Abstract
Detecting abnormal traffic in real life often requires analyzing massive data (high-dimensional data) and unbalanced data. Aiming at the above problems, an intrusion detection model (SMBR-XGBDT) based on the combination of SMOTE algorithm and Boruta algorithm with Extreme Gradient Boosting (XGBoost) algorithm is proposed. The experiment selected 14367 extremely unbalanced samples based on the CIRA-CIC-DoHBrw-2020 data set, and detected 4 categories: DOH, Non-DoH, Benign-DoH, Malicious-DoH, using decision tree algorithm, random forest Algorithm, XGBoost algorithm as a control. The experimental results show that the SMBR-XGBDT model is significantly better than the other three models. The precision, recall, and F1 scores of the overall test were 93%, 93 %, and 93 %, respectively, which verified the effectiveness of the method. The precision rates of DOH, Non-DoH, Benign-DoH, Malicious-DoH were 88%, 100%, 98%, and 87%, respectively, which verified the feasibility of the method to deal with unbalanced data.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
