GRU-GBM: A combined intrusion detection model using LightGBM and gated recurrent unit

2022-07-01
Sarikaya, Alper
Günel Kılıç, Banu
DEMİRCİ, MEHMET
Due to the increasing sophistication of cyber-attacks, intrusion detection systems need to be improved constantly. Each machine learning classifier has different advantages against intrusion detection and combining the advantages of different classifiers increases detection rates. In this study, we combine a machine learning classifier with a deep learning model to propose a new approach called GRU-GBM. The LightGBM gradient boosting machine framework is used for feature selection, and each feature in the dataset is evaluated by a second LightGBM classifier to determine the optimal feature set using a novel threshold-based approach. After the selection of the feature set, a gated recurrent unit is used for attack detection by a recurrent neural network model. Besides, different training/testing ratios (60/40-70/30) are chosen for comparison of GRU-GBM accuracy. The proposed combined model achieved 76.61% and 93.65% overall accuracy in multi-class experiments conducted with the UNSW-NB15 and LITNET-2020 datasets, respectively. Lastly, the GRU-GBM model is compared to other machine learning models. The overall accuracy result is tested with a non-parametric Friedman test to determine the significance of the results. The test result shows that there is enough evidence that the accuracy of the GRU-GBM classifier is statistically significant.
EXPERT SYSTEMS

Suggestions

A Deep reinforcement learning approach to network intrusion detection
Gülmez, Halim Görkem; Angın, Pelin; Department of Computer Engineering (2019)
Intrusion detection is one of the most important problems in today’s world. Every daynew attacks are being used in order to breach the security of systems and signature-based security systems fail to detect these zero-day attacks. An anomaly-basedintrusion detection system, particularly one that utilizes a machine learning approach,is needed to effectively handle these kinds of attacks. With the advancements in bigdata technologies, storing and handling data became easier, therefore big dataanalytics has be...
FSOLAP: A Fuzzy Logic-based Spatial OLAP Framework for Spatial-Temporal Analytics and Querying
Keskin, Sinan; Yazıcı, Adnan; Department of Computer Engineering (2023-1-3)
Nowadays, with the rise in sensor technology, the amount of spatial and temporal data increases day by day. Fast, effective, and accurate analysis and prediction of collected data have become more essential than ever. Spatial Online Analytical Processing (SOLAP) emerged to perform data mining on spatial and temporal data that naturally contains the hierarchical structure used in many complex applications. In addition, uncertainty and fuzziness are inherently essential elements of data in many complex data a...
Pedestrian zone anomaly detection by non-parametric temporal modelling
Gündüz, Ayşe Elvan; Taşkaya Temizel, Tuğba; Temizel, Alptekin (2014-08-29)
With the increasing focus on safety and security in public areas, anomaly detection in video surveillance systems has become increasingly more important. In this paper, we describe a method that models the temporal behavior and detects behavioral anomalies in the scene using probabilistic graphical models. The Coupled Hidden Markov Model (CHMM) method that we use shows that sparse features obtained via feature detection and description algorithms are suitable for modeling the temporal behavior patterns and ...
FSOLAP: A fuzzy logic-based spatial OLAP framework for effective predictive analytics
Keskin, Sinan; Yazıcı, Adnan (2023-03-01)
Nowadays, with the rise in sensor technology, the amount of spatial and temporal data increases day by day. Fast, effective, and accurate analysis and prediction of collected data have become more essential than ever. Spatial Online Analytical Processing (SOLAP) emerged to perform data mining on spatial and temporal data that naturally contains the hierarchical structure used in many complex applications. In addition, uncertainty and fuzziness are inherently essential elements of data in many complex data a...
Anomaly detection using sparse features and spatio-temporal hidden markov model for pedestrian zone video surveillance
Gündüz, Ayşe Elvan; Taşkaya Temizel, Tuğba; Temizel, Alptekin; Department of Information Systems (2014)
Automated analysis of crowd behavior for anomaly detection has become an important issue to ensure the safety and security of the public spaces. Public spaces have varying people density and as such, algorithms are required to work robustly in low to high density crowds. Mainly, there are two different approaches for analyzing the crowd behavior: methods based on object tracking where individuals in a crowd are tracked and holistic methods where the crowd is analyzed as a whole. In this work, the aim is to ...
Citation Formats
A. Sarikaya, B. Günel Kılıç, and M. DEMİRCİ, “GRU-GBM: A combined intrusion detection model using LightGBM and gated recurrent unit,” EXPERT SYSTEMS, pp. 0–0, 2022, Accessed: 00, 2022. [Online]. Available: https://hdl.handle.net/11511/99087.