A. E. M. Eljialy;Mohammed Yousuf Uddin;Sultan Ahmad
{"title":"使用基于深度学习的多种特征选择方法的入侵检测系统新框架","authors":"A. E. M. Eljialy;Mohammed Yousuf Uddin;Sultan Ahmad","doi":"10.26599/TST.2023.9010032","DOIUrl":null,"url":null,"abstract":"Intrusion detection systems (IDSs) are deployed to detect anomalies in real time. They classify a network's incoming traffic as benign or anomalous (attack). An efficient and robust IDS in software-defined networks is an inevitable component of network security. The main challenges of such an IDS are achieving zero or extremely low false positive rates and high detection rates. Internet of Things (IoT) networks run by using devices with minimal resources. This situation makes deploying traditional IDSs in IoT networks unfeasible. Machine learning (ML) techniques are extensively applied to build robust IDSs. Many researchers have utilized different ML methods and techniques to address the above challenges. The development of an efficient IDS starts with a good feature selection process to avoid overfitting the ML model. This work proposes a multiple feature selection process followed by classification. In this study, the Software-defined networking (SDN) dataset is used to train and test the proposed model. This model applies multiple feature selection techniques to select high-scoring features from a set of features. Highly relevant features for anomaly detection are selected on the basis of their scores to generate the candidate dataset. Multiple classification algorithms are applied to the candidate dataset to build models. The proposed model exhibits considerable improvement in the detection of attacks with high accuracy and low false positive rates, even with a few features selected.","PeriodicalId":48690,"journal":{"name":"Tsinghua Science and Technology","volume":null,"pages":null},"PeriodicalIF":6.6000,"publicationDate":"2024-02-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10431760","citationCount":"0","resultStr":"{\"title\":\"Novel Framework for an Intrusion Detection System Using Multiple Feature Selection Methods Based on Deep Learning\",\"authors\":\"A. E. M. Eljialy;Mohammed Yousuf Uddin;Sultan Ahmad\",\"doi\":\"10.26599/TST.2023.9010032\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusion detection systems (IDSs) are deployed to detect anomalies in real time. They classify a network's incoming traffic as benign or anomalous (attack). An efficient and robust IDS in software-defined networks is an inevitable component of network security. The main challenges of such an IDS are achieving zero or extremely low false positive rates and high detection rates. Internet of Things (IoT) networks run by using devices with minimal resources. This situation makes deploying traditional IDSs in IoT networks unfeasible. Machine learning (ML) techniques are extensively applied to build robust IDSs. Many researchers have utilized different ML methods and techniques to address the above challenges. The development of an efficient IDS starts with a good feature selection process to avoid overfitting the ML model. This work proposes a multiple feature selection process followed by classification. In this study, the Software-defined networking (SDN) dataset is used to train and test the proposed model. This model applies multiple feature selection techniques to select high-scoring features from a set of features. Highly relevant features for anomaly detection are selected on the basis of their scores to generate the candidate dataset. Multiple classification algorithms are applied to the candidate dataset to build models. The proposed model exhibits considerable improvement in the detection of attacks with high accuracy and low false positive rates, even with a few features selected.\",\"PeriodicalId\":48690,\"journal\":{\"name\":\"Tsinghua Science and Technology\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":6.6000,\"publicationDate\":\"2024-02-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10431760\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Tsinghua Science and Technology\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10431760/\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"Multidisciplinary\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Tsinghua Science and Technology","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10431760/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"Multidisciplinary","Score":null,"Total":0}
引用次数: 0
摘要
入侵检测系统(IDS)用于实时检测异常情况。它们将网络输入流量分为良性和异常(攻击)两种。软件定义网络中高效、强大的 IDS 是网络安全不可或缺的组成部分。此类 IDS 面临的主要挑战是实现零或极低的误报率和高检测率。物联网 (IoT) 网络使用资源极少的设备运行。这种情况使得在物联网网络中部署传统 IDS 变得不可行。机器学习(ML)技术被广泛应用于构建稳健的 IDS。许多研究人员利用不同的 ML 方法和技术来应对上述挑战。高效 IDS 的开发始于良好的特征选择过程,以避免 ML 模型的过度拟合。本研究提出了一个多特征选择过程,然后进行分类。本研究使用软件定义网络(SDN)数据集来训练和测试所提出的模型。该模型采用多重特征选择技术,从一组特征中选择高分特征。根据得分选出与异常检测高度相关的特征,生成候选数据集。对候选数据集采用多种分类算法来建立模型。即使只选择少量特征,所提出的模型在检测攻击方面也有相当大的改进,准确率高,误报率低。
Novel Framework for an Intrusion Detection System Using Multiple Feature Selection Methods Based on Deep Learning
Intrusion detection systems (IDSs) are deployed to detect anomalies in real time. They classify a network's incoming traffic as benign or anomalous (attack). An efficient and robust IDS in software-defined networks is an inevitable component of network security. The main challenges of such an IDS are achieving zero or extremely low false positive rates and high detection rates. Internet of Things (IoT) networks run by using devices with minimal resources. This situation makes deploying traditional IDSs in IoT networks unfeasible. Machine learning (ML) techniques are extensively applied to build robust IDSs. Many researchers have utilized different ML methods and techniques to address the above challenges. The development of an efficient IDS starts with a good feature selection process to avoid overfitting the ML model. This work proposes a multiple feature selection process followed by classification. In this study, the Software-defined networking (SDN) dataset is used to train and test the proposed model. This model applies multiple feature selection techniques to select high-scoring features from a set of features. Highly relevant features for anomaly detection are selected on the basis of their scores to generate the candidate dataset. Multiple classification algorithms are applied to the candidate dataset to build models. The proposed model exhibits considerable improvement in the detection of attacks with high accuracy and low false positive rates, even with a few features selected.
期刊介绍:
Tsinghua Science and Technology (Tsinghua Sci Technol) started publication in 1996. It is an international academic journal sponsored by Tsinghua University and is published bimonthly. This journal aims at presenting the up-to-date scientific achievements in computer science, electronic engineering, and other IT fields. Contributions all over the world are welcome.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
