Abstract
The intrusion detection system is designed to discover the abnormal behavior of the network system, but it has the problems of low detection accuracy, inability to perform fine detection, and huge time cost. Therefore, it is necessary to design a fast and accurate intrusion detection system. Therefore, this paper proposes a multigranularity feature generation + XGBOOST method to improve the intrusion detection system. First, we propose a multigranularity feature generation algorithm, which converts all features into discrete features with different numbers of categories. Different numbers of categories represent different granularities. We believe that the combination of multiple different granular features can achieve better accurate attack detection. Then, we use the proposed method to perform experimental verification on the four datasets of KDD99, NSL-KDD, UNSW_NB15, and CSE-CIC-IDS2018. For the KDD99 dataset, detection rates of 100%, 100%, and 99.43% can be achieved in the two-category, five-category, and multicategory tasks, respectively; for the NSL-KDD dataset, detection rates of 100%, 100%, and 90.84% can be achieved in the two-category, five-category, and multicategory tasks, respectively; for the UNSW_NB15 dataset, 100% detection rate can be achieved in the second and tenth categories; for the CSE-CIC-IDS2018 dataset, 100% detection rate can be achieved in the third classification. Experiments show that the proposed algorithm can achieve accurate and precise detection. Finally, we experiment with the multigranularity feature generation algorithm on multiple classifiers and multiple datasets to prove the generalization ability of the proposed feature generation algorithm and compare the proposed algorithm with the CFS algorithm to prove the efficiency of the algorithm.
Highlights
With the development of the Internet, the number of netizens is gradually increasing, which will lead to a larger and more complex network, which puts forward higher requirements for the transmission rate and security of the Internet
IDS is roughly divided into two types, anomaly detection system and misuse detection system, according to its detection method. erefore, the development of an intrusion detection system can effectively prevent attacks and intrusions
Vinayakumar R. et al evaluated the effectiveness of different depths of the network for intrusion detection [23]. ey first discussed the performance of deep belief networks and multilayer perceptrons of different scales in the two classifications of KDD99 and NSL-KDD datasets and compared them with LR, NB, KNN, DT, AB, RF, and SVM. e results show that the AUC value of DBN on KDD99 reaches 0.9997 and the AUC value on the NSL-KDD dataset reaches 0.9991, which are better than those based on traditional machine learning algorithms. en they conducted a five-classification experiment, and the results showed that their method had a detection accuracy of less than 92% for the NSL-KDD and KDD99 datasets, and it could hardly detect PROBE, U2R, and R2L
Summary
With the development of the Internet, the number of netizens is gradually increasing, which will lead to a larger and more complex network, which puts forward higher requirements for the transmission rate and security of the Internet. Various systems have been designed in the past to identify and prevent Internet-based attacks. E most important system is the intrusion detection system (IDS), which can effectively resist external attacks. IDS can detect different types of attacks in network communications, but traditional firewalls cannot resist these attacks well. E intrusion detection system is based on the assumption that the behavior of the intruder is different from that of the legitimate user to identify and prevent the attack. Erefore, the development of an intrusion detection system can effectively prevent attacks and intrusions. IDS is roughly divided into two types, anomaly detection system and misuse detection system, according to its detection method. erefore, the development of an intrusion detection system can effectively prevent attacks and intrusions.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
