Ajou University repository

An Effective Anomaly Detection Approach based on Hybrid Unsupervised Learning Technologies in NIDSoa mark
Citations

SCOPUS

0

Citation Export

Publication Year
2024-02-29
Journal
KSII Transactions on Internet and Information Systems
Publisher
Korean Society for Internet Information
Citation
KSII Transactions on Internet and Information Systems, Vol.18 No.2, pp.494-510
Keyword
Anomaly DetectionData AugmentationHybrid ApproachNIDSUnsupervised Learning Technologies
Mesh Keyword
Anomaly detectionCyber-attacksData augmentationDetection approachHybrid approachIn networksLearn+Learning technologyNetwork intrusion detection systemsUnsupervised learning technology
All Science Classification Codes (ASJC)
Information SystemsComputer Networks and Communications
Abstract
Internet users are exposed to sophisticated cyberattacks that intrusion detection systems have difficulty detecting. Therefore, research is increasing on intrusion detection methods that use artificial intelligence technology for detecting novel cyberattacks. Unsupervised learning-based methods are being researched that learn only from normal data and detect abnormal behaviors by finding patterns. This study developed an anomaly-detection method based on unsupervised machines and deep learning for a network intrusion detection system (NIDS). We present a hybrid anomaly detection approach based on unsupervised learning techniques using the autoencoder (AE), Isolation Forest (IF), and Local Outlier Factor (LOF) algorithms. An oversampling approach that increased the detection rate was also examined. A hybrid approach that combined deep learning algorithms and traditional machine learning algorithms was highly effective in setting the thresholds for anomalies without subjective human judgment. It achieved precision and recall rates respectively of 88.2% and 92.8% when combining two AEs, IF, and LOF while using an oversampling approach to learn more unknown normal data improved the detection accuracy. This approach achieved precision and recall rates respectively of 88.2% and 94.6%, further improving the detection accuracy compared with the hybrid method. Therefore, in NIDS the proposed approach provides high reliability for detecting cyberattacks.
ISSN
2288-1468
Language
eng
URI
https://aurora.ajou.ac.kr/handle/2018.oak/34208
https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85193368490&origin=inward
DOI
https://doi.org/10.3837/tiis.2024.02.012
Journal URL
https://itiis.org/digital-library/90560
Type
Article
Funding
This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT: Ministry of Science and ICT) (No. NRF- 2019R1F1A1059036).
Show full item record

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

KIM, Kang Seok Image
KIM, Kang Seok김강석
Department of Cyber Security
Read More

Total Views & Downloads

File Download

  • There are no files associated with this item.