Abstract
The development Intrusion Detection System (IDS) has a solid impact in mitigating against internal and external cyber threats among other cybersecurity methods. The machine learning-based method for IDS has proven to be an effective approach to detecting either anomaly or multiple classes of intrusion. For the detection of various types of intrusion by a single IDS model, it is discovered that the overall high accuracy of the IDS model does not translate to high accuracy for each attack type. Some intrusion attacks are seen to share similarities with other attacks thereby evading detection, one of which is the generic attack. The notoriety of the generic attack is the ability of a single generic attack to compromise a whole bunch of block-ciphers. Therefore, this study proposed a machine learning framework to specifically detect generic network intrusion by implementing two (2) decision tree algorithms. The decision tree methods were developed using two distinct variants namely the J48 and Random Tree algorithms. A balanced generic network dataset was curated and used for model development. A 10-fold cross-validation technique was implemented for model development and performance evaluation, where all obtainable performance scores were extracted and presented. The performances of the decision tree methods for generic network intrusion attack detection were comparative analysis and also evaluated against existing methods. The proposed methods of this study are robust, stable and empirically seen to have outperformed existing methods.
Highlights
The unprecedented surge of digital users over the years had led to the expansion of the world‟s cyberspace [1], [2]
The implemented method was able to achieve an accuracy of 97.51%, 96.69% True Positive (TP) rate, and 0.01% False Positive (FP) rate for the „Generic‟ attack as related to this study
This section reports the performance of the proposed machine learning (ML) decision trees methods in tables and charts
Summary
The unprecedented surge of digital users over the years had led to the expansion of the world‟s cyberspace [1], [2]. Technological advancements had seen the enablement and rapid growth of various digital services offered to individuals and entities across the world [3]. Cyberspace consists of billions of connected devices and users whose security is pivotal to the existence of the modern world [4], [5]. Cybersecurity emerges as the field that ensures the security of cyberspace. Cybersecurity ensures data, information, and devices confidentiality, availability, and integrity against cyberspace attackers through sets of systems, technologies, and processes [6]. That means cybersecurity is responsible for providing countermeasures for removing and or ameliorating security threats and breaches (internal or external intrusion attacks) [7]
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: International Journal of Advanced Computer Science and Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.