Data generative model to detect the anomalies for IDS imbalance CICIDS2017 dataset
The system of intrusion detection dataset enables machine learning to recognize attack activity in the network. The intrusion, however, is naturally imbalanced, most of the traffic is normal traffic. Moreover, a certain attack is more popular than others. Therefore, the number of cases is highly imb...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
UIKTEN - Association for Information Communication Technology Education and Science
2023
|
| Online Access: | http://eprints.utem.edu.my/id/eprint/28142/2/0101704092023.pdf http://eprints.utem.edu.my/id/eprint/28142/ https://www.temjournal.com/content/121/TEMJournalFebruary2023_80_89.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.utem.eprints.28142 |
|---|---|
| record_format |
eprints |
| spelling |
my.utem.eprints.281422025-01-06T10:59:30Z http://eprints.utem.edu.my/id/eprint/28142/ Data generative model to detect the anomalies for IDS imbalance CICIDS2017 dataset Barkah, Azhari Shouni Selamat, Siti Rahayu Zainal Abidin, Zaheera Wahyudi, Rizki The system of intrusion detection dataset enables machine learning to recognize attack activity in the network. The intrusion, however, is naturally imbalanced, most of the traffic is normal traffic. Moreover, a certain attack is more popular than others. Therefore, the number of cases is highly imbalanced with the majority of attacks dominated by Distributed Denial of Services (DDoS), Denial of Service Hulk (DoS_Hulk), and PortScan more than 4.5% of attacks data. While the minority attack such as DoS_goldeneye, DoS_slowloris, DoS_slowhttptest, Web Attacks, Infiltration, Bot, and Heartbleed was only recorded in less than 1% of attack data. We propose data generative model (DGM) using the Conditional Generative Adversarial Network (CGAN) to improve the class of minorities of the IDS dataset. In this study, we tested the performance of the Data Generative Model based on CGAN in the CICIDS2017 dataset. There are new attacks in this dataset, including Bot, Web_attacks, Infiltration and Heartbleed. According to our experiments, the model successfully detect new attacks and improves the weighted f1-score by 99,92% compared to that of achievers by existing methods using the CICIDS2017 dataset. UIKTEN - Association for Information Communication Technology Education and Science 2023-02 Article PeerReviewed text en cc_by_nc_nd_4 http://eprints.utem.edu.my/id/eprint/28142/2/0101704092023.pdf Barkah, Azhari Shouni and Selamat, Siti Rahayu and Zainal Abidin, Zaheera and Wahyudi, Rizki (2023) Data generative model to detect the anomalies for IDS imbalance CICIDS2017 dataset. TEM Journal, 12 (1). pp. 80-89. ISSN 2217-8309 https://www.temjournal.com/content/121/TEMJournalFebruary2023_80_89.pdf 10.18421/TEM121-11 |
| institution |
Universiti Teknikal Malaysia Melaka |
| building |
UTEM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknikal Malaysia Melaka |
| content_source |
UTEM Institutional Repository |
| url_provider |
http://eprints.utem.edu.my/ |
| language |
English |
| description |
The system of intrusion detection dataset enables machine learning to recognize attack activity in the network. The intrusion, however, is naturally imbalanced, most of the traffic is normal traffic. Moreover, a certain attack is more popular than others. Therefore, the number of cases is highly imbalanced with the majority of attacks dominated by Distributed Denial of Services (DDoS), Denial of Service Hulk (DoS_Hulk), and PortScan more than 4.5% of attacks data. While the minority attack such as DoS_goldeneye, DoS_slowloris, DoS_slowhttptest, Web Attacks, Infiltration, Bot, and Heartbleed was only recorded in less than 1% of attack data. We propose data generative model (DGM) using the Conditional Generative Adversarial Network (CGAN) to improve the class of minorities of the IDS dataset. In this study, we tested the performance of the Data Generative Model based on CGAN in the CICIDS2017 dataset. There are new attacks in this dataset, including Bot, Web_attacks, Infiltration and Heartbleed. According to our experiments, the model successfully detect new attacks and improves the weighted f1-score by 99,92% compared to that of achievers by existing methods using the CICIDS2017 dataset. |
| format |
Article |
| author |
Barkah, Azhari Shouni Selamat, Siti Rahayu Zainal Abidin, Zaheera Wahyudi, Rizki |
| spellingShingle |
Barkah, Azhari Shouni Selamat, Siti Rahayu Zainal Abidin, Zaheera Wahyudi, Rizki Data generative model to detect the anomalies for IDS imbalance CICIDS2017 dataset |
| author_facet |
Barkah, Azhari Shouni Selamat, Siti Rahayu Zainal Abidin, Zaheera Wahyudi, Rizki |
| author_sort |
Barkah, Azhari Shouni |
| title |
Data generative model to detect the anomalies for IDS imbalance CICIDS2017 dataset |
| title_short |
Data generative model to detect the anomalies for IDS imbalance CICIDS2017 dataset |
| title_full |
Data generative model to detect the anomalies for IDS imbalance CICIDS2017 dataset |
| title_fullStr |
Data generative model to detect the anomalies for IDS imbalance CICIDS2017 dataset |
| title_full_unstemmed |
Data generative model to detect the anomalies for IDS imbalance CICIDS2017 dataset |
| title_sort |
data generative model to detect the anomalies for ids imbalance cicids2017 dataset |
| publisher |
UIKTEN - Association for Information Communication Technology Education and Science |
| publishDate |
2023 |
| url |
http://eprints.utem.edu.my/id/eprint/28142/2/0101704092023.pdf http://eprints.utem.edu.my/id/eprint/28142/ https://www.temjournal.com/content/121/TEMJournalFebruary2023_80_89.pdf |
| _version_ |
1821007584473120768 |
| score |
13.226497 |