4/2023 - 9 |
A Robust Network Intrusion Detection System Using Random Forest Based Random Subspace Ensemble to Defend Against Adversarial AttacksNATHANIEL, D. , SOOSAI, A. |
View the paper record and citations in |
Click to see author's profile in SCOPUS, IEEE Xplore, Web of Science |
Download PDF (1,073 KB) | Citation | Downloads: 664 | Views: 710 |
Author keywords
computer networks, computer security, machine learning, firewalls, intrusion detection
References keywords
intrusion(19), detection(19), learning(15), systems(11), machine(11), network(10), adversarial(10), security(8), attacks(6), system(5)
Blue keywords are present in both the references section and the paper title.
About this article
Date of Publication: 2023-11-30
Volume 23, Issue 4, Year 2023, On page(s): 81 - 88
ISSN: 1582-7445, e-ISSN: 1844-7600
Digital Object Identifier: 10.4316/AECE.2023.04009
Web of Science Accession Number: 001147490000004
SCOPUS ID: 85184477312
Abstract
In recent years, machine learning (ML) has had a significant influence on the discipline of computer security. In network security, intrusion detection systems increasingly employ machine learning techniques. Approaches based on machine learning have substantially improved the efficacy of intrusion detection. Adaptive adversaries who comprehend the underlying principles of ML techniques can initiate attacks against the classification engine of an intrusion detection system. Malicious actors exploit machine learning model vulnerabilities. Network security, specifically intrusion detection systems, requires the development of defensive strategies to combat this threat. The RF-RSE (Random Forest based Random Subspace Ensemble) and RF-RSE-AT (RF-RSE-Adversarial Training) methods are proposed as network intrusion detection systems to defend against adversarial attacks. The methodologies proposed are evaluated using the NSL-KDD dataset. The RF-RSE method demonstrates remarkable resistance to adversary attacks. The RF-RSE-AT method performs exceptionally well in correctly identifying network traffic classes when presented with adversarial attacks, and it maintains its accuracy even when no attack is present. |
References | | | Cited By «-- Click to see who has cited this paper |
[1] H.-J. Liao, C.-H. Richard Lin, Y.-C. Lin, and K.-Y. Tung, "Intrusion detection system: a comprehensive review," Journal of Network and Computer Applications, vol. 36, no. 1, pp. 16-24, Jan. 2013, [CrossRef] [Web of Science Times Cited 752] [SCOPUS Times Cited 1126] [2] P. Garcia-Teodoro, J. Diaz-Verdejo, G. Macia-Fernandez, and E. Vazquez, "Anomaly-based network intrusion detection: techniques, systems and challenges," Computers & Security, vol. 28, no. 1-2, pp. 18-28, Feb. 2009, [CrossRef] [Web of Science Times Cited 985] [SCOPUS Times Cited 1369] [3] J. McHugh, "Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by lincoln laboratory," ACM Trans. Inf. Syst. Secur., vol. 3, no. 4, pp. 262-294, Nov. 2000, [CrossRef] [SCOPUS Times Cited 1021] [4] A. L. Buczak and E. Guven, "A survey of data mining and machine learning methods for cyber security intrusion detection," IEEE Commun. Surv. Tutorials, vol. 18, no. 2, pp. 1153-1176, 2016, [CrossRef] [Web of Science Times Cited 1385] [SCOPUS Times Cited 2019] [5] I. J. Goodfellow, J. Shlens, and C. Szegedy, "Explaining and harnessing adversarial examples," in 3rd Int. Conf. on Learning Representations (ICLR), 2015, [CrossRef] [6] R. M. Elbasiony, E. A. Sallam, T. E. Eltobely, and M. M. Fahmy, "A hybrid network intrusion detection framework based on random forests and weighted k-means," Ain Shams Engineering Journal, vol. 4, no. 4, pp. 753-762, Dec. 2013, [CrossRef] [Web of Science Times Cited 90] [SCOPUS Times Cited 131] [7] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, "A detailed analysis of the kdd cup 99 data set," in 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, ON, Canada: IEEE, Jul. 2009, pp. 1-6. [CrossRef] [SCOPUS Times Cited 3462] [8] A. Abusitta, M. Bellaiche, M. Dagenais, and T. Halabi, "A deep learning approach for proactive multi-cloud cooperative intrusion detection system," Future Generation Computer Systems, vol. 98, pp. 308-318, Sep. 2019, [CrossRef] [Web of Science Times Cited 64] [SCOPUS Times Cited 98] [9] Y. K. Ever, B. Sekeroglu, and K. Dimililer, "Classification analysis of intrusion detection on nsl-kdd using machine learning algorithms," in Mobile Web and Intelligent Information Systems, I. Awan, M. Younas, P. Unal, and M. Aleksy, Eds., in Lecture Notes in Computer Science, vol. 11673. Cham: Springer International Publishing, 2019, pp. 111-122. [CrossRef] [SCOPUS Times Cited 24] [10] M. Begli, F. Derakhshan, and H. Karimipour, "A layered intrusion detection system for critical infrastructure using machine learning," in 2019 IEEE 7th Int. Conf. on Smart Energy Grid Engineering (SEGE), Oshawa, ON, Canada: IEEE, Aug. 2019, pp. 120-124. [CrossRef] [SCOPUS Times Cited 71] [11] R. Abdulhammed, M. Faezipour, A. Abuzneid, and A. AbuMallouh, "Deep and machine learning approaches for anomaly-based intrusion detection of imbalanced network traffic," IEEE Sens. Lett., vol. 3, no. 1, pp. 1-4, Jan. 2019, [CrossRef] [Web of Science Times Cited 106] [SCOPUS Times Cited 137] [12] M. Injadat, A. Moubayed, A. B. Nassif, and A. Shami, "Multi-stage optimized machine learning framework for network intrusion detection," IEEE Trans. Netw. Serv. Manage., vol. 18, no. 2, pp. 1803-1816, Jun. 2021, [CrossRef] [Web of Science Times Cited 114] [SCOPUS Times Cited 140] [13] I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, "Toward generating a new intrusion detection dataset and intrusion traffic characterization," in Proceedings of the 4th Int. Conf. on Information Systems Security and Privacy - ICISSP, SciTePress, 2018, pp. 108-116. [CrossRef] [Web of Science Times Cited 1760] [SCOPUS Times Cited 2644] [14] N. Moustafa and J. Slay, "UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)," in 2015 Military Communications and Information Systems Conf. (MilCIS), 2015, pp. 1-6. [CrossRef] [SCOPUS Times Cited 2300] [15] N. V. Chawla, K. W. Bowyer, L. O. Hall, and W. P. Kegelmeyer, "SMOTE: synthetic minority over-sampling technique," J. Artif. Int. Res., vol. 16, no. 1, pp. 321-357, Jun. 2002, [CrossRef] [Web of Science Times Cited 15943] [SCOPUS Times Cited 20317] [16] S.-J. Horng, M.-Y. Su, Y.-H. Chen, T.-W. Kao, R.-J. Chen, J.-L. Lai, and C. D. Perkasa, "A novel intrusion detection system based on hierarchical clustering and support vector machines," Expert Systems with Applications, vol. 38, no. 1, pp. 306-313, 2011, [CrossRef] [Web of Science Times Cited 269] [SCOPUS Times Cited 382] [17] J. Li, Z. Zhao, R. Li, and H. Zhang, "AI-based two-stage intrusion detection for software defined IoT networks," IEEE Internet of Things Journal, vol. 6, no. 2, pp. 2093-2102, 2019, [CrossRef] [Web of Science Times Cited 131] [SCOPUS Times Cited 167] [18] X. Gao, C. Shan, C. Hu, Z. Niu, and Z. Liu, "An adaptive ensemble machine learning model for intrusion detection," IEEE Access, vol. 7, pp. 82512-82521, 2019, [CrossRef] [Web of Science Times Cited 225] [SCOPUS Times Cited 343] [19] S. Moualla, K. Khorzom, and A. Jafar, "Improving the performance of machine learning-based network intrusion detection systems on the unsw-nb15 dataset," Computational Intelligence and Neuroscience, vol. 2021, Jun. 2021, [CrossRef] [Web of Science Times Cited 25] [SCOPUS Times Cited 52] [20] C. Szegedy, W. Zaremba, I. Sutskever, J. Bruna, D. Erhan, I. J. Goodfellow, R. Fergus, "Intriguing properties of neural networks," in 2nd Int. Conf. on Learning Representations (ICLR), 2014, [CrossRef] [21] I. Rosenberg, A. Shabtai, Y. Elovici, and L. Rokach, "Adversarial machine learning attacks and defense methods in the cyber security domain," ACM Comput. Surv., vol. 54, no. 5, pp. 1-36, Jun. 2022, [CrossRef] [Web of Science Times Cited 91] [SCOPUS Times Cited 118] [22] M. Usama, M. Asim, S. Latif, J. Qadir, and Ala-Al-Fuqaha, "Generative adversarial networks for launching and thwarting adversarial attacks on network intrusion detection systems," in 2019 15th Int. Wireless Communications & Mobile Computing Conf. (IWCMC), Tangier, Morocco: IEEE, Jun. 2019, pp. 78-83. [CrossRef] [Web of Science Times Cited 102] [SCOPUS Times Cited 134] [23] E. Anthi, L. Williams, M. Rhode, P. Burnap, and A. Wedgbury, "Adversarial attacks on machine learning cybersecurity defences in industrial control systems," Journal of Information Security and Applications, vol. 58, p. 102717, May 2021, [CrossRef] [Web of Science Times Cited 70] [SCOPUS Times Cited 102] [24] N. Martins, J. M. Cruz, T. Cruz, and P. H. Abreu, "Analyzing the footprint of classifiers in adversarial denial of service contexts," in Progress in Artificial Intelligence, P. Moura Oliveira, P. Novais, and L. P. Reis, Eds., in Lecture Notes in Computer Science, vol. 11805. Cham: Springer International Publishing, 2019, pp. 256-267. [CrossRef] [Web of Science Times Cited 16] [SCOPUS Times Cited 24] [25] E. Anthi, L. Williams, A. Javed, and P. Burnap, "Hardening machine learning denial of service (DoS) defences against adversarial attacks in IoT smart home networks," Computers & Security, vol. 108, p. 102352, Sep. 2021, [CrossRef] [Web of Science Times Cited 44] [SCOPUS Times Cited 57] [26] A. Kurakin, I.J. Goodfellow, S. Bengio, "Adversarial examples in the physical world," in Artificial intelligence safety and security, Roman V. Yampolskiy, New York, US:Chapman and Hall/CRC, 2018, pp. 99-112, [CrossRef] [27] Y. Dong et al., "Boosting adversarial attacks with momentum," in 2018 IEEE/CVF Conf. on Computer Vision and Pattern Recognition, Salt Lake City, UT: IEEE, Jun. 2018, pp. 9185-9193. [CrossRef] [Web of Science Times Cited 1398] [SCOPUS Times Cited 1932] [28] A. Madry, A. Makelov, L. Schmidt, D. Tsipras, and A. Vladu, "Towards deep learning models resistant to adversarial attacks," in 6th Int. Conf. on Learning Representations (ICLR), 2018. [CrossRef] [29] Tin Kam Ho, "The random subspace method for constructing decision forests," IEEE Trans. Pattern Anal. Machine Intell., vol. 20, no. 8, pp. 832-844, Aug. 1998, [CrossRef] [SCOPUS Times Cited 5444] [30] K. S. V. Swarna, A. Vinayagam, M. Belsam Jeba Ananth, P. Venkatesh Kumar, V. Veerasamy, and P. Radhakrishnan, "A KNN based random subspace ensemble classifier for detection and discrimination of high impedance fault in PV integrated power network," Measurement, vol. 187, p. 110333, Jan. 2022, [CrossRef] [Web of Science Times Cited 27] [SCOPUS Times Cited 82] Web of Science® Citations for all references: 23,597 TCR SCOPUS® Citations for all references: 43,696 TCR Web of Science® Average Citations per reference: 761 ACR SCOPUS® Average Citations per reference: 1,410 ACR TCR = Total Citations for References / ACR = Average Citations per Reference We introduced in 2010 - for the first time in scientific publishing, the term "References Weight", as a quantitative indication of the quality ... Read more Citations for references updated on 2024-09-28 19:24 in 206 seconds. Note1: Web of Science® is a registered trademark of Clarivate Analytics. Note2: SCOPUS® is a registered trademark of Elsevier B.V. Disclaimer: All queries to the respective databases were made by using the DOI record of every reference (where available). Due to technical problems beyond our control, the information is not always accurate. Please use the CrossRef link to visit the respective publisher site. |
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania
All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.
Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.
Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.