论文标题
用于网络入侵检测的可靠混合机器学习模型
A Dependable Hybrid Machine Learning Model for Network Intrusion Detection
论文作者
论文摘要
网络入侵检测系统(NIDSS)在计算机网络安全性中起重要作用。有几种检测机制,基于异常的自动检测显着优于其他检测。在攻击的复杂性和越来越多的攻击中,处理大量数据是基于异常的NID的开发中的公认问题。但是,当前的模型是否在所需的准确性和可靠性方面满足了当今网络的需求?在这项研究中,我们提出了一种新的混合模型,该模型将机器学习和深度学习结合在一起,以提高检测率,同时确保可靠性。我们提出的方法通过将SMOTE组合用于数据平衡和XGBOOST进行特征选择来确保有效的预处理。我们将开发的方法与各种机器学习和深度学习算法进行了比较,以找到在管道中实施的更有效的算法。此外,我们根据一组基准的性能分析标准选择了网络入侵的最有效模型。当在两个数据集(KDDCUP'99和CIC-MALMEM-2022)上进行测试时,我们的方法会产生出色的结果,对于KDDCUP'99和CIC-MALMEM-2022,精度为99.99%,100%的精度为100%,没有过度拟合或类型1和2型和类型和2型问题。
Network intrusion detection systems (NIDSs) play an important role in computer network security. There are several detection mechanisms where anomaly-based automated detection outperforms others significantly. Amid the sophistication and growing number of attacks, dealing with large amounts of data is a recognized issue in the development of anomaly-based NIDS. However, do current models meet the needs of today's networks in terms of required accuracy and dependability? In this research, we propose a new hybrid model that combines machine learning and deep learning to increase detection rates while securing dependability. Our proposed method ensures efficient pre-processing by combining SMOTE for data balancing and XGBoost for feature selection. We compared our developed method to various machine learning and deep learning algorithms to find a more efficient algorithm to implement in the pipeline. Furthermore, we chose the most effective model for network intrusion based on a set of benchmarked performance analysis criteria. Our method produces excellent results when tested on two datasets, KDDCUP'99 and CIC-MalMem-2022, with an accuracy of 99.99% and 100% for KDDCUP'99 and CIC-MalMem-2022, respectively, and no overfitting or Type-1 and Type-2 issues.
