Cyber Attack Detection in A Global Network Using Machine Learning Approach

  • Nureni A. Azeez University of Lagos, Lagos, Nigeria
  • Taiwo O. Odeyemi
  • Chioma C. Isiekwene
  • Ademola P. Abidoye

Abstract

In this digital age, inter-device communication is key to seamless and smooth handshaking. Communication can range from Internet of Things communication (IoT), autonomous vehicles, mobile communication and a plethora of other uses. These communications need to be protected against attacks. Unfortunately, with the widespread use of the internet, cyberattacks have become rampant. This research introduces the use of seven (7) machine- learning models alongside four different ensemble methods to compare the effectiveness of different Machine learning algorithms and ensemble models for intrusion detection. The network traffic was categorized as The Onion Router (TOR or non-TOR) traffic and further categorized if the network traffic data was Benign or Bot/Infiltration traffic data. This was achieved using: – Naïve Bayes, Decision Tree, K-Nearest Neighbor, Logistic Regression, Neural Network, Quadratic Discriminant Analysis, and Support Vector Machine. The ensemble models used are Adaboost, Gradient Boosting, Random Forest, and Max Voting. The "CIC IDS 2017", ("CSE-CIC-IDS2018"), "01-03-2018" and "02-03-2018" datasets were used. For dataset 1, among the regular machine learning models, Decision Trees had the highest values. Accuracy was 97.46% and precision was 89.88%. The highest ensemble performer was the Random Forest ensemble, which had an accuracy of 98.28% and a precision score of 93.20%. For dataset 2, Decision Trees also had the highest accuracy score of 99.86% and a precision score of 99.66%. The highest ensemble performer was the Random Forest ensemble which had an accuracy score of 99.89% and a precision score of 99.70%. For dataset 3, amongst the regular machine learning models, Neural Network had the highest accuracy score of 78.68% and a precision value of 72.92% while the highest ensemble performer was Gradient Boosting with an accuracy of 79.16% and a precision score of 81.25%. 

References

REFERENCES

Abirami, A. and Palanikumar,S (2023) "BBBC-DDRL: A hybrid big-bang big-crunch optimization and deliberated deep reinforced learning mechanisms for cyber-attack detection". Computers and Electrical Engineering, Volume 109, Part B, 2023, 108773, ISSN 0045-7906. pp. 1-16.

Arif Yulianto, P. S. (2019). Improving AdaBoost-based Intrusion Detection System (IDS) Performance on CIC IDS 2017 Dataset. The 2nd International Conference on Data and Information Science.

Choi, J. K. (2008). A study on the detection of network reconnaissance attacks. Proceedings of the 5th International Conference on Security and Cryptography.

Bagaa, M., Taleb, T., Bernabe, J., & Skarmeta, A. (2020). A Machine Learning Security Framework for Iot Systems. IEEE Access , 114066–114077.

Chandrasekar, K. , Cleary, G. , Cox, O. , Lau, H. , Nahorney, B. , Gorman, B.O. , O’Brien, D. , Wallace, S. , Wood, P. , Wueest, C. (2017). Internet Security Threat Report. Technical Report, Symatec Corporation.

Chao, S. W. (2015). CANN: an intrusion detection system based on combining cluster centers and nearest neighbors. Knowl-Based Syst, vol. 78, 13-21.

Chatterjee, S. and Hanawal, M.K. (2021). Federated Learning for Intrusion Detection in IoT Security: A Hybrid Ensemble Approach. arXiv:2106.15349.

Chen, Q. L. (2020). A deep learning based intrusion detection system for R2L attacks in wireless networks. EEE Access, 8, 146812-146820.

Cisco. (2023, February 16). Intrusion Prevention Systems: Best Practices. Retrieved from https://www.cisco.com/c/en/us/solutions/enterprise-networks/intrusion-prevention-best-practices.html

Cleary, G. ,.-P. (2018). Internet Security Threat Report. Technical Report, Symantec Corporation.

Dagon, D. (2006). Network intrusion detection. Handbook of Information Security.

F5 Networks. (2020). F5 Essential App Protect. Retrieved from F5 Essential App Protect: https://www.f5.com/products/f5-essential-app-protect

Gangwar, A. (2014). A survey on anomaly and signature based intrusion detection system. Journal of Engineering Research and Applications, 67-72.

Gibert, D. M. (2018). Using convolutional neural networks for classification of malware represented as images. J. Comput. Virol. Hacking Tech. doi: 10.1007/s11416- 018- 0323- 0.

Giriraj Vyas, S. M. (2014). Intrusion Detection Systems: A Modern Investigation. International Journal of Engineering, Management & Sciences (IJEMS).

Golchha R.,Joshi A. Gupta, G.P (2023) " Voting-based Ensemble Learning approach for Cyber Attacks Detection in Industrial Internet of Things". Procedia Computer Science, Volume 218, Pages 1752-1759, ISSN 1877-0509.

Goli Sushma, G. S. (2022). INTRUSION DETECTION SYSTEM USING MACHINE LEARNING TECHNIQUES. International Journal of Engineering Technology Research & Management.

Hamid, I. R. (2013). Using feature selection and classification scheme for automating phishing email detection. Studies in Informatics and Control 22, 61-70.

Hany Mohamed, H. H. (May 2018). Intrusion Detection System Using Machine Learning Approaches. Egyptian Computer Science Journal Vol. 42 No.3.

Hubballi. N., and Suryanarayanan. V (Aug 2014). False alarm minimization techniques in signature-based intrusion detection systems: A survey. Comput. Commun, Vol. 49, 1A17.

Iqbal H. Sarker, A. S. (2020). Cybersecurity data science: an overview from machine learning perspective. Journal of Big Data.

Jayesh Zala, A. P. (2020). Intrusion Detection System using Machine Learning. International Journal of Scientific Research in Computer Science, Engineering and Information Technology.

Khan, R. Z. (2018). Analysis of ResNet and GoogleNet mod- els for malware detection. J. Comput. Virol. Hacking Tech. doi: 10.1007/ s11416- 018- 0324- z.

Khawaja, F., and Ali, N. (2021). R2L Attack Prevention Mechanism based on Least Privilege. Procedia Computer Science, 180, 206-213.

Khraisat A, Gondal I, Vamplew P. (2018). An anomaly intrusion detection system using C5 decision tree classifier. Trends and applications in knowledge discovery and data mining, 149-155.

Liu, S. C. (2022). A deep learning-based framework for detecting and mitigating DoS attacks. IEEE Transactions on Network and Service Management, 19(1), 562-576.

Mohammadpour, L., Hussain, M., Aryanfar, A., Maleki R., and Sattar. F (2015). Evaluating Performance of Intrusion Detection System using Support Vector Machines: Review. International Journal of Security and Its Applications, pp.225-234. Mukherjee, D. (2023). "Detection of data-driven blind cyber-attacks on smart grid: A deep learning approach". Sustainable Cities and Society, Volume 92, 2023, 104475, ISSN 2210-6707. pp. 1-18.

Azeez, N.A and Odejinmi, S.O. (2023) “A Cyberstalking-Free Global Network with Artificial Intelligence Approach. Int. J. Information and Computer Security, Vol. 21, Nos. 1/2, 2023.

Azeez, N.A; Victor, O.E. and Sanjay, M. (2022) "Extracted Rule-Based Technique for Anomaly Detection in A Global Network" Int. J. Electronic Security and Digital Forensics, Vol. 14, No. 6, 2022

Azeez, N.A; Oladele, S.S; and Ologe, O. (2022). "Identification of Pharming in Communication Networks using Ensemble Learning" Nigerian Journal of Technological Development (UNILORIN), VOL. 19, NO.2.pp. 172-180.

Azeez, N.A; Ihotu A.M, Sanjay, M. (2021) “Adopting Automated White-List Approach for detecting Phishing Attacks" Elsevier Journal of Computers & Security 108 (2021) 102328, pp. 1-18.

Azeez, N.A; Idiakose, S.O; Onyema, C.J and Vyver, C.V (2021) "Cyberbullying Detection in Social Networks: Artificial Intelligence Approach" Journal of Cyber Security and Mobility, Vol. 10 4, 1–30. doi: 10.13052/jcsm2245-1439.1046

Azeez, N.A.; Odufuwa, O.E.; Misra, S.; Oluranti, J.;Damaševičius, R.(2021) Windows PE Malware Detection Using Ensemble Learning. Informatics 2021, 8, 10. https://doi.org/10.3390/informatics8010010

Okta. (2016). Retrieved from Okta: https://www.okta.com/identity-101/intrusion-prevention-system/

P.Akshaya. (2016). Intrusion Detection System Using Machine Learning Approach. International Journal Of Engineering And Computer Science, 18249-18254.

Paliwal, S. and Gupta, R. (2012). Denial-of-Service, Probing & Remote to User (R2L) Attack Detection using Genetic Algorithm. Int. J. Comput. Appl, 57–62.

Ployphan Sornsuwit & Saichon Jaiyen. (2019). A New Hybrid Machine Learning for Cybersecurity Threat Detection Based on Adaptive Boosting. Applied Artificial Intelligence, 33:5, 462-482.

Rendón-Segador, F.J., Álvarez-García, J.A., Angel Jesús Varela-Vaca, A.J. (2023). "Paying attention to cyber-attacks: A multi-layer perceptron with self-attention mechanism". Computers & Security, Volume 132, 2023, 103318, ISSN 0167-4048. pp. 1-13.

Shone, N. Ngoc, T.N Phai, V.D and Shi. Q (Feb 2018). A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Topics Comput. Intell., vol. 2, no. 1, pp 41-50.

Sahingoz, O. Can and O. K. (2015). A survey of intrusion detection systems in wireless. 2015 6th international conference on modeling, simulation and applied optimization (ICMSAO), 1-6.

SANS Institute. (2023, February 16). Retrieved from Intrusion Prevention Systems: https://www.sans.org/white-papers/1065/

Vinayakumar, R., Alazab, M;. Soman, K;. Poornachandran, P;. Al-Nemrat, K and Venkatraman. S. (2019). Deep learning approach for intelligent intrusion. IEEE Access, vol. 7, 41525 - 41550.

Wagner, E. C. (2002). Code-Red: a case study on the spread and victims of an Internet worm. Proceedings of the 2nd ACM SIGCOMM Internet Measurement Workshop.

Warraich, Z.S. Morsi, W.G. (2023), "Early detection of cyber–physical attacks on fast charging stations using machine learning considering vehicle-to-grid operation in microgrids". Sustainable Energy, Grids and Networks 34 (2023) 101027. pp. 1-13.

Zhang, Y., Li, P., & Wang, X. (2019). Intrusion Detection for IoT Based on Improved Genetic Algorithm and Deep Belief Network. IEEE Access , 31711–31722.

Zhang, Z. (2019). Boosting Algorithms Explained, Theory, Implementation, and Visualization. Towards Data Science.

Published
2023-12-31