Abstract

The adoption of new technologies and the increasing amount of connected devices have drawn the attention of cyber-attackers, whose intentions are oriented to disturb computational services or even steal critical information. This poses new challenges in the design of Intrusion Detection Systems (IDS), which are in charge of detecting threats. When dealing with unknown cyber-attacks, anomaly-based IDS (AIDS) have drawn the attention of the research community, since they could detect, for instance, zero-day attacks. A recurrent critical aspect in the design of these systems is the training procedures. In the context of attack detection, training involves difficulties due to the imbalanced nature (one class much more represented than the other) of the associated data sets. Hence, approaches to address the class imbalance are always relevant. In this work, we present the evaluation of different machine learning (ML) algorithms, known as one-class classifiers, that hold the potential to be implemented over an AIDS. For this task, we used the UNSW-NB15, comparing their performance using pertinent metrics that are normally used to assess an attack detection algorithm.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call