Machine Learning Approaches to Intrusion Detection System Using BO-TPE

DOI

10.2991/978-94-6463-094-7_9How to use a DOI?

Keywords

Intrusion Detection System; IDS; CICIDS-2017; Multi-class Imbalanced Classification; Hyperparameters optimization; Bayesian Optimization with Tree-structured Parzen Estimator; Machine Learning Approaches

Abstract

Intrusion detection system (IDS) has been intensively studied in the research community. The cyber threats that are evolving rapidly have caused a major challenge for IDS to achieve a reliable detection rate. Despite the application of various machine learning approaches to improve the efficiency of IDSs, present intrusion detection approaches still struggle to reach good performance. In this paper, the Canadian Institute for Cybersecurity on Intrusion Detection Systems 2017 (CICIDS-2017) dataset was selected. To solve the multi-class imbalanced classification problem, multiple imputation by chained equations (MICE) was implemented on the dataset to deal with missing data existing in the dataset. Recursive feature elimination (RFE) method with an estimator of decision tree classifier was also implemented to reduce the number of features through computation of feature importance. The training data was resampled using synthetic minority oversampling technique with combination of the edited nearest neighbor (SMOTE-ENN) to improve the detection of minority classes. Four machine learning approaches were implemented in this research which are K-nearest neighbor, random forest, XGBoost, and LightGBM were trained and tested. The hyperparameter importance of each of the models was also analyzed using Bayesian Optimization with Tree-structured Parzen Estimator (BO-TPE) to enable more experimentation on the tuning of the hyperparameters. All four machine learning approaches achieved at least 98% for all three performance metrics which are accuracy, Matthews correlation coefficient (MCC) and area under the receiver operating characteristic curve (AUROC).

Copyright

© 2022 The Author(s)

Open Access

Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International License (http://creativecommons.org/licenses/by-nc/4.0/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

Download article (PDF)

TY  - CONF
AU  - Yoon-Teck Bau
AU  - Tey Yee Yang Brandon
PY  - 2022
DA  - 2022/12/27
TI  - Machine Learning Approaches to Intrusion Detection System Using BO-TPE
BT  - Proceedings of the International Conference on Computer, Information Technology and Intelligent Computing (CITIC 2022)
PB  - Atlantis Press
SP  - 104
EP  - 119
SN  - 2589-4900
UR  - https://doi.org/10.2991/978-94-6463-094-7_9
DO  - 10.2991/978-94-6463-094-7_9
ID  - Bau2022
ER  -