Research Article
BibTex RIS Cite

Bilgisayar Ağı Güvenliği için Hibrit Öznitelik Azaltma ile Makine Öğrenmesine Dayalı Bir Saldırı Tespit Sistemi Tasarımı

Year 2022, Volume: 11 Issue: 3, 203 - 220, 31.12.2022

Abstract

Günümüzde teknolojinin ve internetin hızla gelişiminden dolayı ciddi güvenlik tehditleri meydana gelmektedir. Bu gelişim tehditlerinde sürekli değişmesine, gelişmesine ve çeşitlerine neden olmaktadır. Günümüzde teknolojinin ve tehditlerin bu hızla ilerlemesi giderek artan ağ trafiğimizin kontrol ve analiz edilme ihtiyacını gün yüzüne çıkartmaktadır. Analiz sonucu tehditlerin sınıflandırılması için otomatize edilmiş bir saldırı tespit sistemine ihtiyaç duyulmaktadır. Bu ihtiyaç saldırı tespit sistemi ile karşılanabilir. Saldırı tespit sistemi bir tespit sistemi olarak kullanılmaktadır ve ağ güvenliği alanında da kullanılmaktadır. Bu çalışmada makine öğrenmesine dayalı bir saldırı tespit sistemi önerilmektedir. Çalışmada NSL-KDD veri kümesi kullanılarak hem öznitelik çıkartma hem de öznitelik seçme yöntemleri bir arada kullanılarak hibrit bir öznitelik azaltma yöntemi uygulanmıştır ve makine öğrenme modelleri ile sınıflandırma işlemi yapılmıştır. Çalışmanın amacı daha az öznitelik ile yüksek doğruluk oranı elde etmektir. Çalışmada öznitelik çıkartma yöntemi olarak Yığılmış Otomatik Kodlayıcı ve öznitelik seçme olarak SelectKBest yöntemleri uygulanmıştır. Rastgele Orman ve Destek Vektör Makineleri modelleri sınıflandırma için kullanılan makine öğrenme modelleridir. SAE-SKB-RF ve SAE-SKB-SVM önerilen modellerdir. Çalışma sonucunda önerilen modeller birbiri arasında ve literatürde var olan benzer çalışmalar ile karşılaştırılmıştır. Oluşturulan yapı ile saldırılar yüksek başarı oranı ile sınıflandırılmış ve SAE-SKB-RF sınıflandırma metodu kullanılarak %98,67 doğruluk oranı yakalanmıştır. Elde edilen bu oran kullanılan öznitelik azaltma yöntemi ile literatür taramasında yapılan çalışmalara göre en yüksek değeri elde etmiştir.

References

  • Aldweesh, A., Derhab, A., & Emam, A. Z. (2020). Deep learning approaches for anomaly-based intrusion detection systems: A survey, taxonomy, and open issues. Knowledge-Based Systems.
  • Breiman, L. (2001). Random Forests. Machine learning, s. 5-32.
  • Cahyo, A. N., Sari, A. K., & Riasetiawan, M. (2020). Comparison of Hybrid Intrusion Detection System. In 2020 12th International Conference on Information Technology and Electrical Engineering, s. 92-97.
  • Choudharya, S., & Kesswani, N. (2020). Analysis of KDD-Cup’99, NSL-KDD and UNSW-NB15 Datasets using Deep Learning in IoT. Procedia Computer Science, s. 1561-1573.
  • Chumerin, N., & Hulle, M. M. (2006). Comparison of Two Feature Extraction Methods Based on Maximization of Mutual Information. In 2006 16th IEEE signal processing society workshop on machine learning for signal processing, s. 343-348.
  • Cisco. (2019). Cisco Visual Networking Index: Forecast and Trends, 2017–2022 White Paper. www.cisco.com: https://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networkingindex-vni/complete-white-paper-c11-481360.html adresinden alındı
  • Fujita, H., Gaeta, A., Loia, V., & Orciuoli, F. (2019, 5). Resilience Analysis of Critical Infrastructures: A Cognitive Approach Based on Granular Computing. IEEE Transactions on Cybernetics, s. 1835-1848.
  • Gurung, S., Ghose, M. K., & Subedi, A. (2019). Deep Learning Approach on Network Intrusion Detection System using NSL-KDD Dataset. International Journal of Computer Network and Information Security, s. 8-14.
  • Halimaa, A. A., & Sundarakantham, K. (2019). Machine Learning Based Intrusion Detection System. In 2019 3rd International conference on trends in electronics and informatics (ICOEI), s. 916-920. HINTON, G. E., & SALAKHUTDINOV, R. R. (2006). Reducing the Dimensionality of Data with Neural Networks. science, s. 504-507.
  • Hubballia, N., & Suryanarayanan, V. (2014). False alarm minimization techniques in signature-based intrusion detection systems. A survey. Computer Communications, s. 1-17.
  • Jyothsna, V., & Vaddella, R. P. (2011). A Review of Anomaly based IntrusionDetection Systems. International Journal of Computer Applications, s. 26-35.
  • Liao, H.-J., Lin, C.-H. R., Lin, Y.-C., & Tung, K.-Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, s. 16-24.
  • Liu, J., Kantarci, B., & Adams, C. (2020). Machine learning-driven intrusion detection for Contiki-NG-based IoT networks exposed to NSL-KDD dataset. In Proceedings of the 2nd ACM workshop on wireless security and machine learning, s. 25-30.
  • Miao, J., & Niu, L. (2016). A Survey on Feature Selection. Procedia Computer Science, s. 919-926.
  • Pedregosa, F., Varoquaux, G., Gramfort, A., Michel, V., Thirion, B., Grise, O., . . . Duchesnay , E. (2011). Scikit-learn: Machine Learning in Python. the Journal of machine Learning research, s. 2825-2830.
  • Scarfone, K., & Mell, P. (2007). Guide to intrusion detection and prevention systems. NIST special publicatio, s. 94. Subba, B., Biswas, S., & Karmakar, S. (2016). Enhancing performance of anomaly based intrusion detection systems through dimensionality reduction using principal component. In 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), s. 1-6.
  • Taher, K. A., Jisan, B. M., & Rahman, M. (2019). Network Intrusion Detection using Supervised Machine Learning Technique with Feature Selection. In 2019 International conference on robotics, electrical and signal processing techniques, s. 643-646.
  • Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. In 2009 IEEE symposium on computational intelligence for security and defense applications, s. 1-6.
  • Tavallaee, M., Stakhanova, N., & Ghorbani, A. A. (2010). Toward Credible Evaluation of Anomaly-Based Intrusion-Detection Methods. IEEE Transactions on Systems, Man, and Cybernetics, s. 516-524.
  • Vapnik, V. N. (1999). The nature of statistical learning theory. Springer science & business media.
  • Wu, K., Chen, Z., & Li, W. (2018). A Novel Intrusion Detection Model for a Massive Network Using Convolutional Neural Networks. Ieee Access, s. 50850-50859.
  • Yan, Y., Qi, L., Wang, J., Lin, Y., & Chen, L. (2020). A Network Intrusion Detection Method Based on Stacked Autoencoder and LSTM. In ICC 2020-2020 IEEE International Conference on Communications (ICC), s. 1-6.
  • Zamani, M., & Movahedi, M. (2013). Machine learning techniques for intrusion detection. arXiv preprint arXiv:1312.2177.
  • Zhang, C., Ruan, F., Yin, L., Chen, X., Zhai, L., & Liu, F. (2019). A Deep Learning Approach for Network Intrusion Detection Based on NSL-KDD Dataset. In 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification, s. 41-45.
  • Zulfiker, M. S., Kabir, N., Biswas, A. A., Nazneen, T., & Uddin, M. S. (2021). An in-depth analysis of machine learning approaches to predict depression. Current research in behavioral sciences.

Designing a Machine Learning Based Intrusion Detection System with Hybrid Feature Reduction for Network Security

Year 2022, Volume: 11 Issue: 3, 203 - 220, 31.12.2022

Abstract

Today, serious security threats occur due to the rapid development of technology and the internet. This causes a constant change, development and variety in development threats. Today, the rapid progress of technology and threats reveals the need to control and analyze our increasing network traffic. An automated intrusion detection system is needed for the classification of threats as a result of the analysis. This need can be met with an intrusion detection system. The intrusion detection system is used as a detection system and is also used in the field of network security. In this study, an intrusion detection system based on machine learning is proposed. In the study, a hybrid feature reduction method was applied by using both feature extraction and feature selection methods using the NSL-KDD dataset, and classification was performed with machine learning models. The aim of the study is to obtain a high accuracy rate with fewer features. In the study, Stacked Autoencoder (SAE) as feature extraction method and SelectKBest method as feature selection were applied. Random Forest and Support Vector Machine models are machine learning models used for classification. SAE-SKB-RF and SAE-SKB-SVM are recommended models. As a result of the study, the proposed models were compared with each other and with similar studies in the literature. With the structure created, attacks were classified with a high success rate and 98.67% accuracy was achieved by using the SAE-SKB-RF classification method. This ratio obtained the highest value compared to the studies made in the literature review with the feature reduction method used.

References

  • Aldweesh, A., Derhab, A., & Emam, A. Z. (2020). Deep learning approaches for anomaly-based intrusion detection systems: A survey, taxonomy, and open issues. Knowledge-Based Systems.
  • Breiman, L. (2001). Random Forests. Machine learning, s. 5-32.
  • Cahyo, A. N., Sari, A. K., & Riasetiawan, M. (2020). Comparison of Hybrid Intrusion Detection System. In 2020 12th International Conference on Information Technology and Electrical Engineering, s. 92-97.
  • Choudharya, S., & Kesswani, N. (2020). Analysis of KDD-Cup’99, NSL-KDD and UNSW-NB15 Datasets using Deep Learning in IoT. Procedia Computer Science, s. 1561-1573.
  • Chumerin, N., & Hulle, M. M. (2006). Comparison of Two Feature Extraction Methods Based on Maximization of Mutual Information. In 2006 16th IEEE signal processing society workshop on machine learning for signal processing, s. 343-348.
  • Cisco. (2019). Cisco Visual Networking Index: Forecast and Trends, 2017–2022 White Paper. www.cisco.com: https://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networkingindex-vni/complete-white-paper-c11-481360.html adresinden alındı
  • Fujita, H., Gaeta, A., Loia, V., & Orciuoli, F. (2019, 5). Resilience Analysis of Critical Infrastructures: A Cognitive Approach Based on Granular Computing. IEEE Transactions on Cybernetics, s. 1835-1848.
  • Gurung, S., Ghose, M. K., & Subedi, A. (2019). Deep Learning Approach on Network Intrusion Detection System using NSL-KDD Dataset. International Journal of Computer Network and Information Security, s. 8-14.
  • Halimaa, A. A., & Sundarakantham, K. (2019). Machine Learning Based Intrusion Detection System. In 2019 3rd International conference on trends in electronics and informatics (ICOEI), s. 916-920. HINTON, G. E., & SALAKHUTDINOV, R. R. (2006). Reducing the Dimensionality of Data with Neural Networks. science, s. 504-507.
  • Hubballia, N., & Suryanarayanan, V. (2014). False alarm minimization techniques in signature-based intrusion detection systems. A survey. Computer Communications, s. 1-17.
  • Jyothsna, V., & Vaddella, R. P. (2011). A Review of Anomaly based IntrusionDetection Systems. International Journal of Computer Applications, s. 26-35.
  • Liao, H.-J., Lin, C.-H. R., Lin, Y.-C., & Tung, K.-Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, s. 16-24.
  • Liu, J., Kantarci, B., & Adams, C. (2020). Machine learning-driven intrusion detection for Contiki-NG-based IoT networks exposed to NSL-KDD dataset. In Proceedings of the 2nd ACM workshop on wireless security and machine learning, s. 25-30.
  • Miao, J., & Niu, L. (2016). A Survey on Feature Selection. Procedia Computer Science, s. 919-926.
  • Pedregosa, F., Varoquaux, G., Gramfort, A., Michel, V., Thirion, B., Grise, O., . . . Duchesnay , E. (2011). Scikit-learn: Machine Learning in Python. the Journal of machine Learning research, s. 2825-2830.
  • Scarfone, K., & Mell, P. (2007). Guide to intrusion detection and prevention systems. NIST special publicatio, s. 94. Subba, B., Biswas, S., & Karmakar, S. (2016). Enhancing performance of anomaly based intrusion detection systems through dimensionality reduction using principal component. In 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), s. 1-6.
  • Taher, K. A., Jisan, B. M., & Rahman, M. (2019). Network Intrusion Detection using Supervised Machine Learning Technique with Feature Selection. In 2019 International conference on robotics, electrical and signal processing techniques, s. 643-646.
  • Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. In 2009 IEEE symposium on computational intelligence for security and defense applications, s. 1-6.
  • Tavallaee, M., Stakhanova, N., & Ghorbani, A. A. (2010). Toward Credible Evaluation of Anomaly-Based Intrusion-Detection Methods. IEEE Transactions on Systems, Man, and Cybernetics, s. 516-524.
  • Vapnik, V. N. (1999). The nature of statistical learning theory. Springer science & business media.
  • Wu, K., Chen, Z., & Li, W. (2018). A Novel Intrusion Detection Model for a Massive Network Using Convolutional Neural Networks. Ieee Access, s. 50850-50859.
  • Yan, Y., Qi, L., Wang, J., Lin, Y., & Chen, L. (2020). A Network Intrusion Detection Method Based on Stacked Autoencoder and LSTM. In ICC 2020-2020 IEEE International Conference on Communications (ICC), s. 1-6.
  • Zamani, M., & Movahedi, M. (2013). Machine learning techniques for intrusion detection. arXiv preprint arXiv:1312.2177.
  • Zhang, C., Ruan, F., Yin, L., Chen, X., Zhai, L., & Liu, F. (2019). A Deep Learning Approach for Network Intrusion Detection Based on NSL-KDD Dataset. In 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification, s. 41-45.
  • Zulfiker, M. S., Kabir, N., Biswas, A. A., Nazneen, T., & Uddin, M. S. (2021). An in-depth analysis of machine learning approaches to predict depression. Current research in behavioral sciences.
There are 25 citations in total.

Details

Primary Language Turkish
Subjects Engineering
Journal Section Araştırma Makaleleri
Authors

Muhammed Safa Bıçakcı

Sinan Toklu 0000-0002-8147-9089

Early Pub Date December 30, 2022
Publication Date December 31, 2022
Published in Issue Year 2022 Volume: 11 Issue: 3

Cite

APA Bıçakcı, M. S., & Toklu, S. (2022). Bilgisayar Ağı Güvenliği için Hibrit Öznitelik Azaltma ile Makine Öğrenmesine Dayalı Bir Saldırı Tespit Sistemi Tasarımı. Gaziosmanpaşa Bilimsel Araştırma Dergisi, 11(3), 203-220.
AMA Bıçakcı MS, Toklu S. Bilgisayar Ağı Güvenliği için Hibrit Öznitelik Azaltma ile Makine Öğrenmesine Dayalı Bir Saldırı Tespit Sistemi Tasarımı. GBAD. December 2022;11(3):203-220.
Chicago Bıçakcı, Muhammed Safa, and Sinan Toklu. “Bilgisayar Ağı Güvenliği için Hibrit Öznitelik Azaltma Ile Makine Öğrenmesine Dayalı Bir Saldırı Tespit Sistemi Tasarımı”. Gaziosmanpaşa Bilimsel Araştırma Dergisi 11, no. 3 (December 2022): 203-20.
EndNote Bıçakcı MS, Toklu S (December 1, 2022) Bilgisayar Ağı Güvenliği için Hibrit Öznitelik Azaltma ile Makine Öğrenmesine Dayalı Bir Saldırı Tespit Sistemi Tasarımı. Gaziosmanpaşa Bilimsel Araştırma Dergisi 11 3 203–220.
IEEE M. S. Bıçakcı and S. Toklu, “Bilgisayar Ağı Güvenliği için Hibrit Öznitelik Azaltma ile Makine Öğrenmesine Dayalı Bir Saldırı Tespit Sistemi Tasarımı”, GBAD, vol. 11, no. 3, pp. 203–220, 2022.
ISNAD Bıçakcı, Muhammed Safa - Toklu, Sinan. “Bilgisayar Ağı Güvenliği için Hibrit Öznitelik Azaltma Ile Makine Öğrenmesine Dayalı Bir Saldırı Tespit Sistemi Tasarımı”. Gaziosmanpaşa Bilimsel Araştırma Dergisi 11/3 (December 2022), 203-220.
JAMA Bıçakcı MS, Toklu S. Bilgisayar Ağı Güvenliği için Hibrit Öznitelik Azaltma ile Makine Öğrenmesine Dayalı Bir Saldırı Tespit Sistemi Tasarımı. GBAD. 2022;11:203–220.
MLA Bıçakcı, Muhammed Safa and Sinan Toklu. “Bilgisayar Ağı Güvenliği için Hibrit Öznitelik Azaltma Ile Makine Öğrenmesine Dayalı Bir Saldırı Tespit Sistemi Tasarımı”. Gaziosmanpaşa Bilimsel Araştırma Dergisi, vol. 11, no. 3, 2022, pp. 203-20.
Vancouver Bıçakcı MS, Toklu S. Bilgisayar Ağı Güvenliği için Hibrit Öznitelik Azaltma ile Makine Öğrenmesine Dayalı Bir Saldırı Tespit Sistemi Tasarımı. GBAD. 2022;11(3):203-20.