CFP last date
20 January 2025
Reseach Article

Hybrid Machine Learning Approach for Attack Classification and Clustering in Network Security

by Castro A. Yoga, Anthony J. Rodrigues, Silvance O. Abeka
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 185 - Number 31
Year of Publication: 2023
Authors: Castro A. Yoga, Anthony J. Rodrigues, Silvance O. Abeka
10.5120/ijca2023923076

Castro A. Yoga, Anthony J. Rodrigues, Silvance O. Abeka . Hybrid Machine Learning Approach for Attack Classification and Clustering in Network Security. International Journal of Computer Applications. 185, 31 ( Aug 2023), 45-51. DOI=10.5120/ijca2023923076

@article{ 10.5120/ijca2023923076,
author = { Castro A. Yoga, Anthony J. Rodrigues, Silvance O. Abeka },
title = { Hybrid Machine Learning Approach for Attack Classification and Clustering in Network Security },
journal = { International Journal of Computer Applications },
issue_date = { Aug 2023 },
volume = { 185 },
number = { 31 },
month = { Aug },
year = { 2023 },
issn = { 0975-8887 },
pages = { 45-51 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume185/number31/32896-2023923076/ },
doi = { 10.5120/ijca2023923076 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T01:27:36.459690+05:30
%A Castro A. Yoga
%A Anthony J. Rodrigues
%A Silvance O. Abeka
%T Hybrid Machine Learning Approach for Attack Classification and Clustering in Network Security
%J International Journal of Computer Applications
%@ 0975-8887
%V 185
%N 31
%P 45-51
%D 2023
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Due to the increasing complexity and diversity of threats, network security has become a critical concern. The application of machine learning (ML) methods has demonstrated potential in enhancing network security by effectively recognizing and classifying threats. A hybrid ML-based approach is presented in this study within the framework of the three-layer network security domain (TLNSD) to address the task of attack classification and clustering. The approach utilizes a stacking ensemble classifier, which employs a meta learner (Logistic Regression) to combine the predictions from multiple base learners (K-Nearest Neighbors, Random Forest, Gaussian Naive Bayes). To identify the most relevant features, the SelectKBest algorithm is employed. Additionally, the K-means clustering technique is utilized to group similar attack instances. The performance evaluation of the proposed technique is conducted using the UNSW-NB15 dataset. The results demonstrate that the proposed technique surpasses the performance of individual base learners, achieving a high level of accuracy. This underscores its effectiveness in detecting and categorizing attacks. The clustering analysis provides insights into the distribution and occurrence frequency of diverse threat types, enabling the development of tailored security strategies. By presenting a comprehensive and integrated approach to threat analysis and mitigation, this study contributes to the advancement of network security. The proposed methodology offers a unified framework to effectively address the challenges posed by evolving cyber threats.

References
  1. M. Furdek et al., “An overview of security challenges in communication networks,” in 2016 8th International Workshop on Resilient Networks Design and Modeling (RNDM), IEEE, 2016, pp. 43–50.
  2. Q. Li et al., “A comprehensive survey on DDoS defense systems: New trends and challenges,” Computer Networks, p. 109895, 2023.
  3. K.-K. R. Choo, “The cyber threat landscape: Challenges and future research directions,” Computers & security, vol. 30, no. 8, pp. 719–731, 2011.
  4. A. Moubayed, M. Injadat, A. B. Nassif, H. Lutfiyya, and A. Shami, “E-learning: Challenges and research opportunities using machine learning & data analytics,” IEEE Access, vol. 6, pp. 39117–39138, 2018.
  5. M. A. Ganaie, M. Hu, A. K. Malik, M. Tanveer, and P. N. Suganthan, “Ensemble deep learning: A review,” Engineering Applications of Artificial Intelligence, vol. 115, p. 105151, 2022.
  6. C. B. C. Latha and S. C. Jeeva, “Improving the accuracy of prediction of heart disease risk based on ensemble classification techniques,” Informatics in Medicine Unlocked, vol. 16, p. 100203, 2019.
  7. R. Odegua, “An empirical study of ensemble techniques (bagging, boosting and stacking),” in Proc. Conf.: Deep Learn. IndabaXAt, 2019.
  8. P. Casas, M. Seufert, N. Wehner, A. Schwind, and F. Wamser, “Enhancing machine learning based qoe prediction by ensemble models,” in 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS), IEEE, 2018, pp. 1642–1647.
  9. C. Yoga, A. Rodrigues, and S. Abeka, “Holistic Security Pattern-Based Model to Protect Network Architecture,” International Journal of Research Publications, vol. 130, pp. 268–278, Aug. 2023, doi: 10.47119/IJRP1001301820235295.
  10. Y. Li and Q. Liu, “A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments,” Energy Reports, vol. 7, pp. 8176–8186, 2021.
  11. Z. Zhang, H. Al Hamadi, E. Damiani, C. Y. Yeun, and F. Taher, “Explainable artificial intelligence applications in cyber security: State-of-the-art in research,” IEEE Access, 2022.
  12. K. Park, Y. Song, and Y.-G. Cheong, “Classification of attack types for intrusion detection systems using a machine learning algorithm,” presented at the 2018 IEEE fourth international conference on big data computing service and applications (BigDataService), IEEE, 2018, pp. 282–286.
  13. K. Rendall, A. Nisioti, and A. Mylonas, “Towards a multi-layered phishing detection,” Sensors, vol. 20, no. 16, p. 4540, 2020.
  14. X. Li, K. Li, D. Qiao, Y. Ding, and D. Wei, “Application research of machine learning method based on distributed cluster in information retrieval,” in 2019 International Conference on Communications, Information System and Computer Engineering (CISCE, IEEE, Jul. 2019, pp. 411–414.
  15. Z. Xu, S. Ray, P. Subramanyan, and S. Malik, “Malware detection using machine learning based analysis of virtual memory access patterns,” presented at the Design, Automation & Test in Europe Conference & Exhibition (DATE), 2017, IEEE, 2017, pp. 169–174.
  16. M. Shafiq, X. Yu, A. K. Bashir, H. N. Chaudhry, and D. Wang, “A machine learning approach for feature selection traffic classification using security analysis,” The Journal of Supercomputing, vol. 74, pp. 4867–4892, 2018.
  17. S. Kumar, A. Viinikainen, and T. Hamalainen, “Evaluation of ensemble machine learning methods in mobile threat detection,” presented at the 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST), IEEE, 2017, pp. 261–268.
  18. H. Mohamad Tahir et al., “Hybrid machine learning technique for intrusion detection system,” 2015.
  19. V. Kumar and S. Minz, “Feature selection: a literature review,” SmartCR, vol. 4, no. 3, pp. 211–229, 2014.
  20. P. Yang and Q. Zhu, “Finding key attribute subset in dataset for outlier detection,” Knowledge-based systems, vol. 24, no. 2, pp. 269–274, 2011.
  21. G. Forman, “An extensive empirical study of feature selection metrics for text classification.,” J. Mach. Learn. Res., vol. 3, no. Mar, pp. 1289–1305, 2003.
  22. N. Moustafa, “The UNSW-NB15 dataset.” UNSW, Sydney, 2019. doi: 10.26190/5d7ac5b1e8485.
  23. Scikit-learn, “scikit-learn: machine learning in Python — scikit-learn 1.2.2 documentation,” 2023. https://scikit-learn.org/stable/ (accessed May 30, 2023).
Index Terms

Computer Science
Information Sciences

Keywords

Network security machine learning ensemble learning stacking ensemble classifier feature selection K-means clustering attack classification attack clustering three-layer network security domain UNSW-NB15 attacks dataset