Ajou University repository

An Effective Anomaly Detection Approach based on Hybrid Unsupervised Learning Technologies in NIDSoa mark
Citations

SCOPUS

0

Citation Export

DC Field Value Language
dc.contributor.authorKim, Kangseok-
dc.date.issued2024-02-29-
dc.identifier.issn2288-1468-
dc.identifier.urihttps://aurora.ajou.ac.kr/handle/2018.oak/34208-
dc.identifier.urihttps://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85193368490&origin=inward-
dc.description.abstractInternet users are exposed to sophisticated cyberattacks that intrusion detection systems have difficulty detecting. Therefore, research is increasing on intrusion detection methods that use artificial intelligence technology for detecting novel cyberattacks. Unsupervised learning-based methods are being researched that learn only from normal data and detect abnormal behaviors by finding patterns. This study developed an anomaly-detection method based on unsupervised machines and deep learning for a network intrusion detection system (NIDS). We present a hybrid anomaly detection approach based on unsupervised learning techniques using the autoencoder (AE), Isolation Forest (IF), and Local Outlier Factor (LOF) algorithms. An oversampling approach that increased the detection rate was also examined. A hybrid approach that combined deep learning algorithms and traditional machine learning algorithms was highly effective in setting the thresholds for anomalies without subjective human judgment. It achieved precision and recall rates respectively of 88.2% and 92.8% when combining two AEs, IF, and LOF while using an oversampling approach to learn more unknown normal data improved the detection accuracy. This approach achieved precision and recall rates respectively of 88.2% and 94.6%, further improving the detection accuracy compared with the hybrid method. Therefore, in NIDS the proposed approach provides high reliability for detecting cyberattacks.-
dc.description.sponsorshipThis work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT: Ministry of Science and ICT) (No. NRF- 2019R1F1A1059036).-
dc.language.isoeng-
dc.publisherKorean Society for Internet Information-
dc.subject.meshAnomaly detection-
dc.subject.meshCyber-attacks-
dc.subject.meshData augmentation-
dc.subject.meshDetection approach-
dc.subject.meshHybrid approach-
dc.subject.meshIn networks-
dc.subject.meshLearn+-
dc.subject.meshLearning technology-
dc.subject.meshNetwork intrusion detection systems-
dc.subject.meshUnsupervised learning technology-
dc.titleAn Effective Anomaly Detection Approach based on Hybrid Unsupervised Learning Technologies in NIDS-
dc.typeArticle-
dc.citation.endPage510-
dc.citation.number2-
dc.citation.startPage494-
dc.citation.titleKSII Transactions on Internet and Information Systems-
dc.citation.volume18-
dc.identifier.bibliographicCitationKSII Transactions on Internet and Information Systems, Vol.18 No.2, pp.494-510-
dc.identifier.doi10.3837/tiis.2024.02.012-
dc.identifier.scopusid2-s2.0-85193368490-
dc.identifier.urlhttps://itiis.org/digital-library/90560-
dc.subject.keywordAnomaly Detection-
dc.subject.keywordData Augmentation-
dc.subject.keywordHybrid Approach-
dc.subject.keywordNIDS-
dc.subject.keywordUnsupervised Learning Technologies-
dc.type.otherArticle-
dc.identifier.pissn1976-7277-
dc.description.isoatrue-
dc.subject.subareaInformation Systems-
dc.subject.subareaComputer Networks and Communications-
Show simple item record

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

KIM, Kang Seok Image
KIM, Kang Seok김강석
Department of Cyber Security
Read More

Total Views & Downloads

File Download

  • There are no files associated with this item.