et al.  Machine Learning and Data Mining for Computer Security , 2006 .

[8]  Carla E. Brodley,et al.  Multivariate decision trees , 2004, Machine Learning.

[9]  Yuh-Jye Lee,et al.  Semi-supervised Learning for False Alarm Reduction , 2010, ICDM.

[10]  Olov Andersson,et al.  A Gentle Introduction to Machine Learning , 2018 .

[11]  S. P. Shantharajah,et al.  A Study on NSL-KDD Dataset for Intrusion Detection System Based on Classification Algorithms , 2015 .

[12]  Wang Min,et al.  Applying Semi-supervised Cluster Algorithm for Anomaly Detection , 2010, 2010 Third International Symposium on Information Processing.

[13]  Marina Papatriantafilou,et al.  CluB: a cluster based framework for mitigating distributed denial of service attacks , 2011, SAC.

[14]  Tianqi Chen,et al.  XGBoost: A Scalable Tree Boosting System , 2016, KDD.

[15]  Terran Lane,et al.  A Decision-Theoritic, Semi-Supervised Model for Intrusion Detection , 2006 .

[16]  Rita Chhikara,et al.  Analysis of NSL KDD Dataset using Classification Algorithms for Intrusion Detection System , 2019 .

[17]  Philip K. Chan,et al.  Learning rules for anomaly detection of hostile network traffic , 2003, Third IEEE International Conference on Data Mining.

[18]  Zhang Fu,et al.  Multifaceted Defense Against Distributed Denial of Service Attacks: Prevention, Detection, Mitigation , 2012 .

[19]  Jugal K. Kalita,et al.  An effective unsupervised network anomaly detection method , 2012, ICACCI '12.

[20]  M. Lakshmi,et al.  EFFECTIVE APPROACH FOR INTRUSION DETECTION USING KSVM AND R 1 , 2017 .

[21]  A. Malathi,et al.  A Detailed Analysis on NSL-KDD Dataset Using Various Machine Learning Techniques for Intrusion Detection , 2013 .

[22]  Marina Papatriantafilou,et al.  Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts , 2012, IEEE Trans. Dependable Secur. Comput..

[23]  Carlos García Garino,et al.  Automatic network intrusion detection: Current techniques and open issues , 2012, Comput. Electr. Eng..

[24]  Vipin Kumar,et al.  A Comparative Study of Classification Techniques for Intrusion Detection , 2013, 2013 International Symposium on Computational and Business Intelligence.

[25]  Manas Ranjan Patra,et al.  A Hybrid Intelligent Approach for Network Intrusion Detection , 2012 .

[26]  Alex A. Freitas,et al.  A hybrid PSO/ACO algorithm for discovering classification rules in data mining , 2008 .

[27]  Wenke Lee,et al.  Ether: malware analysis via hardware virtualization extensions , 2008, CCS.

[28]  Jamal Hussain,et al.  Feature Analysis, Evaluation and Comparisons of Classification Algorithms Based on Noisy Intrusion Dataset☆ , 2016 .

[29]  Surinder Singh Khurana,et al.  Comparison of classification techniques for intrusion detection dataset using WEKA , 2014, International Conference on Recent Advances and Innovations in Engineering (ICRAIE-2014).

[30]  Anamika Yadav,et al.  Performance analysis of NSL-KDD dataset using ANN , 2015, 2015 International Conference on Signal Processing and Communication Engineering Systems.