TY - JOUR
T1 - Machine Learning-Based Intrusion Detection on Multi-Class Imbalanced Dataset Using SMOTE
AU - Widodo, Akdeas Oktanae
AU - Setiawan, Bambang
AU - Indraswari, Rarasmaya
N1 - Publisher Copyright:
© 2023 The Authors. Published by Elsevier B.V.
PY - 2024
Y1 - 2024
N2 - The rapid development of information technology has brought numerous benefits to society, but it has also led to increased security vulnerabilities in network systems. Intrusion detection systems (IDS) play a crucial role in identifying malicious activities, but they face challenges due to imbalanced datasets where the number of attack samples outweighs normal activities. This paper explores the performance of an IDS using SMOTE (Synthetic Minority Over-sampling Technique) and various classification algorithms to address imbalanced datasets and enhance detection of multi-class intrusions. Related works in the field of intrusion detection are reviewed, highlighting the effectiveness of different algorithms and techniques. The proposed work presents a model that combines SMOTE with log normalization and feature selection to improve IDS performance. Experiments are conducted on the NSL-KDD and CIC-IDS2017 datasets, evaluating different oversampling configurations and machine learning models. The results show that applying SMOTE improves overall performance, with high accuracy, precision, recall, and F1-score. Feature selection has minimal impact on model performance, suggesting the presence of redundant features. The study concludes that SMOTE effectively addresses class imbalance and enhances IDS performance, emphasizing the importance of incorporating oversampling techniques in intrusion detection systems.
AB - The rapid development of information technology has brought numerous benefits to society, but it has also led to increased security vulnerabilities in network systems. Intrusion detection systems (IDS) play a crucial role in identifying malicious activities, but they face challenges due to imbalanced datasets where the number of attack samples outweighs normal activities. This paper explores the performance of an IDS using SMOTE (Synthetic Minority Over-sampling Technique) and various classification algorithms to address imbalanced datasets and enhance detection of multi-class intrusions. Related works in the field of intrusion detection are reviewed, highlighting the effectiveness of different algorithms and techniques. The proposed work presents a model that combines SMOTE with log normalization and feature selection to improve IDS performance. Experiments are conducted on the NSL-KDD and CIC-IDS2017 datasets, evaluating different oversampling configurations and machine learning models. The results show that applying SMOTE improves overall performance, with high accuracy, precision, recall, and F1-score. Feature selection has minimal impact on model performance, suggesting the presence of redundant features. The study concludes that SMOTE effectively addresses class imbalance and enhances IDS performance, emphasizing the importance of incorporating oversampling techniques in intrusion detection systems.
KW - Intrusion detection
KW - SMOTE
KW - imbalanced dataset
KW - machine learning
UR - http://www.scopus.com/inward/record.url?scp=85193200072&partnerID=8YFLogxK
U2 - 10.1016/j.procs.2024.03.042
DO - 10.1016/j.procs.2024.03.042
M3 - Conference article
AN - SCOPUS:85193200072
SN - 1877-0509
VL - 234
SP - 578
EP - 583
JO - Procedia Computer Science
JF - Procedia Computer Science
T2 - 7th Information Systems International Conference, ISICO 2023
Y2 - 26 July 2023 through 28 July 2023
ER -