Abstract
Due to the imbalanced training samples, anomaly-based intrusion detection system (IDS) has to face many problems such as a low detection accuracy, a high false alarm rate and insufficient application value, especially in multi-classification tasks. A variety of methods are proposed in this paper to improve the effect of IDS based on machine learning. Synthetic minority over-sampling technique (SMOTE) was used to alleviate the problems caused by sample imbalance and improve the model effect, through which new samples are generated by interpolation between K-nearest neighbor and minority. A combination method was used to improve the model effect and achieve the multi-classification of intrusion traffic in this paper. The experimental results show that the performance of IDS has improved in several metrics, which is 93.2% in Macro Average Precision, 98.9% in Macro Average Recall, 95.5% in Macro Average F1Score, and 99.4% in Macro Average AUC. CIC-IDS2017 public dataset provided by the Canadian Institute for Cybersecurity was used in this research. Code is available at: https://github.com/CSFanLi/IDS/tree/main/EnsembleLearning
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
