Efficient Hybrid Model for Intrusion Detection Systems

Nesrine Kaaniche; Aymen Boudguiga; Gustavo Gonzalez-Granadillo

doi:10.5220/0011328300003283

Efficient Hybrid Model for Intrusion Detection Systems

Nesrine Kaaniche
, Aymen Boudguiga
, Gustavo Gonzalez-Granadillo

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

This paper proposes a new hybrid ML model that relies on K-Means clustering and the Variational Bayesian Gaussian Mixture models to efficiently detect and classify unknown network attacks. The proposed model first classifies the input data into various clusters using K-Means. Then, it identifies anomalies in those clusters using the Variational Bayesian Gaussian Mixture model. The model has been tested against the CICIDS 2017 dataset that contains new relevant attacks and realistic normal traffic, with a reasonable size. To balance the data, undersampling techniques were used. Furthermore, the features were reduced from 78 to 28 using feature selection and feature extraction methods. The proposed model shows promising results when identifying whether a data point is an attack or not with an F1 score of up to 91%.

Original language	English
Title of host publication	SECRYPT 2022 - Proceedings of the 19th International Conference on Security and Cryptography
Editors	Sabrina De Capitani di Vimercati, Pierangela Samarati
Publisher	Science and Technology Publications, Lda
Pages	694-700
Number of pages	7
ISBN (Print)	9789897585906
DOIs	https://doi.org/10.5220/0011328300003283
Publication status	Published - 1 Jan 2022
Event	19th International Conference on Security and Cryptography, SECRYPT 2022 - Lisbon, Portugal Duration: 11 Jul 2022 → 13 Jul 2022

Publication series

Name	Proceedings of the International Conference on Security and Cryptography
Volume	1
ISSN (Print)	2184-7711

Conference

Conference	19th International Conference on Security and Cryptography, SECRYPT 2022
Country/Territory	Portugal
City	Lisbon
Period	11/07/22 → 13/07/22

Keywords

Bayesian Model
Hybrid Approach
IDS
K-Means
Supervised and Unsupervised Learning

Access to Document

10.5220/0011328300003283

Cite this

Kaaniche, N., Boudguiga, A., & Gonzalez-Granadillo, G. (2022). Efficient Hybrid Model for Intrusion Detection Systems. In S. De Capitani di Vimercati, & P. Samarati (Eds.), SECRYPT 2022 - Proceedings of the 19th International Conference on Security and Cryptography (pp. 694-700). (Proceedings of the International Conference on Security and Cryptography; Vol. 1). Science and Technology Publications, Lda. https://doi.org/10.5220/0011328300003283

Kaaniche, Nesrine ; Boudguiga, Aymen ; Gonzalez-Granadillo, Gustavo. / Efficient Hybrid Model for Intrusion Detection Systems. SECRYPT 2022 - Proceedings of the 19th International Conference on Security and Cryptography. editor / Sabrina De Capitani di Vimercati ; Pierangela Samarati. Science and Technology Publications, Lda, 2022. pp. 694-700 (Proceedings of the International Conference on Security and Cryptography).

@inproceedings{97998878c2334bc9a06e4664f0ff5e11,

title = "Efficient Hybrid Model for Intrusion Detection Systems",

abstract = "This paper proposes a new hybrid ML model that relies on K-Means clustering and the Variational Bayesian Gaussian Mixture models to efficiently detect and classify unknown network attacks. The proposed model first classifies the input data into various clusters using K-Means. Then, it identifies anomalies in those clusters using the Variational Bayesian Gaussian Mixture model. The model has been tested against the CICIDS 2017 dataset that contains new relevant attacks and realistic normal traffic, with a reasonable size. To balance the data, undersampling techniques were used. Furthermore, the features were reduced from 78 to 28 using feature selection and feature extraction methods. The proposed model shows promising results when identifying whether a data point is an attack or not with an F1 score of up to 91\%.",

keywords = "Bayesian Model, Hybrid Approach, IDS, K-Means, Supervised and Unsupervised Learning",

author = "Nesrine Kaaniche and Aymen Boudguiga and Gustavo Gonzalez-Granadillo",

note = "Publisher Copyright: {\textcopyright} 2021 by SCITEPRESS - Science and Technology Publications, Lda. All rights reserved.; 19th International Conference on Security and Cryptography, SECRYPT 2022 ; Conference date: 11-07-2022 Through 13-07-2022",

year = "2022",

month = jan,

day = "1",

doi = "10.5220/0011328300003283",

language = "English",

isbn = "9789897585906",

series = "Proceedings of the International Conference on Security and Cryptography",

publisher = "Science and Technology Publications, Lda",

pages = "694--700",

editor = "\{De Capitani di Vimercati\}, Sabrina and Pierangela Samarati",

booktitle = "SECRYPT 2022 - Proceedings of the 19th International Conference on Security and Cryptography",

}

Kaaniche, N, Boudguiga, A & Gonzalez-Granadillo, G 2022, Efficient Hybrid Model for Intrusion Detection Systems. in S De Capitani di Vimercati & P Samarati (eds), SECRYPT 2022 - Proceedings of the 19th International Conference on Security and Cryptography. Proceedings of the International Conference on Security and Cryptography, vol. 1, Science and Technology Publications, Lda, pp. 694-700, 19th International Conference on Security and Cryptography, SECRYPT 2022, Lisbon, Portugal, 11/07/22. https://doi.org/10.5220/0011328300003283

Efficient Hybrid Model for Intrusion Detection Systems. / Kaaniche, Nesrine; Boudguiga, Aymen; Gonzalez-Granadillo, Gustavo.
SECRYPT 2022 - Proceedings of the 19th International Conference on Security and Cryptography. ed. / Sabrina De Capitani di Vimercati; Pierangela Samarati. Science and Technology Publications, Lda, 2022. p. 694-700 (Proceedings of the International Conference on Security and Cryptography; Vol. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Efficient Hybrid Model for Intrusion Detection Systems

AU - Kaaniche, Nesrine

AU - Boudguiga, Aymen

AU - Gonzalez-Granadillo, Gustavo

PY - 2022/1/1

Y1 - 2022/1/1

N2 - This paper proposes a new hybrid ML model that relies on K-Means clustering and the Variational Bayesian Gaussian Mixture models to efficiently detect and classify unknown network attacks. The proposed model first classifies the input data into various clusters using K-Means. Then, it identifies anomalies in those clusters using the Variational Bayesian Gaussian Mixture model. The model has been tested against the CICIDS 2017 dataset that contains new relevant attacks and realistic normal traffic, with a reasonable size. To balance the data, undersampling techniques were used. Furthermore, the features were reduced from 78 to 28 using feature selection and feature extraction methods. The proposed model shows promising results when identifying whether a data point is an attack or not with an F1 score of up to 91%.

AB - This paper proposes a new hybrid ML model that relies on K-Means clustering and the Variational Bayesian Gaussian Mixture models to efficiently detect and classify unknown network attacks. The proposed model first classifies the input data into various clusters using K-Means. Then, it identifies anomalies in those clusters using the Variational Bayesian Gaussian Mixture model. The model has been tested against the CICIDS 2017 dataset that contains new relevant attacks and realistic normal traffic, with a reasonable size. To balance the data, undersampling techniques were used. Furthermore, the features were reduced from 78 to 28 using feature selection and feature extraction methods. The proposed model shows promising results when identifying whether a data point is an attack or not with an F1 score of up to 91%.

KW - Bayesian Model

KW - Hybrid Approach

KW - IDS

KW - K-Means

KW - Supervised and Unsupervised Learning

UR - https://www.scopus.com/pages/publications/85178505738

U2 - 10.5220/0011328300003283

DO - 10.5220/0011328300003283

M3 - Conference contribution

AN - SCOPUS:85178505738

SN - 9789897585906

T3 - Proceedings of the International Conference on Security and Cryptography

SP - 694

EP - 700

BT - SECRYPT 2022 - Proceedings of the 19th International Conference on Security and Cryptography

A2 - De Capitani di Vimercati, Sabrina

A2 - Samarati, Pierangela

PB - Science and Technology Publications, Lda

T2 - 19th International Conference on Security and Cryptography, SECRYPT 2022

Y2 - 11 July 2022 through 13 July 2022

ER -

Kaaniche N, Boudguiga A, Gonzalez-Granadillo G. Efficient Hybrid Model for Intrusion Detection Systems. In De Capitani di Vimercati S, Samarati P, editors, SECRYPT 2022 - Proceedings of the 19th International Conference on Security and Cryptography. Science and Technology Publications, Lda. 2022. p. 694-700. (Proceedings of the International Conference on Security and Cryptography). doi: 10.5220/0011328300003283

Efficient Hybrid Model for Intrusion Detection Systems

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this