An Efficient Intrusion Detection Framework Based on Embedding Feature Selection and Ensemble Learning Technique
Abstract: Network security has emerged as a crucial universal issue that affects enterprises, governments, and individuals. The strategies utilized by the attackers are continuing to evolve, and therefore the rate of attacks targeting the network system has expanded dramatically. An Intrusion Detection System (IDS) is one of the significant defense solutions against sophisticated cyberattacks. However, the challenge of improving the accuracy, detection rate, and minimal false alarms of the IDS continues. This paper proposes a robust and effective intrusion detection framework based on the ensemble learning technique using eXtreme Gradient Boosting (XGBoost) and an embedded feature selection method. Further, the best uniform feature subset is extracted using the up-to-date real-world intrusion dataset Canadian Institute for Cybersecurity Intrusion Detection (CICIDS2017) for all attacks. The proposed IDS framework has successfully exceeded several evaluations on a big test dataset over both multi and binary classification. The achieved results are promising on various measurements with an accuracy overall, precision, detection rate, specificity, F-score, false-negative rate, false-positive rate, error rate, and The Area Under the Curve (AUC) scores of 99.86%, 99.69%, 99.75%, 99.69%, 99.72%, 0.17%, 0.2%, 0.14%, and 99.72 respectively for abnormal class. Moreover, the achieved results of multi-classification are also remarkable and impressively great on all performance metrics.
Keywords: Network security, intrusion detection, ensemble learning, xgboost algorithm, features selection.
Received February 18, 2020; accepted August 29, 2021