Empowering Cybersecurity: An Adaptive Approach with Hybrid Machine Learning for Anomaly Detection
Keywords:
Intrusion detection, Malicious activity, Anomalies, Machine Learning, Cyber security, Deep Learning, Network security.Abstract
The fast development in the use of computer networks raises concerns about network availability, integrity, and confidentiality. This requires network managers to use various types of intrusion detection systems (IDS) to monitor network traffic for unauthorized and malicious activity. In this research, a hybrid machine learning-based framework is introduced for anomaly detection in the system. The suggested hybrid machine learning model, consisting of C4.5, a convolutional neural network (CNN), and a random forest (RF), was applied to the Bot-IoT dataset. The proposed hybrid intrusion detection framework achieved 99.8% accuracy, 96.4% precision, 100% recall, and an F1 score of 98.1% in the classification of malicious activities. This research suggests a more reliable and comprehensive approach to managing the ever-changing landscape of cyber threats by demonstrating the exceptional performance of the proposed framework.
Downloads
References
Anderson JP. Computer Security Threat Monitoring and Surveillance. Fort Washington, PA: James P Anderson Co; 1980.
Debar H, Dacier M, Wespi A. Towards a taxonomy of intrusion-detection systems. Computer Network. 1999;31(8):805-822. https://doi.org/10. 1016/S1389-1286(98)00017-6.
Hoque MS, Mukit M, Bikas M, Naser A, An implementation of intrusion detection system using genetic algorithm; 2012. arXiv preprint arXiv:1204.1336.
Ahmad, Zeeshan, Adnan Shahid Khan, Cheah Wai Shiang, Johari Abdullah, and Farhan Ahmad. "Network intrusion detection system: A systematic study of machine learning and deep learning approaches." Transactions on Emerging Telecommunications Technologies 32, no. 1 (2021): e4150.
K. Liu, S. Xu, G. Xu, M. Zhang, D. Sun et al. (2020). , "A review of android malware detection approaches based on machine learning," IEEE Access, vol. 8, pp. 124579–124607.
M. A. Khan and J. Kim. (2020). "Toward developing efficient Conv-AE-based intrusion detection system using the heterogeneous dataset," Electronics, vol. 9, no. 11, pp. 1–17.
Khan, Muhammad Ashfaq, and Yangwoo Kim. "Deep Learning-Based Hybrid Intelligent Intrusion Detection System." Computers, Materials & Continua 68, no. 1 (2021).
Bace, Rebecca Gurley, and Peter Mell. "Intrusion detection systems." (2001).
Khraisat, Ansam, Iqbal Gondal, Peter Vamplew, and Joarder Kamruzzaman. "Survey of intrusion detection systems: techniques, datasets and challenges." Cybersecurity 2, no. 1 (2019): 1-22.
Anwar, Shahid, Jasni Mohamad Zain, Mohamad Fadli Zolkipli, Zakira Inayat, Suleman Khan, Bokolo Anthony, and Victor Chang. "From intrusion detection to an intrusion response system: fundamentals, requirements, and future directions." Algorithms 10, no. 2 (2017): 39.
Samrin, Rafath, and D. Vasumathi. "Review on anomaly based network intrusion detection system." In 2017 international conference on electrical, electronics, communication, computer, and optimization techniques (ICEECCOT), pp. 141-147. IEEE, 2017.
Subba, Basant, Santosh Biswas, and Sushanta Karmakar. "Enhancing performance of anomaly-based intrusion detection systems through dimensionality reduction using principal component analysis." In 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), pp. 1-6. IEEE, 2016.
Jyothsna, V. V. R. P. V., Rama Prasad, and K. Munivara Prasad. "A review of anomaly-based intrusion detection systems." International Journal of Computer Applications 28, no. 7 (2011): 26-35.
Vigna, Giovanni, and Richard A. Kemmerer. "NetSTAT: A network-based intrusion detection approach." In Proceedings 14th Annual Computer Security Applications Conference (Cat. No. 98EX217), pp. 25-34. IEEE, 1998.
Singh, Amrit Pal, and Manik Deep Singh. "Analysis of host-based and network-based intrusion detection system." International Journal of Computer Network and Information Security 6, no. 8 (2014): 41-47.
https://www.sciencedirect.com/topics/computer-science/network-based-intrusion-detection-system
Gangwar, A., and S. Sahu. "A survey on anomaly and signature based intrusion detection system (IDS)." International Journal of Engineering Research and Applications 4, no. 4 (2014).
Liu, Ming, Zhi Xue, Xianghua Xu, Changmin Zhong, and Jinjun Chen. "Host-based intrusion detection system with system calls: Review and future trends." ACM Computing Surveys (CSUR) 51, no. 5 (2018): 1-36.
https://www.liquidweb.com/blog/host-based-intrusion-detection-system/
Syed Shariyar Murtaza, Wael Khreich, Abdelwahab Hamou-Lhadj, and Stephane Gagnon. 2015. A trace abstraction approach for host-based anomaly detection. In 2015 IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA’15). IEEE, 1–8.
Padmaja, B., K. Sai Sravan, E. Krishna Rao Patro, and G. Chandra Sekhar. "A System to automate the development of anomaly-based network intrusion detection model." In Journal of Physics: Conference Series, vol. 2089, no. 1, p. 012006. IOP Publishing, 2021.
Kumar, Vinod, and Om Prakash Sangwan. "Signature based intrusion detection system using SNORT." International Journal of Computer Applications & Information Technology 1, no. 3 (2012): 35-41.
Jadhav, Kishor P., Tripti Arjariya, and Mohit Gangwar. "Hybrid-Ids: An Approach for Intrusion Detection System with Hybrid Feature Extraction Technique Using Supervised Machine Learning." International Journal of Intelligent Systems and Applications in Engineering 11, no. 5s (2023): 591-597
Abbas, Qaiser, Sadaf Hina, Hamza Sajjad, Khurram Shabih Zaidi, and Rehan Akbar. "Optimization of predictive performance of intrusion detection system using hybrid ensemble model for secure systems." PeerJ Computer Science 9 (2023): e1552.
Talukder, Md Alamin, Khondokar Fida Hasan, Md Manowarul Islam, Md Ashraf Uddin, Arnisha Akhter, Mohammand Abu Yousuf, Fares Alharbi, and Mohammad Ali Moni. "A dependable hybrid machine learning model for network intrusion detection." Journal of Information Security and Applications 72 (2023): 103405.
SARALADEVE, L., and A. CHANDRASEKAR. "A NOVEL HYBRID INTRUSION DETECTION MODEL FOR INTERNET OF THINGS USING MACHINE LEARNING." Journal of Theoretical and Applied Information Technology 101, no. 14 (2023).
Balyan, Amit Kumar, Sachin Ahuja, Umesh Kumar Lilhore, Sanjeev Kumar Sharma, Poongodi Manoharan, Abeer D. Algarni, Hela Elmannai, and Kaamran Raahemifar. "A hybrid intrusion detection model using ega-pso and improved random forest method." Sensors 22, no. 16 (2022): 5986.
Saba, Tanzila, Amjad Rehman, Tariq Sadad, Hoshang Kolivand, and Saeed Ali Bahaj. "Anomaly-based intrusion detection system for IoT networks through deep learning model." Computers and Electrical Engineering 99 (2022): 107810.
Megantara, Achmad Akbar, and Tohari Ahmad. "A hybrid machine learning method for increasing the performance of network intrusion detection systems." Journal of Big Data 8, no. 1 (2021): 1-19
Özer, Erman, Murat İskefiyeli, and Jahongir Azimjonov. "Toward lightweight intrusion detection systems using the optimal and efficient feature pairs of the Bot-IoT 2018 dataset." International Journal of Distributed Sensor Networks 17, no. 10 (2021): 15501477211052202.
Khonde, S. R., and V. Ulagamuthalvi. "Hybrid framework for intrusion detection system using ensemble approach." International Journal of Advanced Trends in Computer Science and Engineering 9, no. 4 (2020).
NG, Bhuvaneswari Amma, and S. Selvakumar. "Anomaly detection framework for Internet of things traffic using vector convolutional deep learning approach in fog environment." Future Generation Computer Systems 113 (2020): 255-265.
Ren, Jiadong, Jiawei Guo, Wang Qian, Huang Yuan, Xiaobing Hao, and Hu Jingjing. "Building an effective intrusion detection system by using hybrid data optimization based on machine learning algorithms." Security and communication networks 2019 (2019).
Çavuşoğlu, Ünal. "A new hybrid approach for intrusion detection using machine learning methods." Applied Intelligence 49 (2019): 2735-2761.
Foroushani, Zohreh Abtahi, and Yue Li. "Intrusion detection system by using hybrid algorithm of data mining technique." In proceedings of the 2018 7th international conference on software and computer applications, pp. 119-123. 2018.
Qazi, Emad Ul Haq, Muhammad Hamza Faheem, and Tanveer Zia. "HDLNIDS: Hybrid Deep-Learning-Based Network Intrusion Detection System." Applied Sciences 13, no. 8 (2023): 4921.
Aldallal, Ammar. "Toward efficient intrusion detection system using hybrid deep learning approach." Symmetry 14, no. 9 (2022): 1916.
Gamal, Merna, Hala Abbas, and Rowayda Sadek. "Hybrid approach for improving intrusion detection based on deep learning and machine learning techniques." In Proceedings of the International Conference on Artificial Intelligence and Computer Vision (AICV2020), pp. 225-236. Springer International Publishing, 2020
Naseer, Sheraz, and Yasir Saleem. "Enhanced network intrusion detection using deep convolutional neural networks." KSII Transactions on Internet and Information Systems (TIIS) 12, no. 10 (2018): 5159-5178.
Dias, Leonardo P., Jés de Jesus Fiais Cerqueira, Karcius DR Assis, and Raul C. Almeida. "Using artificial neural network in intrusion detection systems to computer networks." In 2017 9th Computer Science and Electronic Engineering (CEEC), pp. 145-150. IEEE, 2017.
Samdekar, Ramanand, S. M. Ghosh, and Konda Srinivas. "Efficiency enhancement of intrusion detection in iot based on machine learning through bioinspire." In 2021 Third International Conference on Intelligent Communication Technologies and Virtual Mobile Networks (ICICV), pp. 383-387. IEEE, 2021.
Khraisat, Ansam, Iqbal Gondal, Peter Vamplew, Joarder Kamruzzaman, and Ammar Alazab. "A novel ensemble of hybrid intrusion detection system for detecting internet of things attacks." Electronics 8, no. 11 (2019): 1210.
Pevny, T., M. Rehák, and M. Grill. Detecting anomalous network hosts by means of pca. in Information Forensics and Security (WIFS), 2012 IEEE International Workshop on. 2012. IEEE.
Li, W., et al., Recursive PCA for adaptive process monitoring. Journal of process control, 2000. 10(5): p. 471-486.
Chen, Zheng, Xinli Yu, Chi Zhang, Jin Zhang, Cui Lin, Bo Song, Jianliang Gao, Xiaohua Hu, Wei-Shih Yang, and Erjia Yan. "Fast botnet detection from streaming logs using online lanczos method." In 2017 IEEE International Conference on Big Data (Big Data), pp. 1408-1417. IEEE, 2017.
Hussain, F.; Hussain, R.; Hassan, S.A.; Hossain, E. Machine learning in IoT security: Current solutions and future challenges. IEEE Commun. Surv. Tutor. 2020, 22, 1686–1721.
Alkadi, Sarah, Saad Al-Ahmadi, and Mohamed Maher Ben Ismail. "Toward Improved Machine Learning-Based Intrusion Detection for Internet of Things Traffic." Computers 12, no. 8 (2023): 148.
Alabsi, Basim Ahmad, Mohammed Anbar, and Shaza Dawood Ahmed Rihan. "CNN-CNN: Dual Convolutional Neural Network Approach for Feature Selection and Attack Detection on Internet of Things Networks." Sensors 23, no. 14 (2023): 6507.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
