A Novel Ensemble Framework for an Intelligent Intrusion Detection System

Abstract

Read online

Background: Building an effective Intrusion detection system in a multi-attack classification environment is challenging due to the diversity of modern, sophisticated attacks. High-performance classification methods are needed for Intrusion Detection Systems as attackers can establish intrusive methods and easily evade the detection tools deployed in a computing environment. Moreover, it is challenging to use a single classifier to efficiently detect all kinds of attacks. Aims: To propose a unique ensemble framework that can effectively detect different attack categories. Method: The proposed approach is based on building an ensemble by ranking the detection ability of different base classifiers to identify various types of attacks. The F1-score of an algorithm is used to compute the rank matrix for different attack categories. For final prediction algorithm’s output for an attack is only considered if the algorithm has the highest F1-Score in the rank matrix for the particular attack category. This approach contrasts with the voting approach where the final classification is based on the voting of all classifiers in the ensemble irrespective of the fact if the algorithm is efficient enough to detect that attack or not. Results: With the proposed method, the final accuracy obtained is 96.97 %, a recall rate of 97.4%, and a better attack detection rate than the baseline classifiers and other existing approaches for different attack categories.

Keywords

• Intrusion detection system
• machine learning
• cybersecurity
• ensemble learning
• intrusion detection framework
• CIC IDS 2018