Research Article
BibTex RIS Cite

BOOSTING ALGORİTMALARI KULLANARAK SALDIRI TESPİT SİSTEMLERİ SINIFLANDIRMADA AÇIKLANABİLİR YAPAY ZEKA UYGULAMASI

Year 2024, , 1 - 7, 30.06.2024
https://doi.org/10.22531/muglajsci.1343051

Abstract

İnternete erişimin kolaylaşması ve hız oranlarının artması ile birlikte internete bağlı cihazlara erişimi de arttırmaktadır. İnternet kullanıcıları yetkili oldukları veya yetkilendirilmedikleri birçok cihaza erişebilirler. Kullanıcıların yetkisiz erişime sahip olup olmadığını tespit eden bu sistemlere Saldırı Tespit Sistemleri denir. Saldırı tespit sistemleri ile kullanıcıların erişimleri sınıflandırılır ve normal bir giriş mi yoksa bir anormallik mi olduğu belirlenir. Makine öğrenimi yöntemleri bu sınıflandırma görevini üstlenir. Özellikle Boosting algoritmaları, yüksek sınıflandırma performansları ile öne çıkmaktadır. Gradient Boosting algoritmasının Saldırı Tespit Sistemleri problemi için önerilen diğer yöntemlere göre dikkate değer bir sınıflandırma performansı sağladığı gözlemlenmiştir. Python programlama dili kullanılarak Gradient Boost ve Adaboost algoritmaları ile tahmin yapılmış ve ardından model SHAPASH ile açıklanmıştır. SHAPASH, makine öğrenmesi modellerinin herkes tarafından yorumlanabilir ve anlaşılır hale getirmeyi hedeflemektedir. Saldırı Tespit Sistemleri için yorumlanabilir ve açıklanabilir bir yaklaşım sunulması siber güvenlik alanında önemli tedbirlerin alınmasında katkı sağlamaktadır. Bu çalışmada Boosting algoritmaları kullanılarak sınıflandırma yapılmış ve Açıklanabilir Yapay Zeka yaklaşımlarından biri olan SHAPASH ile oluşturulan tahmin modeli anlatılmıştır.

References

  • Liao, H. J., Lin, C. H. R., Lin, Y. C., and Tung, K. Y., “Intrusion detection system: A comprehensive review”, Journal of Network and Computer Applications, 36 (1), 16-24, 2013.
  • Sharma S. and Gupta R. K., “Intrusion detection system: A review”, International Journal of Security and Its Applications, 9 (5), 69–76, 2015.
  • Özgür, A., and Erdem, H., “Saldırı tespit sistemlerinde genetik algoritma kullanarak nitelik seçimi ve çoklu sınıflandırıcı füzyonu”, Gazi Üniversitesi Mühendislik Mimarlık Fakültesi Dergisi, 33(1), 75-87, 2018.
  • Salvatore Stolfo, 2019. [Online ]. Available: https://kdd.ics.uci.edu/databases/kddcup99/task.html. [Accessed 12 1 2023].
  • Levin, I. “KDD-99 classifier learning contest LLSoft's results overview”, ACM SIGKDD Explorations Newsletter, 1 (2), 67-75, 2000.
  • Manzoor, I., and Kumar, N. “A feature reduced intrusion detection system using ANN classifier”, Expert Systems with Applications, 88, 249-257, 2017.
  • Alzubi, Q. M., Anbar, M., Sanjalawe, Y., Al-Betar, M. A., & Abdullah, R. “Intrusion detection system based on hybridizing a modified binary grey wolf optimization and particle swarm optimization”, Expert Systems with Applications, 204, 117-597, 2022.
  • Abd Elaziz, M., Al-qaness, M. A., Dahou, A., Ibrahim, R. A., and Abd El-Latif, A. A., “Intrusion detection approach for cloud and IoT environments using deep learning and Capuchin Search Algorithm”, Advances in Engineering Software, 176, 103-402, 2023.
  • Hussain, J., and Lalmuanawma, S., “Feature analysis, evaluation and comparisons of classification algorithms based on noisy intrusion dataset”, Procedia Computer Science, 92, 188-198, 2016.
  • Ruan, Z., Miao, Y., Pan, L., Patterson, N., and Zhang, J. “Visualization of big data security: a case study on the KDD99 cup data set”, Digital Communications and Networks, 3 (4), 250-259, 2017.
  • Al Mehedi Hasan, M., Nasser, M., and Pal, B., “On the KDD’99 dataset: support vector machine based intrusion detection system (ids) with different kernels”, International Journal of Electronics Communication and Computer Engineering, 4 (4), 1164-1170, 2013.
  • Kandeeban, S. S., and Rajesh, R. S., “A Genetic Algorithm Based elucidation for improving Intrusion Detection through condensed feature set by KDD 99 data set”, Information and Knowledge Management, 1 (1), 1-9, 2011.
  • Nuiaa, R. R., Alsaeedi, A. H., Manickam, S., and Al-Shammary, D. E. J., “Evolving dynamic fuzzy clustering (EDFC) to enhance DRDoS_DNS attacks detection mechanism”, International Journal of Intelligent Engineering & Systems, 15 (1), 509-519, 2022.
  • Sahu, S. K., Sarangi, S., and Jena, S. K., “A detail analysis on intrusion detection datasets”, 2014 IEEE international advance computing conference, 1348-1353, 2014.
  • Tavallaee, M., Bagheri, E., Lu, W., and Ghorbani, A. A. “A detailed analysis of the KDD CUP 99 data set”, IEEE symposium on computational intelligence for security and defense applications, 1-6, 2009.
  • Shone, N., Ngoc, T. N., Phai, V. D., and Shi, Q., ”A deep learning approach to network intrusion detection”, IEEE transactions on emerging topics in computational intelligence, 2, 41-50, 2018.
  • Niu, Y., Chen, C., Zhang, X., Zhou, X., and Liu, H., “Application of a New Feature Generation Algorithm in Intrusion Detection System”, Wireless Communications and Mobile Computing, 1, 1-17, 2022.
  • Ingre, B., and Yadav, A., “Performance analysis of NSL-KDD dataset using ANN”, 2015 international conference on signal processing and communication engineering systems, 92-96, 2015.
  • Ambusaidi, M. A., He, X., Nanda, P., and Tan, Z., “Building an intrusion detection system using a filter-based feature selection algorithm”, IEEE transactions on computers, 65 (10), 2986-2998, 2016.
  • Ferrag, M. A., Maglaras, L., Moschoyiannis, S., and Janicke, H., “Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study”, Journal of Information Security and Applications, 50, 102-419, 2020.
  • Beechey, M., Kyriakopoulos, K. G., and Lambotharan, S., “Evidential classification and feature selection for cyber-threat hunting”, Knowledge-Based Systems, 226, 107-120, 2021.
  • Moustafa, N., Koroniotis, N., Keshk, M., Zomaya, A. Y., and Tari, Z., “Explainable Intrusion Detection for Cyber Defences in the Internet of Things: Opportunities and Solutions”, IEEE Communications Surveys & Tutorials, 1, 1-17, 2023.
  • Sevri, M., and Karacan, H., “Explainable Artificial Intelligence (XAI) for Deep Learning Based Intrusion Detection Systems”, In The International Conference on Artificial Intelligence and Applied Mathematics in Engineering, 39-55, Cham: Springer International Publishing, 2022.
  • Wang, M., Zheng, K., Yang, Y., and Wang, X., “An explainable machine learning framework for intrusion detection systems”, IEEE Access, 8, 73127-73141, 2020.
  • Mallampati, S. B., and Seetha, H., “A Review on Recent Approaches of Machine Learning, Deep Learning, and Explainable Artificial Intelligence in Intrusion Detection Systems”, Majlesi Journal of Electrical Engineering, 17(1), 29-54, 2023.
  • Patil, S., Varadarajan, V., Mazhar, S. M., Sahibzada, A., Ahmed, N., Sinha, O., and Kotecha, K., “Explainable artificial intelligence for intrusion detection system”, Electronics, 11(19), 30-79, 2022.
  • Kharwar, A., & Thakor, D. (2023). A hybrid approach for feature selection using SFFS and SBFS with extra-tree and classification using XGBoost. International Journal of Ad Hoc and Ubiquitous Computing, 43(4), 191-205.
  • Carrera, F., Dentamaro, V., Galantucci, S., Iannacone, A., Impedovo, D., & Pirlo, G. (2022). Combining unsupervised approaches for near real-time network traffic anomaly detection. Applied Sciences, 12(3), 1759.
  • Sivamohan, S., & Sridhar, S. S. (2023). An optimized model for network intrusion detection systems in industry 4.0 using XAI based Bi-LSTM framework. Neural Computing and Applications, 35(15), 11459-11475.
  • Alexey Natekin, “Gradient boosting machines, a tutorial”, 2013. [Online]. Available: https://www.frontiersin.org/articles/10.3389/fnbot.2013.00021/full. [Accessed 14 11 2022].
  • Ravipati, R. D., and Abualkibash, M., “Intrusion detection system classification using different machine learning algorithms on KDD-99 and NSL-KDD datasets-a review paper”, International Journal of Computer Science & Information Technology, 11(3), 65-80, 2019.
  • Güllü, M., Polat, H., and Çetin, A., “Author identification with chicken swarm optimization algorithm and adaboost approaches”, International Conference on Computer Science and Engineering, 1-5, 2020.
  • Prokhorenkova, L., Gusev, G., Vorobev, A., Dorogush, A. V., & Gulin, A. (2018). CatBoost: unbiased boosting with categorical features. Advances in neural information processing systems, 31.
  • Ravipati, R. D., & Abualkibash, M. (2019). Intrusion detection system classification using different machine learning algorithms on KDD-99 and NSL-KDD datasets-a review paper. International Journal of Computer Science & Information Technology (IJCSIT) 11.
  • Anonymous , “Welcome to Shapash’s documentation”, 2020. [Online]. Available: https://shapash.readthedocs.io/en/latest/. [Accessed 24 1 2022].
  • Amin, M. N., Salami, B. A., Zahid, M., Iqbal, M., Khan, K., Abu-Arab, A. M., and Jalal, F. E., “Investigating the Bond Strength of FRP Laminates with Concrete Using LIGHT GBM and SHAPASH Analysis”, Polymers, 14 (21), 1-16, 2022.
  • Bouche T., "Overview", 2022. [Online]. Available: https://github.com/MAIF/shapash. [Accessed 26 11, 2022].

APPLICATION OF EXPLAINABLE ARTIFICIAL INTELLIGENCE IN INTRUSION DETECTION SYSTEM CLASSIFICATION USING BOOSTING ALGORITHMS

Year 2024, , 1 - 7, 30.06.2024
https://doi.org/10.22531/muglajsci.1343051

Abstract

The increased speed rates and ease of access to the Internet increase the availability of devices with Internet connections. Internet users can access many devices that they are authorized or not authorized. These systems, which detect whether users have unauthorized access or not, are called Intrusion Detection Systems. With intrusion detection systems, users' access is classified and it is determined whether it is a normal login or an anomaly. Machine learning methods undertake this classification task. In particular, Boosting algorithms stand out with their high classification performance. It has been observed that the Gradient Boosting algorithm provides remarkable classification performance when compared to other methods proposed for the Intrusion Detection Systems problem. Using the Python programming language, estimation was made with the Gradient Boost, Adaboost algorithms, Catboost, and Decision Tree and then the model was explained with SHAPASH. The goal of SHAPASH is to enable universal interpretation and comprehension of machine learning models. Providing an interpretable and explainable approach to Intrusion Detection Systems contributes to taking important precautions in the field of cyber security. In this study, classification was made using Boosting algorithms, and the estimation model created with SHAPASH, which is one of the Explainable Artificial Intelligence approaches, is explained.

References

  • Liao, H. J., Lin, C. H. R., Lin, Y. C., and Tung, K. Y., “Intrusion detection system: A comprehensive review”, Journal of Network and Computer Applications, 36 (1), 16-24, 2013.
  • Sharma S. and Gupta R. K., “Intrusion detection system: A review”, International Journal of Security and Its Applications, 9 (5), 69–76, 2015.
  • Özgür, A., and Erdem, H., “Saldırı tespit sistemlerinde genetik algoritma kullanarak nitelik seçimi ve çoklu sınıflandırıcı füzyonu”, Gazi Üniversitesi Mühendislik Mimarlık Fakültesi Dergisi, 33(1), 75-87, 2018.
  • Salvatore Stolfo, 2019. [Online ]. Available: https://kdd.ics.uci.edu/databases/kddcup99/task.html. [Accessed 12 1 2023].
  • Levin, I. “KDD-99 classifier learning contest LLSoft's results overview”, ACM SIGKDD Explorations Newsletter, 1 (2), 67-75, 2000.
  • Manzoor, I., and Kumar, N. “A feature reduced intrusion detection system using ANN classifier”, Expert Systems with Applications, 88, 249-257, 2017.
  • Alzubi, Q. M., Anbar, M., Sanjalawe, Y., Al-Betar, M. A., & Abdullah, R. “Intrusion detection system based on hybridizing a modified binary grey wolf optimization and particle swarm optimization”, Expert Systems with Applications, 204, 117-597, 2022.
  • Abd Elaziz, M., Al-qaness, M. A., Dahou, A., Ibrahim, R. A., and Abd El-Latif, A. A., “Intrusion detection approach for cloud and IoT environments using deep learning and Capuchin Search Algorithm”, Advances in Engineering Software, 176, 103-402, 2023.
  • Hussain, J., and Lalmuanawma, S., “Feature analysis, evaluation and comparisons of classification algorithms based on noisy intrusion dataset”, Procedia Computer Science, 92, 188-198, 2016.
  • Ruan, Z., Miao, Y., Pan, L., Patterson, N., and Zhang, J. “Visualization of big data security: a case study on the KDD99 cup data set”, Digital Communications and Networks, 3 (4), 250-259, 2017.
  • Al Mehedi Hasan, M., Nasser, M., and Pal, B., “On the KDD’99 dataset: support vector machine based intrusion detection system (ids) with different kernels”, International Journal of Electronics Communication and Computer Engineering, 4 (4), 1164-1170, 2013.
  • Kandeeban, S. S., and Rajesh, R. S., “A Genetic Algorithm Based elucidation for improving Intrusion Detection through condensed feature set by KDD 99 data set”, Information and Knowledge Management, 1 (1), 1-9, 2011.
  • Nuiaa, R. R., Alsaeedi, A. H., Manickam, S., and Al-Shammary, D. E. J., “Evolving dynamic fuzzy clustering (EDFC) to enhance DRDoS_DNS attacks detection mechanism”, International Journal of Intelligent Engineering & Systems, 15 (1), 509-519, 2022.
  • Sahu, S. K., Sarangi, S., and Jena, S. K., “A detail analysis on intrusion detection datasets”, 2014 IEEE international advance computing conference, 1348-1353, 2014.
  • Tavallaee, M., Bagheri, E., Lu, W., and Ghorbani, A. A. “A detailed analysis of the KDD CUP 99 data set”, IEEE symposium on computational intelligence for security and defense applications, 1-6, 2009.
  • Shone, N., Ngoc, T. N., Phai, V. D., and Shi, Q., ”A deep learning approach to network intrusion detection”, IEEE transactions on emerging topics in computational intelligence, 2, 41-50, 2018.
  • Niu, Y., Chen, C., Zhang, X., Zhou, X., and Liu, H., “Application of a New Feature Generation Algorithm in Intrusion Detection System”, Wireless Communications and Mobile Computing, 1, 1-17, 2022.
  • Ingre, B., and Yadav, A., “Performance analysis of NSL-KDD dataset using ANN”, 2015 international conference on signal processing and communication engineering systems, 92-96, 2015.
  • Ambusaidi, M. A., He, X., Nanda, P., and Tan, Z., “Building an intrusion detection system using a filter-based feature selection algorithm”, IEEE transactions on computers, 65 (10), 2986-2998, 2016.
  • Ferrag, M. A., Maglaras, L., Moschoyiannis, S., and Janicke, H., “Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study”, Journal of Information Security and Applications, 50, 102-419, 2020.
  • Beechey, M., Kyriakopoulos, K. G., and Lambotharan, S., “Evidential classification and feature selection for cyber-threat hunting”, Knowledge-Based Systems, 226, 107-120, 2021.
  • Moustafa, N., Koroniotis, N., Keshk, M., Zomaya, A. Y., and Tari, Z., “Explainable Intrusion Detection for Cyber Defences in the Internet of Things: Opportunities and Solutions”, IEEE Communications Surveys & Tutorials, 1, 1-17, 2023.
  • Sevri, M., and Karacan, H., “Explainable Artificial Intelligence (XAI) for Deep Learning Based Intrusion Detection Systems”, In The International Conference on Artificial Intelligence and Applied Mathematics in Engineering, 39-55, Cham: Springer International Publishing, 2022.
  • Wang, M., Zheng, K., Yang, Y., and Wang, X., “An explainable machine learning framework for intrusion detection systems”, IEEE Access, 8, 73127-73141, 2020.
  • Mallampati, S. B., and Seetha, H., “A Review on Recent Approaches of Machine Learning, Deep Learning, and Explainable Artificial Intelligence in Intrusion Detection Systems”, Majlesi Journal of Electrical Engineering, 17(1), 29-54, 2023.
  • Patil, S., Varadarajan, V., Mazhar, S. M., Sahibzada, A., Ahmed, N., Sinha, O., and Kotecha, K., “Explainable artificial intelligence for intrusion detection system”, Electronics, 11(19), 30-79, 2022.
  • Kharwar, A., & Thakor, D. (2023). A hybrid approach for feature selection using SFFS and SBFS with extra-tree and classification using XGBoost. International Journal of Ad Hoc and Ubiquitous Computing, 43(4), 191-205.
  • Carrera, F., Dentamaro, V., Galantucci, S., Iannacone, A., Impedovo, D., & Pirlo, G. (2022). Combining unsupervised approaches for near real-time network traffic anomaly detection. Applied Sciences, 12(3), 1759.
  • Sivamohan, S., & Sridhar, S. S. (2023). An optimized model for network intrusion detection systems in industry 4.0 using XAI based Bi-LSTM framework. Neural Computing and Applications, 35(15), 11459-11475.
  • Alexey Natekin, “Gradient boosting machines, a tutorial”, 2013. [Online]. Available: https://www.frontiersin.org/articles/10.3389/fnbot.2013.00021/full. [Accessed 14 11 2022].
  • Ravipati, R. D., and Abualkibash, M., “Intrusion detection system classification using different machine learning algorithms on KDD-99 and NSL-KDD datasets-a review paper”, International Journal of Computer Science & Information Technology, 11(3), 65-80, 2019.
  • Güllü, M., Polat, H., and Çetin, A., “Author identification with chicken swarm optimization algorithm and adaboost approaches”, International Conference on Computer Science and Engineering, 1-5, 2020.
  • Prokhorenkova, L., Gusev, G., Vorobev, A., Dorogush, A. V., & Gulin, A. (2018). CatBoost: unbiased boosting with categorical features. Advances in neural information processing systems, 31.
  • Ravipati, R. D., & Abualkibash, M. (2019). Intrusion detection system classification using different machine learning algorithms on KDD-99 and NSL-KDD datasets-a review paper. International Journal of Computer Science & Information Technology (IJCSIT) 11.
  • Anonymous , “Welcome to Shapash’s documentation”, 2020. [Online]. Available: https://shapash.readthedocs.io/en/latest/. [Accessed 24 1 2022].
  • Amin, M. N., Salami, B. A., Zahid, M., Iqbal, M., Khan, K., Abu-Arab, A. M., and Jalal, F. E., “Investigating the Bond Strength of FRP Laminates with Concrete Using LIGHT GBM and SHAPASH Analysis”, Polymers, 14 (21), 1-16, 2022.
  • Bouche T., "Overview", 2022. [Online]. Available: https://github.com/MAIF/shapash. [Accessed 26 11, 2022].
There are 37 citations in total.

Details

Primary Language English
Subjects Quantum Engineering Systems (Incl. Computing and Communications)
Journal Section Articles
Authors

Ercan Atagün 0000-0001-5196-5732

Günay Temür 0000-0002-7197-5804

Serdar Biroğul 0000-0003-4966-5970

Publication Date June 30, 2024
Published in Issue Year 2024

Cite

APA Atagün, E., Temür, G., & Biroğul, S. (2024). APPLICATION OF EXPLAINABLE ARTIFICIAL INTELLIGENCE IN INTRUSION DETECTION SYSTEM CLASSIFICATION USING BOOSTING ALGORITHMS. Mugla Journal of Science and Technology, 10(1), 1-7. https://doi.org/10.22531/muglajsci.1343051
AMA Atagün E, Temür G, Biroğul S. APPLICATION OF EXPLAINABLE ARTIFICIAL INTELLIGENCE IN INTRUSION DETECTION SYSTEM CLASSIFICATION USING BOOSTING ALGORITHMS. MJST. June 2024;10(1):1-7. doi:10.22531/muglajsci.1343051
Chicago Atagün, Ercan, Günay Temür, and Serdar Biroğul. “APPLICATION OF EXPLAINABLE ARTIFICIAL INTELLIGENCE IN INTRUSION DETECTION SYSTEM CLASSIFICATION USING BOOSTING ALGORITHMS”. Mugla Journal of Science and Technology 10, no. 1 (June 2024): 1-7. https://doi.org/10.22531/muglajsci.1343051.
EndNote Atagün E, Temür G, Biroğul S (June 1, 2024) APPLICATION OF EXPLAINABLE ARTIFICIAL INTELLIGENCE IN INTRUSION DETECTION SYSTEM CLASSIFICATION USING BOOSTING ALGORITHMS. Mugla Journal of Science and Technology 10 1 1–7.
IEEE E. Atagün, G. Temür, and S. Biroğul, “APPLICATION OF EXPLAINABLE ARTIFICIAL INTELLIGENCE IN INTRUSION DETECTION SYSTEM CLASSIFICATION USING BOOSTING ALGORITHMS”, MJST, vol. 10, no. 1, pp. 1–7, 2024, doi: 10.22531/muglajsci.1343051.
ISNAD Atagün, Ercan et al. “APPLICATION OF EXPLAINABLE ARTIFICIAL INTELLIGENCE IN INTRUSION DETECTION SYSTEM CLASSIFICATION USING BOOSTING ALGORITHMS”. Mugla Journal of Science and Technology 10/1 (June 2024), 1-7. https://doi.org/10.22531/muglajsci.1343051.
JAMA Atagün E, Temür G, Biroğul S. APPLICATION OF EXPLAINABLE ARTIFICIAL INTELLIGENCE IN INTRUSION DETECTION SYSTEM CLASSIFICATION USING BOOSTING ALGORITHMS. MJST. 2024;10:1–7.
MLA Atagün, Ercan et al. “APPLICATION OF EXPLAINABLE ARTIFICIAL INTELLIGENCE IN INTRUSION DETECTION SYSTEM CLASSIFICATION USING BOOSTING ALGORITHMS”. Mugla Journal of Science and Technology, vol. 10, no. 1, 2024, pp. 1-7, doi:10.22531/muglajsci.1343051.
Vancouver Atagün E, Temür G, Biroğul S. APPLICATION OF EXPLAINABLE ARTIFICIAL INTELLIGENCE IN INTRUSION DETECTION SYSTEM CLASSIFICATION USING BOOSTING ALGORITHMS. MJST. 2024;10(1):1-7.

5975f2e33b6ce.png
Muğla Sıtkı Koçman Üniversitesi Fen Bilimleri ve Teknoloji Dergisi Creative Commons Atıf-GayriTicari-AynıLisanslaPaylaş 4.0 Uluslararası Lisansı ile lisanslanmıştır.