Open Access Open Access  Restricted Access Subscription Access

EVALUATING EFFECTIVENESS OF ENSEMBLE CLASSIFIERS WHEN DETECTING FUZZERS ATTACKS ON THE UNSW-NB15 DATASET

Hoang Ngoc Thanh, Tran Van Lang

Abstract


The UNSW-NB15 dataset was created by the Australian Cyber Security Centre in 2015 by using the IXIA tool to extract normal behaviors and modern attacks, it includes normal data and 9 types of attacks with 49 features. Previous research results show that the detection of Fuzzers attacks in this dataset gives the lowest classification quality. This paper analyzes and evaluates the performance of using known ensemble techniques such as Bagging, AdaBoost, Stacking, Decorate, Random Forest and Voting to detect FUZZERS attacks on UNSW-NB15 dataset to create models. The experimental results show that the AdaBoost technique with the component classifiers using decision tree for the best classification quality with F-Measure is 96.76% compared to 94.16%, which is the best result obtained by using single classifiers and 96.36% by using the Random Forest technique.

Keywords


Machine Learning; Ensemble Classifier; AdaBoost; Fuzzers; UNSW-NB15 dataset

Full Text:

PDF

References


Buntine and Wray. Learning classification trees. Statistics and Computing, 2(2):63–73, Jun 1992.

David Wolpert. Stacked generalization. Neural Networks, 5:241–259, 12 1992.

Freund, Yoav, Schapire, and Robert E. A desicion-theoretic generalization of on-line learning and an application to boosting. In Paul Vit´anyi, editor, Computational Learning Theory, pages 23–37, Berlin, Heidelberg, 1995. Springer Berlin Heidelberg.

Leo Breiman. Arcing classifier (with discussion and a rejoinder by the author). Ann. Statist., 26(3):801–849, 06 1998.

Leo Breiman. Bagging predictors. Machine Learning, 24(2):123–140, Aug 1996.

Leo Breiman. Random forests. In Machine Learning, pages 5–32, 2001.

Brady Neal, Sarthak Mittal, Aristide Baratin, Vinayak Tantia, Matthew Scicluna, Simon Lacoste-Julien, and Loannis Mitliagkas. A modern take on the bias-variance tradeoff in neural networks. ArXiv, abs/1810.08591, 2018.

B. Efron. Bootstrap methods: Another look at the jackknife. Ann. Statist., 7(1):1–26, 01 1979.

Tharwat and Alaa. Adaboost classifier: an overview. 02 2018.

SH Kok, Azween Abdullah, NZJhanjhi, and Mahadevan Supramaniam. A review of intrusion detection system using machine learning approach. International Journal of Engineering Research and Technology, ISBN 0974-3154, 12(1):8–15, 2019.

N. Moustafa and J. Slay. Unsw-nb15: A comprehensive dataset for network intrusion detection. In Paper presented at the Military Communications and Information Systems Conference, 2015.

Powers, David, and Ailab. Evaluation: From precision, recall and f-measure to roc, informedness, markedness correlation. J. Mach. Learn. Technol, 2:2229–3981, 01 2011.

R. P. Espındola and N. F. F. Ebecken. On extending f-measure and g-mean metrics to multi-class problems. In WIT Transactions on Information and Communication Technologies, volume 35. WIT Press, 2005.

Yuk Ying Chung and Noorhaniza Wahid. A hybrid network intrusion detection system using simplified swarm optimization. In Applied Soft Computing 12, pages 3014–3022. Elsevier, 2012.

John Muschelli. Roc and auc with a binary predictor: a potentially misleading metric. 03 2019.

Hoang Ngoc Thanh and Tran Van Lang. Creating rules for firewall use of decision tree based ensemble techniques. In Proceedings of the 11th National Conference on Fundamental and Applied IT Research (FAIR’11), pages 489–496, Vietnam, 2018.

Hoang Ngoc Thanh and Tran Van Lang. Feature selection based on information gain to improve performance of network intrusion detection systems. In Proceedings of the 10th National Conference on Fundamental and Applied IT Research (FAIR’10), pages 823–831, Vietnam, 2017.

Hoang Ngoc Thanh and Tran Van Lang. An approach to reduce data dimension in building effective network intrusion detection systems. EAI Endorsed Transactions on Context-aware Systems and Applications: Online First, 1 2020.




DOI: https://doi.org/10.15625/1813-9663/36/2/14786 Display counter: Abstract : 31 views. PDF : 20 views.

Journal of Computer Science and Cybernetics ISSN: 1813-9663

Published by Vietnam Academy of Science and Technology