Network Anomaly Detection Using a Hybrid Approach of Machine Learning Algorithms


Abstract views: 6 / PDF downloads: 6

Authors

  • Feyza ÖZGER Sakarya Uygulamalı Bilimler Üniversitesi
  • Halit ÖZTEKİN Sakarya Uygulamalı Bilimler Üniversitesi

Keywords:

Network Security, Supervised Learning, Machine Learning, Metaheuristic Algorithms, KDD Cup 1999

Abstract

Internet, while being of vital importance, has also brought along cyber attacks and threats.
Detection systems in cybersecurity have gained importance to counter these threats. Systems like network
anomaly detection can identify abnormal activities by learning normal network traffic. Hybrid models have
shown high success in cyber attack detection. In tests conducted on the KDD Cup 1999 dataset, machine
learning methods such as Decision Trees, Logistic Regression, Naive Bayes, Random Forest, and k-Nearest
Neighbors have exhibited high accuracy levels. Two different hybrid feature selection methods, PCA +
RFECV and RFECV + FS, were compared, and it was observed that feature selection plays a critical role
in classification performance. These methods can enhance classification performance by reducing the
dimensionality of the dataset and selecting meaningful features. This study emphasizes the importance of
cybersecurity detection systems in minimizing the potential damage of digital attacks while safeguarding
the information of individuals and organizations.

Downloads

Download data is not yet available.

Author Biographies

Feyza ÖZGER, Sakarya Uygulamalı Bilimler Üniversitesi

Elektrik Elektronik Mühendisliği, Sakarya

Halit ÖZTEKİN, Sakarya Uygulamalı Bilimler Üniversitesi

Bilgisayar Mühendisliği, Sakarya

References

Thottan, M., Ji, C. (2003). Anomaly detection in IP networks. IEEE Transactions on Signal Processing, 51(8), 2191-2204

https://www.datascience.com/blog/python-anomaly-detection, ( Erişim tarihi: 24.04.2023).

Denning, D. E. (1987). An intrusion detection model. IEEE Transactions on Software Engineering, 13(2), 222-232.

Mukkamala, S., Janoski, G., & Sung, A. (2002). Intrusion detection using neural networks and support vector machines. In Proceedings of the IEEE International Joint Conference on Neural Networks (Vol. 2, pp. 1702-1707).

Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., & Vázquez, E. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers & Security, 28(1-2), 18-28.,

Stallings, W. (2013). Network Security Essentials: Applications and Standards. Pearson Education.

Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A. A. (2009). A detailed analysis of KDDCUP 99 data set. IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, ON, Canada.

Moustafa, N., Slay, J. (2015). The Evaluation of Network Anomaly Detection Systems: Statistical Analysis of the UNSW-NB15 Data Set and the Comparison with the KDD99 Data Set. Information Security Journal: A Global Perspective, 24(1-3), 18-31.

Url-3 <https://www.unb.ca/cic/datasets/ids-2017.html>, erişim Tarihi: 17.09.2019.

Haines, J. W., Rossev, L. M., Lippmann, R. P., Cunningham, R. K. (2001). Extending the DARPA off-line intrusion detection evaluations. Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01, Anaheim, CA, USA, 35-45.

Hirose, Shunsuke, Yamanishi, Kenji, Nakata, Takayuki, & Fujimaki, Ryohei. (2009). Network anomaly detection based on Eigen equation compression. Sayfa 1185-1194. doi: 10.1145/1557019.1557147.

Sheyner O., Haines J., Javitz H., Stolfo S.,(2000) Intrusion Detection in Computer Networks Based on Statistical Analysis of Traffic Parameters. International Conference on Cyber Conflict. IEEE.

Last, M., Kandel, A., Bunke, H. (2004). Data Mining in Time Series Databases. World Scientific.

Chandola, V., Banerjee, A., & Kumar, V. (2009). Anomaly detection: a survey. ACM Computing Surveys, 15(3).

Liu, D., Lung, C.-H., Lambadańs, I., & Seddigh, N. (2013). Network traffic anomaly detection using clustering techniques and performance comparison. In Canadian Conference on Electrical and Computer Engineering (pp. 1-4).

Zhao, S., Chandrashekar, M., Lee, Y., & Medhi, D. (2015). Real-time network anomaly detection system using machine learning. In 2015 11th International Conference on the Design of Reliable Communication Networks, DRCN 2015 (pp. 267-270).

Thing, V. L. L. (2017). IEEE 802.11 Network Anomaly Detection and Attack Classification: A Deep Learning Approach. In 2017 IEEE Wireless Communications and Networking Conference (WCNC) (pp. 1-6). San Francisco, CA, USA: IEEE. https://doi.org/10.1109/WCNC.2017.7925567.

Kyaw, T., Oo, M. Z., & Khin, C. S., (2020), Machine-Learning Based DDOS Attack Classifier in Software Defined Network, 17th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON), 431-434, https://doi.org/10.1109/ECTI-CON49241.2020.9158230.

Zhang, J., Perdisci, R., Lee, W., Sarfraz, U., & Luo, X., (2011), Detecting stealthy P2P botnets using statistical traffic fingerprints, DSN, 121-132, https://doi.org/10.1109/DSN.2011.5958212.

Tan, Z., Jamdagni, A., He, X., Nanda, P., & Liu, R., (2011), Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis, International Journal of Recent Technology and Engineering (IJRTE), 756-765, https://doi.org/10.1145/2490428.2490450.

Limthong, K. (2015). A wavelet-based anomaly detection for outbound network traffic. (Doctor of Philosophy thesis). Department of Informatics, School of Multidisciplinary Sciences, The Graduate University for Advanced Studies (SOKENDAI).

Bloedorn, E., Christiansen, A., Hill, W., Skorupka, C., Talbot, L., & Tivel, J., (2002), Data Mining for Network Intrusion Detection: How to Get Started, InternationalConference on Data Mining, IEEE.

Lakshman, M., (2003), Detecting Network Intrusions via Sampling: A Game Theoretic Approach, Proceedings of the IEEE INFOCOM 2003 - The Conference on Computer Communications, Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies,1880.

Boughaci, D., Drias, H., Bendib, A., Bouznit, Y., & Benhamou, B., (2006), Distributed Intrusion Detection Framework based on Autonomous and Mobile Agents, 2006 International Conference on Dependability of Computer Systems, 248-255, doi: 10.1109/DEPCOS-RELCOMEX.2006.19.

Jain, R., & Abouzakhar, N., (2013), A Comparative Study of Hidden Markov Model and Support Vector Machine in Anomaly Intrusion Detection, Journal of Internet Technology and Secured Transaction, 2, 176-184, doi: 10.20533/jitst.2046.3723.2013.0023

Shyu, M.-L., Chen, S.-C., Sarinnapakorn, K., & Chang, L., (2003), A Novel Anomaly Detection Scheme Based on Principal Component Classifier, in conjunction with the Third IEEE International Conference on Data Mining (ICDM’03), IEEE Foundations and New Directions of Data Mining Workshop.

García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., & Vázquez, E., (2009), Anomaly-based network intrusion detection: Techniques, systems and challenges, Computers & Security, 28, 18-28, doi: 10.1016/j.cose.2008.08.003.

G. Poojitha, K. N. Kumar and P. J. Reddy, Intrusion Detection using Artificial Neural Network, 2010 Second International conference on Computing, Communication and Networking Technologies, Karur, India, 2010, pp. 1-7, doi: 10.1109/ICCCNT.2010.5592568.

Özalp, A. (2023). Siber Saldırıların Tespitinde Yapay Zekâ Tabanlı Algoritma Tasarımı. (Yayınlanmamış doktora tezi). Karabük Üniversitesi.

Downloads

Published

2024-10-13

How to Cite

ÖZGER, F., & ÖZTEKİN, H. (2024). Network Anomaly Detection Using a Hybrid Approach of Machine Learning Algorithms. International Journal of Advanced Natural Sciences and Engineering Researches, 7(10), 489–500. Retrieved from https://as-proceeding.com/index.php/ijanser/article/view/2128

Issue

Vol. 7 No. 10 (2023): IJANSER

Section

Articles