Araştırma Makalesi
BibTex RIS Kaynak Göster

Saldırı Tespit Sistemlerinde Makine Öğrenmesi Modellerinin Karşılaştırılması

Yıl 2019, Cilt: 12 Sayı: 3, 1513 - 1525, 31.12.2019
https://doi.org/10.18185/erzifbed.573648

Öz

Son yıllardaki gelişen teknolojiler neticesinde her türlü
hesaplama cihazının İnternete bağlanması sağlanmıştır. Bu sayede birçok gerçek dünya problemi yeni ağ düzenine
aktarılsa da bu tam-kontrol sağlanamayan sanal platform çok sayıda güvenlik
açığı içermektedir. Günümüzde ağ yöneticilerin ana görevlerinden biride bu açıkları
kapatmak ve sorumlu oldukları bilgisayar ağını saldırılardan korumaktır. Güvenlik
duvarlarının kullanımı dışarıdan yapılan saldırıları ciddi boyutta engellese de
içeriden yapılabilecek veya daha önceden karşılaşılmayan tipten saldırılara
karşı zafiyetler içermektedir. Saldırı Tespit Sistemleri (STS) bu zafiyetleri
ortadan kaldırmak için öncelikle tercih edilebilecek uygulamalardır. Son
geliştirilen STSleri incelendiğinde dinamik bir güvenlik mekanizması
geliştirmek adına özellikle Makine Öğrenmesi tabanlı sistemlere ağırlık
verildiği görülmektedir. Bilgisayar donanımları ve paralel hesaplama
teknolojilerinde ortaya çıkan gelişmeler ve Büyük Veri işleme teknolojilerinin,
Makine Öğrenmesi tabanlı sistemlerle uyumlu kullanıldığı görülmektedir. Bu
çalışmada yedi farklı makine öğrenimi algoritmaları kullanarak STSlerin
geliştirilmesi amaçlanmıştır. Elde edilen sonuçlar başarım, eğitim süreleri ve
çalıştırma süreleri açısından karşılaştırılarak farklı kriterlere göre uygun
algoritmanın ortaya konmuştur. Bu karşılaştırma için genel kabul gören NSL-KDD
veri setinden faydalanılmıştır. Başarım sonuçlarına bakınca Adaboost
algoritmasının en yüksek doğruluk oranına ulaştığı görülmektedir. Ancak gerek
eğitim süresi gerekse çalışma zamanı performansı göz önüne alınınca Karar Ağacı
algoritmasının daha yüksek performans gösterdiği, doğruluk oranı değeri itibarı
ile de Adaboost’a yakın değere sahip olduğu görülmektedir.

Kaynakça

  • Ahmad I., Basheri M., Iqbal M. J. and Rahim A. (2018) "Performance Comparison of Support Vector Machine, Random Forest, and Extreme Learning Machine for Intrusion Detection," in IEEE Access, vol. 6, pp. 33789-33795, 2018. doi: 10.1109/ACCESS.2018.2841987
  • Alhakami, W., ALharbi A., Bourouis S., Alroobaea R. and Bouguila N. (2019) "Network Anomaly Intrusion Detection Using a Nonparametric Bayesian Approach and Feature Selection," in IEEE Access, vol. 7, pp. 52181-52190, 2019. doi: 10.1109/ACCESS.2019.2912115
  • Artificial neural network. (2019, April 30). URL: https://en.wikipedia.org/wiki/ Artificial_neural_network.
  • Aziz, A. S. A., Hassanien, A. E. (2014). Multilayer Machine Learning-Based Intrusion Detection System. In Bio-inspiring Cyber Security and Cloud Services: Trends and Innovations (ss. 225-247). Springer, Berlin, Heidelberg.
  • Başar, M. D., Sarı, P., Kılıç, N., & Akan, A. (2016, May). Detection of chronic kidney disease by using Adaboost ensemble learning approach. In 2016 24th Signal Processing and Communication Application Conference (SIU) (ss. 773-776). IEEE.
  • Baykal, S. I., Bulut, D., Sahingoz, O. K. (2018, April). Comparing deep learning performance on bigdata by using CPUs and GPUs. In 2018 Electric Electronics, Computer Science, Biomedical Engineerings' Meeting (EBBT) (ss. 1-6). IEEE.
  • CUP-99 Task Description. (n.d.). URL: https://kdd.ics.uci.edu/databases/kddcup99/task.html
  • Dhanabal, L., Shantharajah, S. P. (2015). A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. International Journal of Advanced Research in Computer and Communication Engineering, 4(6), (ss. 446-452).
  • Dong, B., Wang, X. (2016). Comparison deep learning method to traditional methods using for network intrusion detection. In 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN) (ss. 581-585). IEEE.
  • Elsaeidy, A., Munasinghe, K. S., Sharma, D., & Jamalipour, A. (2019). Intrusion detection in smart cities using Restricted Boltzmann Machines. Journal of Network and Computer Applications.
  • Gavankar, S. S., Sawarkar, S. D. (2017). Eager decision tree. In 2017 2nd International Conference for Convergence in Technology (I2CT) (ss. 837-840). IEEE.
  • Karatas, G., Demir, O., Sahingoz, O. K. (2018). Deep Learning in Intrusion Detection Systems. In 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT) (ss. 113-116). IEEE.
  • Karatas, G., Sahingoz, O. K. (2018). Neural network based intrusion detection systems with different training functions. In 2018 6th International Symposium on Digital Forensic and Security (ISDFS) (ss. 1-6). IEEE.
  • Mika, S., Ratsch, G., Weston, J., Scholkopf, B., & Mullers, K. R. (1999, August). Fisher discriminant analysis with kernels. In Neural networks for signal processing IX: Proceedings of the 1999 IEEE signal processing society workshop (cat. no. 98th8468) (ss. 41-48).
  • Radoglou-Grammatikis P. I. and Sarigiannidis P. G., "Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems," in IEEE Access, vol. 7, pp. 46595-46620, 2019.doi: 10.1109/ACCESS.2019.2909807
  • Sahingoz, O. K., Buber, E., Demir, O., Diri, B. (2019). Machine learning based phishing detection from URLs. Expert Systems with Applications, 117, (ss. 345-357).
  • Salo F., Injadat M:, Nassif A. B., Shami A. and Essex A., "Data Mining Techniques in Intrusion Detection Systems: A Systematic Literature Review," in IEEE Access, vol. 6, pp. 56046-56058, 2018.doi: 10.1109/ACCESS.2018.2872784
  • Taneja, S., Gupta, C., Aggarwal, S., Jindal, V. (2015, March). MFZ-KNN—A modified fuzzy based K nearest neighbor algorithm. In 2015 International Conference on Cognitive Computing and Information Processing (CCIP) (ss. 1-5). IEEE.
  • Ulgen, &. (2017, November 12). Makine Öğrenimi Bölüm-5 (Karar Ağaçları). URL: https://medium.com/@k.ulgen90/ makine-öğrenimi-bölüm-5-karar-ağaçları-c90bd7593010
  • Ulgen, &. (2017, October 16). Makine Öğrenimi Bölüm-2 (k-En Yakın Komşuluk). URL: https://medium.com/@k.ulgen90/makine-öğrenimi-bölüm-2-6d6d120a18e1
  • Zhang Y., Li P. and Wang X. , "Intrusion Detection for IoT Based on Improved Genetic Algorithm and Deep Belief Network," in IEEE Access, vol. 7, pp. 31711-31722, 2019. doi: 10.1109/ACCESS.2019.2903723

Comparison of Machine Learning Based Models in Intrusion Detection Systems

Yıl 2019, Cilt: 12 Sayı: 3, 1513 - 1525, 31.12.2019
https://doi.org/10.18185/erzifbed.573648

Öz



Abstract


As
a result of developing technologies in recent years, all kinds of computing
devices can be connected to the Internet. In this way, many real-world
problems are transferred to the new network layout, but this uncontrollable
virtual platform contains many vulnerabilities. One task of network
administrators is closing these leaks and protecting the network from
attacks. Although use of firewalls can prevent serious attacks from outside,
there are many attacks from inside or previously unknown. Intrusion Detection
Systems (IDSs) are the most preferable applications to eliminate these
vulnerabilities. When recently IDSs are examined, it is seen that Machine
Learning-based systems are focused on in order to develop a dynamic security
mechanism. It is seen that developments in hardware and parallel computing
and Big Data processing technologies are used compatible with these systems.
In this study, it is aimed to develop STS using seven different algorithms.
Results were compared in terms of performance, training and running times,
and appropriate algorithm was determined. NSL-KDD dataset was used as
generally accepted-dataset. The results showed Adaboost algorithm achieves
the highest accuracy. However, when both training-time and runtime
performance are considered, Decision Tree algorithm performs better and close
to Adaboost in terms of accuracy.


Kaynakça

  • Ahmad I., Basheri M., Iqbal M. J. and Rahim A. (2018) "Performance Comparison of Support Vector Machine, Random Forest, and Extreme Learning Machine for Intrusion Detection," in IEEE Access, vol. 6, pp. 33789-33795, 2018. doi: 10.1109/ACCESS.2018.2841987
  • Alhakami, W., ALharbi A., Bourouis S., Alroobaea R. and Bouguila N. (2019) "Network Anomaly Intrusion Detection Using a Nonparametric Bayesian Approach and Feature Selection," in IEEE Access, vol. 7, pp. 52181-52190, 2019. doi: 10.1109/ACCESS.2019.2912115
  • Artificial neural network. (2019, April 30). URL: https://en.wikipedia.org/wiki/ Artificial_neural_network.
  • Aziz, A. S. A., Hassanien, A. E. (2014). Multilayer Machine Learning-Based Intrusion Detection System. In Bio-inspiring Cyber Security and Cloud Services: Trends and Innovations (ss. 225-247). Springer, Berlin, Heidelberg.
  • Başar, M. D., Sarı, P., Kılıç, N., & Akan, A. (2016, May). Detection of chronic kidney disease by using Adaboost ensemble learning approach. In 2016 24th Signal Processing and Communication Application Conference (SIU) (ss. 773-776). IEEE.
  • Baykal, S. I., Bulut, D., Sahingoz, O. K. (2018, April). Comparing deep learning performance on bigdata by using CPUs and GPUs. In 2018 Electric Electronics, Computer Science, Biomedical Engineerings' Meeting (EBBT) (ss. 1-6). IEEE.
  • CUP-99 Task Description. (n.d.). URL: https://kdd.ics.uci.edu/databases/kddcup99/task.html
  • Dhanabal, L., Shantharajah, S. P. (2015). A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. International Journal of Advanced Research in Computer and Communication Engineering, 4(6), (ss. 446-452).
  • Dong, B., Wang, X. (2016). Comparison deep learning method to traditional methods using for network intrusion detection. In 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN) (ss. 581-585). IEEE.
  • Elsaeidy, A., Munasinghe, K. S., Sharma, D., & Jamalipour, A. (2019). Intrusion detection in smart cities using Restricted Boltzmann Machines. Journal of Network and Computer Applications.
  • Gavankar, S. S., Sawarkar, S. D. (2017). Eager decision tree. In 2017 2nd International Conference for Convergence in Technology (I2CT) (ss. 837-840). IEEE.
  • Karatas, G., Demir, O., Sahingoz, O. K. (2018). Deep Learning in Intrusion Detection Systems. In 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT) (ss. 113-116). IEEE.
  • Karatas, G., Sahingoz, O. K. (2018). Neural network based intrusion detection systems with different training functions. In 2018 6th International Symposium on Digital Forensic and Security (ISDFS) (ss. 1-6). IEEE.
  • Mika, S., Ratsch, G., Weston, J., Scholkopf, B., & Mullers, K. R. (1999, August). Fisher discriminant analysis with kernels. In Neural networks for signal processing IX: Proceedings of the 1999 IEEE signal processing society workshop (cat. no. 98th8468) (ss. 41-48).
  • Radoglou-Grammatikis P. I. and Sarigiannidis P. G., "Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems," in IEEE Access, vol. 7, pp. 46595-46620, 2019.doi: 10.1109/ACCESS.2019.2909807
  • Sahingoz, O. K., Buber, E., Demir, O., Diri, B. (2019). Machine learning based phishing detection from URLs. Expert Systems with Applications, 117, (ss. 345-357).
  • Salo F., Injadat M:, Nassif A. B., Shami A. and Essex A., "Data Mining Techniques in Intrusion Detection Systems: A Systematic Literature Review," in IEEE Access, vol. 6, pp. 56046-56058, 2018.doi: 10.1109/ACCESS.2018.2872784
  • Taneja, S., Gupta, C., Aggarwal, S., Jindal, V. (2015, March). MFZ-KNN—A modified fuzzy based K nearest neighbor algorithm. In 2015 International Conference on Cognitive Computing and Information Processing (CCIP) (ss. 1-5). IEEE.
  • Ulgen, &. (2017, November 12). Makine Öğrenimi Bölüm-5 (Karar Ağaçları). URL: https://medium.com/@k.ulgen90/ makine-öğrenimi-bölüm-5-karar-ağaçları-c90bd7593010
  • Ulgen, &. (2017, October 16). Makine Öğrenimi Bölüm-2 (k-En Yakın Komşuluk). URL: https://medium.com/@k.ulgen90/makine-öğrenimi-bölüm-2-6d6d120a18e1
  • Zhang Y., Li P. and Wang X. , "Intrusion Detection for IoT Based on Improved Genetic Algorithm and Deep Belief Network," in IEEE Access, vol. 7, pp. 31711-31722, 2019. doi: 10.1109/ACCESS.2019.2903723
Toplam 21 adet kaynakça vardır.

Ayrıntılar

Birincil Dil Türkçe
Konular Mühendislik
Bölüm Makaleler
Yazarlar

Ozgur Koray Sahingoz 0000-0002-1588-8220

Cem Berke Çebi Bu kişi benim 0000-0002-5605-4521

Fatma Sena Bulut Bu kişi benim 0000-0001-9764-6155

Hazal Fırat Bu kişi benim 0000-0002-4845-1201

Gözde Karataş Bu kişi benim 0000-0003-2303-9410

Yayımlanma Tarihi 31 Aralık 2019
Yayımlandığı Sayı Yıl 2019 Cilt: 12 Sayı: 3

Kaynak Göster

APA Sahingoz, O. K., Çebi, C. B., Bulut, F. S., Fırat, H., vd. (2019). Saldırı Tespit Sistemlerinde Makine Öğrenmesi Modellerinin Karşılaştırılması. Erzincan University Journal of Science and Technology, 12(3), 1513-1525. https://doi.org/10.18185/erzifbed.573648