Citation Export
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Kangseok | - |
dc.date.issued | 2024-02-29 | - |
dc.identifier.issn | 2288-1468 | - |
dc.identifier.uri | https://aurora.ajou.ac.kr/handle/2018.oak/34208 | - |
dc.identifier.uri | https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85193368490&origin=inward | - |
dc.description.abstract | Internet users are exposed to sophisticated cyberattacks that intrusion detection systems have difficulty detecting. Therefore, research is increasing on intrusion detection methods that use artificial intelligence technology for detecting novel cyberattacks. Unsupervised learning-based methods are being researched that learn only from normal data and detect abnormal behaviors by finding patterns. This study developed an anomaly-detection method based on unsupervised machines and deep learning for a network intrusion detection system (NIDS). We present a hybrid anomaly detection approach based on unsupervised learning techniques using the autoencoder (AE), Isolation Forest (IF), and Local Outlier Factor (LOF) algorithms. An oversampling approach that increased the detection rate was also examined. A hybrid approach that combined deep learning algorithms and traditional machine learning algorithms was highly effective in setting the thresholds for anomalies without subjective human judgment. It achieved precision and recall rates respectively of 88.2% and 92.8% when combining two AEs, IF, and LOF while using an oversampling approach to learn more unknown normal data improved the detection accuracy. This approach achieved precision and recall rates respectively of 88.2% and 94.6%, further improving the detection accuracy compared with the hybrid method. Therefore, in NIDS the proposed approach provides high reliability for detecting cyberattacks. | - |
dc.description.sponsorship | This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT: Ministry of Science and ICT) (No. NRF- 2019R1F1A1059036). | - |
dc.language.iso | eng | - |
dc.publisher | Korean Society for Internet Information | - |
dc.subject.mesh | Anomaly detection | - |
dc.subject.mesh | Cyber-attacks | - |
dc.subject.mesh | Data augmentation | - |
dc.subject.mesh | Detection approach | - |
dc.subject.mesh | Hybrid approach | - |
dc.subject.mesh | In networks | - |
dc.subject.mesh | Learn+ | - |
dc.subject.mesh | Learning technology | - |
dc.subject.mesh | Network intrusion detection systems | - |
dc.subject.mesh | Unsupervised learning technology | - |
dc.title | An Effective Anomaly Detection Approach based on Hybrid Unsupervised Learning Technologies in NIDS | - |
dc.type | Article | - |
dc.citation.endPage | 510 | - |
dc.citation.number | 2 | - |
dc.citation.startPage | 494 | - |
dc.citation.title | KSII Transactions on Internet and Information Systems | - |
dc.citation.volume | 18 | - |
dc.identifier.bibliographicCitation | KSII Transactions on Internet and Information Systems, Vol.18 No.2, pp.494-510 | - |
dc.identifier.doi | 10.3837/tiis.2024.02.012 | - |
dc.identifier.scopusid | 2-s2.0-85193368490 | - |
dc.identifier.url | https://itiis.org/digital-library/90560 | - |
dc.subject.keyword | Anomaly Detection | - |
dc.subject.keyword | Data Augmentation | - |
dc.subject.keyword | Hybrid Approach | - |
dc.subject.keyword | NIDS | - |
dc.subject.keyword | Unsupervised Learning Technologies | - |
dc.type.other | Article | - |
dc.identifier.pissn | 1976-7277 | - |
dc.description.isoa | true | - |
dc.subject.subarea | Information Systems | - |
dc.subject.subarea | Computer Networks and Communications | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.