Abstract
Intrusion detection systems (IDSs) are an important security mechanism to protect computing resources under various environments. To detect malicious unknown events, machine learning is often used to support anomaly-based detection. However, such kind of detection often requires high quality data to ensure accuracy, which may face several issues like imbalanced data and ineffective features. In this work, we aim to evaluate a combined approach of both imbalance correction and feature selection, and explore how much it can mitigate the issues. As a study, we generate several feature-selected and imbalance-corrected datasets based on NSL-KDD data and conduct experiments on Random Forests, Neural Networks and Gradient-Boosting Machines. The results indicate that the combined approach can significantly improve the detection performance on the refined data as compared to being trained on the original data, by 10% in overall accuracy and 24% in overall F1-score.
| Original language | English |
|---|---|
| Title of host publication | Network and System Security |
| Publisher | Springer |
| Publication date | 2020 |
| Pages | 277-291 |
| ISBN (Print) | 978-3-030-65744-4 |
| DOIs | |
| Publication status | Published - 2020 |
| Event | 14th International Conference on Network and System Security - Virtual event, Melbourne, Australia Duration: 25 Nov 2020 → 27 Nov 2020 http://nsclab.org/nss2020/ |
Conference
| Conference | 14th International Conference on Network and System Security |
|---|---|
| Location | Virtual event |
| Country/Territory | Australia |
| City | Melbourne |
| Period | 25/11/2020 → 27/11/2020 |
| Internet address |
| Series | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 12570 |
| ISSN | 0302-9743 |
Keywords
- Intrusion detection
- Feature selection
- Imbalanced data
- Machine learning
- Anomaly detection