Research Article
BibTex RIS Cite

İki Seviyeli Hibrit Makine Öğrenmesi Yöntemi ile Saldırı Tespiti

Year 2019, , 258 - 272, 30.12.2019
https://doi.org/10.30855/gmbd.2019.03.07

Abstract

Bu çalışmada
CSE-CIC-IDS2018 veri kümesi üzerinde saldırı tespiti amaçlanmıştır.
Kullanılacak yöntemler tek seviyeli yöntem ve iki seviyeli hibrit yöntem olarak
iki bölüme ayrılmıştır. Çalışmada Evrişimsel Sinir Ağı (CNN), Rastgele Orman,
Hafif Gradyan Artırma (LGBM), (CNN + Rastgele Orman), (LGBM + Rastgele Orman)
ve (Rastgele Orman + Rastgele Orman) makine öğrenmesi yöntemleri kullanılarak
veri kümesi ele alınmıştır. %98 doğruluk oranı ve 0.86 macro F-skoru ile (CNN +
Rastgele Orman) hibrit modelinin en iyi saldırı tespiti yaptığı görülmüştür.
Ayrıca, GridSearch ile hiperparametre optimizasyonu yapılmış, Sentetik Azınlık
Aşırı Örnekleme Tekniği (SMOTE) ve yüksek korelasyonlu özniteliklerin tespit
üzerindeki etkisi incelenmiştir.

References

  • 1] Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization”, in ICISSP, Prague, Czech Republic, 2018, pp. 108-116
  • [2] S. Wankhede and D. Kshirsagar, "DoS Attack Detection Using Machine Learning and Neural Network," 2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA), Pune, India, 2018, pp. 1-5. Conference on Information Systems Security and Privacy (ICISSP), Portugal, January 2018.
  • [3] D. Aksu and M. Ali Aydin, "Detecting Port Scan Attempts with Comparative Analysis of Deep Learning and Support Vector Machine Algorithms," 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), Ankara, Turkey, 2018, pp. 77-80. [4] V. Kanimozhi and T. P. Jacob, "Artificial Intelligence based Network Intrusion Detection with Hyper-Parameter Optimization Tuning on the Realistic Cyber Dataset CSE-CIC-IDS2018 using Cloud Computing," 2019 International Conference on Communication and Signal Processing (ICCSP), Chennai, India, 2019, pp. 33-36.
  • [5] Zhou, Qianru and Dimitrios Pezaros. “Evaluation of Machine Learning Classifiers for Zero-Day Intrusion Detection - An Analysis on CIC-AWS-2018 dataset.” ArXiv abs/1905.03685v1, 2019.
  • [6] Yulianto, Arif & Sukarno, Parman & Anggis Suwastika, Novian, “Improving AdaBoost-based Intrusion Detection System (IDS) Performance on CIC IDS 2017 Dataset,” Journal of Physics: Conference Series, 1192.
  • [7] I. Ullah and Q. H. Mahmoud, "A Two-Level Hybrid Model for Anomalous Activity Detection in IoT Networks," 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 2019, pp. 1-6.
  • [8] A. R. Wani, Q. P. Rana, U. Saxena and N. Pandey, "Analysis and Detection of DDoS Attacks on Cloud Computing Environment using Machine Learning Techniques," 2019 Amity International Conference on Artificial Intelligence (AICAI), Dubai, United Arab Emirates, 2019, pp. 870-875.
  • [9] Yang Y, Zheng K, Wu C, Niu X, Yang Y. “Building an Effective Intrusion Detection System Using the Modified Density Peak Clustering Algorithm and Deep Belief Networks,” Applied Sciences, 9(2):238, 2019, Doi: 10.3390/app9020238.
  • [10] Yılmaz, Selim & Sen, Sevil, “Early Detection of Botnet Activities Using Grammatical Evolution,” Theory and Applications of Models of Computation, pp.395-404, 2019.
  • [11] McKay, Rob & Pendleton, Brian & Britt, James & Nakhavanit, Ben, “Machine Learning Algorithms on Botnet Traffic: Ensemble and Simple Algorithms,” The International Conference on Compute and Data Analysis 2019 (ICCDA), 2019.
  • [12] CICFlowMeter: Network Traffic Flow Analyzer,http://netflowmeter.ca/netflowmeter.html, Accessed 28 July 2018.
Year 2019, , 258 - 272, 30.12.2019
https://doi.org/10.30855/gmbd.2019.03.07

Abstract

References

  • 1] Iman Sharafaldin, Arash Habibi Lashkari, and Ali A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization”, in ICISSP, Prague, Czech Republic, 2018, pp. 108-116
  • [2] S. Wankhede and D. Kshirsagar, "DoS Attack Detection Using Machine Learning and Neural Network," 2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA), Pune, India, 2018, pp. 1-5. Conference on Information Systems Security and Privacy (ICISSP), Portugal, January 2018.
  • [3] D. Aksu and M. Ali Aydin, "Detecting Port Scan Attempts with Comparative Analysis of Deep Learning and Support Vector Machine Algorithms," 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), Ankara, Turkey, 2018, pp. 77-80. [4] V. Kanimozhi and T. P. Jacob, "Artificial Intelligence based Network Intrusion Detection with Hyper-Parameter Optimization Tuning on the Realistic Cyber Dataset CSE-CIC-IDS2018 using Cloud Computing," 2019 International Conference on Communication and Signal Processing (ICCSP), Chennai, India, 2019, pp. 33-36.
  • [5] Zhou, Qianru and Dimitrios Pezaros. “Evaluation of Machine Learning Classifiers for Zero-Day Intrusion Detection - An Analysis on CIC-AWS-2018 dataset.” ArXiv abs/1905.03685v1, 2019.
  • [6] Yulianto, Arif & Sukarno, Parman & Anggis Suwastika, Novian, “Improving AdaBoost-based Intrusion Detection System (IDS) Performance on CIC IDS 2017 Dataset,” Journal of Physics: Conference Series, 1192.
  • [7] I. Ullah and Q. H. Mahmoud, "A Two-Level Hybrid Model for Anomalous Activity Detection in IoT Networks," 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 2019, pp. 1-6.
  • [8] A. R. Wani, Q. P. Rana, U. Saxena and N. Pandey, "Analysis and Detection of DDoS Attacks on Cloud Computing Environment using Machine Learning Techniques," 2019 Amity International Conference on Artificial Intelligence (AICAI), Dubai, United Arab Emirates, 2019, pp. 870-875.
  • [9] Yang Y, Zheng K, Wu C, Niu X, Yang Y. “Building an Effective Intrusion Detection System Using the Modified Density Peak Clustering Algorithm and Deep Belief Networks,” Applied Sciences, 9(2):238, 2019, Doi: 10.3390/app9020238.
  • [10] Yılmaz, Selim & Sen, Sevil, “Early Detection of Botnet Activities Using Grammatical Evolution,” Theory and Applications of Models of Computation, pp.395-404, 2019.
  • [11] McKay, Rob & Pendleton, Brian & Britt, James & Nakhavanit, Ben, “Machine Learning Algorithms on Botnet Traffic: Ensemble and Simple Algorithms,” The International Conference on Compute and Data Analysis 2019 (ICCDA), 2019.
  • [12] CICFlowMeter: Network Traffic Flow Analyzer,http://netflowmeter.ca/netflowmeter.html, Accessed 28 July 2018.
There are 11 citations in total.

Details

Primary Language Turkish
Subjects Computer Software
Journal Section Research Articles
Authors

Meltem Kurt Pehlivanoğlu 0000-0002-7581-9390

Remzi Atay This is me 0000-0001-8012-0392

Duygu Evrim Odabaş This is me 0000-0002-4093-1366

Publication Date December 30, 2019
Submission Date August 1, 2019
Acceptance Date December 18, 2019
Published in Issue Year 2019

Cite

IEEE M. Kurt Pehlivanoğlu, R. Atay, and D. E. Odabaş, “İki Seviyeli Hibrit Makine Öğrenmesi Yöntemi ile Saldırı Tespiti”, GJES, vol. 5, no. 3, pp. 258–272, 2019, doi: 10.30855/gmbd.2019.03.07.

Gazi Journal of Engineering Sciences (GJES) publishes open access articles under a Creative Commons Attribution 4.0 International License (CC BY). 1366_2000-copia-2.jpg