{"title":"入侵检测系统的混合学习模型:参数和非参数分类器的组合","authors":"C. Rajathi, P. Rukmani","doi":"10.1016/j.aej.2024.10.101","DOIUrl":null,"url":null,"abstract":"<div><div>The growing digital transformation has increased the need for effective intrusion detection systems. Traditional intrusion detection systems face challenges in accurately classifying complex patterns. To address this issue, this study proposed a Hybrid Learning Model (HLM) that combines both parametric and non-parametric classifiers. The proposed HLM consist of two stages: the first stage employs a non-parametric Base Learner (np-BL) to analyze the data patterns and the second stage involves meta-modelling to generalize the overall performance of the model, named the Parametric Meta-Learning (PML) model. The proposed HLM blends the outcomes of np-BL and PML models using a stacking ensemble. As a base learning model K-Nearest Neighbors (KNN), Decision Tree (DT), Random Forest (RF), Gradient Boosting Machine (GBM), and Support Vector Classification with Radial Basis Function (SVC-RBF), are adopted from a non-parametric classifier group. The parametric classifiers Logistic Regression (LR), Naïve Bayes Classifier (NBC), Linear Discriminant Analysis (LDA), Quadratic Discriminant Analysis (QDA) and Support Vector Machine with linear kernel (Linear SVM) were used as meta-models. The HLM, as proposed, enhances the adaptability and robustness of the model by combining non-parametric and parametric models. To evaluate the competence of the proposed HLM, a performance analysis was conducted using the NSL-KDD, UNSW-NB15, and CICIDS2017 datasets. The effectiveness was assessed using various metrics, including classification accuracy, precision, recall, F1-Score (F1), Receiver Operating Characteristic (ROC) curve, Detection Rate (DR), and False Alarm Rate (FAR). The proposed HLM achieves a better accuracy rate across different datasets when compared with the existing models. The achieved accuracies are 99.02 %, 99.98 % and 99.63 % for the NSL-KDD, UNSW-NB15, and CICIDS2017 datasets respectively. Furthermore, the HLM gave a significant reduction in FAR, with values of 0.0126, 0.0001, and 0.0016 for the above-mentioned datasets.</div></div>","PeriodicalId":7484,"journal":{"name":"alexandria engineering journal","volume":"112 ","pages":"Pages 384-396"},"PeriodicalIF":6.2000,"publicationDate":"2024-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiers\",\"authors\":\"C. Rajathi, P. Rukmani\",\"doi\":\"10.1016/j.aej.2024.10.101\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The growing digital transformation has increased the need for effective intrusion detection systems. Traditional intrusion detection systems face challenges in accurately classifying complex patterns. To address this issue, this study proposed a Hybrid Learning Model (HLM) that combines both parametric and non-parametric classifiers. The proposed HLM consist of two stages: the first stage employs a non-parametric Base Learner (np-BL) to analyze the data patterns and the second stage involves meta-modelling to generalize the overall performance of the model, named the Parametric Meta-Learning (PML) model. The proposed HLM blends the outcomes of np-BL and PML models using a stacking ensemble. As a base learning model K-Nearest Neighbors (KNN), Decision Tree (DT), Random Forest (RF), Gradient Boosting Machine (GBM), and Support Vector Classification with Radial Basis Function (SVC-RBF), are adopted from a non-parametric classifier group. The parametric classifiers Logistic Regression (LR), Naïve Bayes Classifier (NBC), Linear Discriminant Analysis (LDA), Quadratic Discriminant Analysis (QDA) and Support Vector Machine with linear kernel (Linear SVM) were used as meta-models. The HLM, as proposed, enhances the adaptability and robustness of the model by combining non-parametric and parametric models. To evaluate the competence of the proposed HLM, a performance analysis was conducted using the NSL-KDD, UNSW-NB15, and CICIDS2017 datasets. The effectiveness was assessed using various metrics, including classification accuracy, precision, recall, F1-Score (F1), Receiver Operating Characteristic (ROC) curve, Detection Rate (DR), and False Alarm Rate (FAR). The proposed HLM achieves a better accuracy rate across different datasets when compared with the existing models. The achieved accuracies are 99.02 %, 99.98 % and 99.63 % for the NSL-KDD, UNSW-NB15, and CICIDS2017 datasets respectively. Furthermore, the HLM gave a significant reduction in FAR, with values of 0.0126, 0.0001, and 0.0016 for the above-mentioned datasets.</div></div>\",\"PeriodicalId\":7484,\"journal\":{\"name\":\"alexandria engineering journal\",\"volume\":\"112 \",\"pages\":\"Pages 384-396\"},\"PeriodicalIF\":6.2000,\"publicationDate\":\"2024-11-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"alexandria engineering journal\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1110016824012651\",\"RegionNum\":2,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"ENGINEERING, MULTIDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"alexandria engineering journal","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1110016824012651","RegionNum":2,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}
Hybrid Learning Model for intrusion detection system: A combination of parametric and non-parametric classifiers
The growing digital transformation has increased the need for effective intrusion detection systems. Traditional intrusion detection systems face challenges in accurately classifying complex patterns. To address this issue, this study proposed a Hybrid Learning Model (HLM) that combines both parametric and non-parametric classifiers. The proposed HLM consist of two stages: the first stage employs a non-parametric Base Learner (np-BL) to analyze the data patterns and the second stage involves meta-modelling to generalize the overall performance of the model, named the Parametric Meta-Learning (PML) model. The proposed HLM blends the outcomes of np-BL and PML models using a stacking ensemble. As a base learning model K-Nearest Neighbors (KNN), Decision Tree (DT), Random Forest (RF), Gradient Boosting Machine (GBM), and Support Vector Classification with Radial Basis Function (SVC-RBF), are adopted from a non-parametric classifier group. The parametric classifiers Logistic Regression (LR), Naïve Bayes Classifier (NBC), Linear Discriminant Analysis (LDA), Quadratic Discriminant Analysis (QDA) and Support Vector Machine with linear kernel (Linear SVM) were used as meta-models. The HLM, as proposed, enhances the adaptability and robustness of the model by combining non-parametric and parametric models. To evaluate the competence of the proposed HLM, a performance analysis was conducted using the NSL-KDD, UNSW-NB15, and CICIDS2017 datasets. The effectiveness was assessed using various metrics, including classification accuracy, precision, recall, F1-Score (F1), Receiver Operating Characteristic (ROC) curve, Detection Rate (DR), and False Alarm Rate (FAR). The proposed HLM achieves a better accuracy rate across different datasets when compared with the existing models. The achieved accuracies are 99.02 %, 99.98 % and 99.63 % for the NSL-KDD, UNSW-NB15, and CICIDS2017 datasets respectively. Furthermore, the HLM gave a significant reduction in FAR, with values of 0.0126, 0.0001, and 0.0016 for the above-mentioned datasets.
期刊介绍:
Alexandria Engineering Journal is an international journal devoted to publishing high quality papers in the field of engineering and applied science. Alexandria Engineering Journal is cited in the Engineering Information Services (EIS) and the Chemical Abstracts (CA). The papers published in Alexandria Engineering Journal are grouped into five sections, according to the following classification:
• Mechanical, Production, Marine and Textile Engineering
• Electrical Engineering, Computer Science and Nuclear Engineering
• Civil and Architecture Engineering
• Chemical Engineering and Applied Sciences
• Environmental Engineering
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
