Ensemble and Deep-Learning Methods for Two-Class and Multi-Attack Anomaly Intrusion Detection: An Empirical Study

Abstract

Cyber-security, as an emerging field of research, involves the development and management of techniques and technologies for protection of data, information and devices. Protection of network devices from attacks, threats and vulnerabilities both internally and externally had led to the development of ceaseless research into Network Intrusion Detection System (NIDS). Therefore, an empirical study was conducted on the effectiveness of deep learning and ensemble methods in NIDS, thereby contributing to knowledge by developing a NIDS through the implementation of machine and deep-learning algorithms in various forms on recent network datasets that contains more recent attacks types and attackers’ behaviours (UNSW-NB15 dataset). This research involves the implementation of a deep-learning algorithm–Long Short-Term Memory (LSTM)–and two ensemble methods (a homogeneous method–using optimised bagged Random-Forest algorithm, and a heterogeneous method–an Averaged Probability method of Voting ensemble). The heterogeneous ensemble was based on four (4) standard classifiers with different computational characteristics (Naïve Bayes, kNN, RIPPER and Decision Tree). The respective model implementations were applied on the UNSW_NB15 datasets in two forms: as a two-classed attack dataset and as a multi-attack dataset. LSTM achieved a detection accuracy rate of 80% on the two-classed attack dataset and 72% detection accuracy rate on the multi-attack dataset. The homogeneous method had an accuracy rate of 98% and 87.4% on the two-class attack dataset and the multi-attack dataset, respectively. Moreover, the heterogeneous model had 97% and 85.23% detection accuracy rate on the two-class attack dataset and the multi-attack dataset, respectively.

Authors and Affiliations

Adeyemo Victor Elijah, Azween Abdullah, NZ Jhanjhi, Mahadevan Supramaniam, Balogun Abdullateef O

Keywords

Related Articles

Evaluating Urdu to Arabic Machine Translation Tools

Machine translation is an active research domain in fields of artificial intelligence. The relevant literature presents a number of machine translation approaches for the translation of different languages. Urdu is the n...

Process Improvements for Crowdsourced Software Testing

Crowdsourced software testing has been a common practice lately. It refers to the use of crowdsourcing in software testing activities. Although the crowd testing is a collaborative process by nature, there is no availabl...

A Hybrid Curvelet Transform and Genetic Algorithm for Image Steganography

In this paper, we present a new hybrid image steganography algorithm by combining two famous techniques which are curvelet transform and genetic algorithm GA. The proposed algorithm is called Hybrid Curvelet Transform an...

Software Artefacts Consistency Management towards Continuous Integration: A Roadmap

Software development in DevOps practices has become popular with the collaborative intersection between development and operations teams. The notion of DevOps practices drives the software artefacts changes towards conti...

Verification of Statecharts Using Data Abstraction

We present an approach for verifying Statecharts including infinite data spaces. We devise a technique for checking that a formula of the universal fragment of CTL is satisfied by a specification written as a Statechart....

Download PDF file
  • EP ID EP646212
  • DOI 10.14569/IJACSA.2019.0100969
  • Views 102
  • Downloads 0

How To Cite

Adeyemo Victor Elijah, Azween Abdullah, NZ Jhanjhi, Mahadevan Supramaniam, Balogun Abdullateef O (2019). Ensemble and Deep-Learning Methods for Two-Class and Multi-Attack Anomaly Intrusion Detection: An Empirical Study. International Journal of Advanced Computer Science & Applications, 10(9), 520-528. https://europub.co.uk/articles/-A-646212