Multi-Layered Filtration Framework for Efficient Detection of Network Attacks Using Machine Learning.

Publisher: MDPI Country of Publication: Switzerland NLM ID: 101204366 Publication Model: Electronic Cited Medium: Internet ISSN: 1424-8220 (Electronic) Linking ISSN: 14248220 NLM ISO Abbreviation: Sensors (Basel) Subsets: PubMed not MEDLINE; MEDLINE

Original Publication: Basel, Switzerland : MDPI, c2000-

Filtration* ; Information Technology*; Internet ; Machine Learning ; Neural Networks, Computer

The advancements and reliance on digital data necessitates dependence on information technology. The growing amount of digital data and their availability over the Internet have given rise to the problem of information security. With the increase in connectivity among devices and networks, maintaining the information security of an asset has now become essential for an organization. Intrusion detection systems (IDS) are widely used in networks for protection against different network attacks. Several machine-learning-based techniques have been used among researchers for the implementation of anomaly-based IDS (AIDS). In the past, the focus primarily remained on the improvement of the accuracy of the system. Efficiency with respect to time is an important aspect of an IDS, which most of the research has thus far somewhat overlooked. For this purpose, we propose a multi-layered filtration framework (MLFF) for feature reduction using a statistical approach. The proposed framework helps reduce the detection time without affecting the accuracy. We use the CIC-IDS2017 dataset for experiments. The proposed framework contains three filters and is connected in sequential order. The accuracy, precision, recall and F1 score are calculated against the selected machine learning models. In addition, the training time and the detection time are also calculated because these parameters are considered important in measuring the performance of a detection system. Generally, decision tree models, random forest methods, and artificial neural networks show better results in the detection of network attacks with minimum detection time.

Nat Neurosci. 2020 Jul;23(7):788-799. (PMID: 32601411)

RCBS20221008093252092 Shenzhen Excellent Technology and Innovation Talent Program

Keywords: CIC-IDS2017; anomaly detection; intrusion detection system; machine learning; network attacks; network security; security information and event management

Date Created: 20230714 Date Completed: 20230717 Latest Revision: 20230718

20231215

PMC10346815

10.3390/s23135829

37447678