•  
  •  
 

Abstract

In light of advancements in information technology, intrusion detection systems (IDS) and cybersecurity are two of the most pressing concerns confronting the world. Despite the fact that many academics have proposed intrusion detection models, the development of intrusion detection systems must be continuous due to the continual growth of cyber-attacks. This research presents a proposal for an intrusion detection model on the network, based on a machine learning ensemble. The first aim in this work is to reduce the number of features used in training the system to reduce the training time through the Double Feature Selection Method by using the algorithm (Variance Threshold) and the (Select-K-Best, f_classif) algorithm. The second aim is to build an improved model of the random forest algorithm by integrating it with different classifiers by stacking ensemble learning using K Neighbours Classifier and Gaussian Naive Bayes Classifier, and also the use of (Tuning the parameters) to determine the best parameters for each algorithm. The performance of the proposed model was evaluated using the CIC-IDS2017 and CICDDoS2019 cybersecurity datasets. The proposed model has proven its effectiveness in intrusion detection by obtaining high accuracy, a high detection rate, and a low error rate for each type of attack. In the CIC-IDS2017 dataset, 19 features were used, which showed the accuracy of the model (Web Attacks = 0.9984, DDoS Attacks = 0.9987, DoS Attacks = 0.9944, Brute-force Attacks = 0.9987, Port Scan Attacks = 0.9995, and Bot Attacks = 0.9830). In the CIC-DDoS2019 dataset, 13 features were used, which showed the accuracy of the model is DDoS Attacks = 0.9996; it only contains DDoS attacks.

Pages

173

Download

Share

COinS