Loading…
Data Generative Model to Detect the Anomalies for IDS Imbalance CICIDS2017 Dataset
The system of intrusion detection dataset enables machine learning to recognize attack activity in the network. The intrusion, however, is naturally imbalanced, most of the traffic is normal traffic. Moreover, a certain attack is more popular than others. Therefore, the number of cases is highly imb...
Saved in:
| Published in: | TEM Journal 2023-02, Vol.12 (1), p.80-89 |
|---|---|
| Main Authors: | , , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The system of intrusion detection dataset enables machine learning to recognize attack activity in the network. The intrusion, however, is naturally imbalanced, most of the traffic is normal traffic. Moreover, a certain attack is more popular than others. Therefore, the number of cases is highly imbalanced with the majority of attacks dominated by Distributed Denial of Services (DDoS), Denial of Service Hulk (DoS_Hulk), and PortScan more than 4.5% of attacks data. While the minority attack such as DoS_goldeneye, DoS_slowloris, DoS_slowhttptest, Web Attacks, Infiltration, Bot, and Heartbleed was only recorded in less than 1% of attack data. We propose data generative model (DGM) using the Conditional Generative Adversarial Network (CGAN) to improve the class of minorities of the IDS dataset. In this study, we tested the performance of the Data Generative Model based on CGAN in the CICIDS2017 dataset. There are new attacks in this dataset, including Bot, Web_attacks, Infiltration and Heartbleed. According to our experiments, the model successfully detect new attacks and improves the weighted f1-score by 99,92% compared to that of achievers by existing methods using the CICIDS2017 dataset. |
|---|---|
| ISSN: | 2217-8309 2217-8333 |
| DOI: | 10.18421/TEM121-11 |