Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
GRU-GBM: A combined intrusion detection model using LightGBM and gated recurrent unit
Date
2022-07-01
Author
Sarikaya, Alper
Günel Kılıç, Banu
DEMİRCİ, MEHMET
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
155
views
0
downloads
Cite This
Due to the increasing sophistication of cyber-attacks, intrusion detection systems need to be improved constantly. Each machine learning classifier has different advantages against intrusion detection and combining the advantages of different classifiers increases detection rates. In this study, we combine a machine learning classifier with a deep learning model to propose a new approach called GRU-GBM. The LightGBM gradient boosting machine framework is used for feature selection, and each feature in the dataset is evaluated by a second LightGBM classifier to determine the optimal feature set using a novel threshold-based approach. After the selection of the feature set, a gated recurrent unit is used for attack detection by a recurrent neural network model. Besides, different training/testing ratios (60/40-70/30) are chosen for comparison of GRU-GBM accuracy. The proposed combined model achieved 76.61% and 93.65% overall accuracy in multi-class experiments conducted with the UNSW-NB15 and LITNET-2020 datasets, respectively. Lastly, the GRU-GBM model is compared to other machine learning models. The overall accuracy result is tested with a non-parametric Friedman test to determine the significance of the results. The test result shows that there is enough evidence that the accuracy of the GRU-GBM classifier is statistically significant.
Subject Keywords
anomaly
,
gated recurrent unit
,
intrusion detection
,
LightGBM
,
LITNET-2020
,
threshold
,
UNSW-NB15
,
UNSW-NB15 DATA SET
,
NETWORK
URI
https://hdl.handle.net/11511/99087
Journal
EXPERT SYSTEMS
DOI
https://doi.org/10.1111/exsy.13067
Collections
Graduate School of Informatics, Article
Suggestions
OpenMETU
Core
A Deep reinforcement learning approach to network intrusion detection
Gülmez, Halim Görkem; Angın, Pelin; Department of Computer Engineering (2019)
Intrusion detection is one of the most important problems in today’s world. Every daynew attacks are being used in order to breach the security of systems and signature-based security systems fail to detect these zero-day attacks. An anomaly-basedintrusion detection system, particularly one that utilizes a machine learning approach,is needed to effectively handle these kinds of attacks. With the advancements in bigdata technologies, storing and handling data became easier, therefore big dataanalytics has be...
FSOLAP: A Fuzzy Logic-based Spatial OLAP Framework for Spatial-Temporal Analytics and Querying
Keskin, Sinan; Yazıcı, Adnan; Department of Computer Engineering (2023-1-3)
Nowadays, with the rise in sensor technology, the amount of spatial and temporal data increases day by day. Fast, effective, and accurate analysis and prediction of collected data have become more essential than ever. Spatial Online Analytical Processing (SOLAP) emerged to perform data mining on spatial and temporal data that naturally contains the hierarchical structure used in many complex applications. In addition, uncertainty and fuzziness are inherently essential elements of data in many complex data a...
Pedestrian zone anomaly detection by non-parametric temporal modelling
Gündüz, Ayşe Elvan; Taşkaya Temizel, Tuğba; Temizel, Alptekin (2014-08-29)
With the increasing focus on safety and security in public areas, anomaly detection in video surveillance systems has become increasingly more important. In this paper, we describe a method that models the temporal behavior and detects behavioral anomalies in the scene using probabilistic graphical models. The Coupled Hidden Markov Model (CHMM) method that we use shows that sparse features obtained via feature detection and description algorithms are suitable for modeling the temporal behavior patterns and ...
FSOLAP: A fuzzy logic-based spatial OLAP framework for effective predictive analytics
Keskin, Sinan; Yazıcı, Adnan (2023-03-01)
Nowadays, with the rise in sensor technology, the amount of spatial and temporal data increases day by day. Fast, effective, and accurate analysis and prediction of collected data have become more essential than ever. Spatial Online Analytical Processing (SOLAP) emerged to perform data mining on spatial and temporal data that naturally contains the hierarchical structure used in many complex applications. In addition, uncertainty and fuzziness are inherently essential elements of data in many complex data a...
Anomaly detection using sparse features and spatio-temporal hidden markov model for pedestrian zone video surveillance
Gündüz, Ayşe Elvan; Taşkaya Temizel, Tuğba; Temizel, Alptekin; Department of Information Systems (2014)
Automated analysis of crowd behavior for anomaly detection has become an important issue to ensure the safety and security of the public spaces. Public spaces have varying people density and as such, algorithms are required to work robustly in low to high density crowds. Mainly, there are two different approaches for analyzing the crowd behavior: methods based on object tracking where individuals in a crowd are tracked and holistic methods where the crowd is analyzed as a whole. In this work, the aim is to ...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
A. Sarikaya, B. Günel Kılıç, and M. DEMİRCİ, “GRU-GBM: A combined intrusion detection model using LightGBM and gated recurrent unit,”
EXPERT SYSTEMS
, pp. 0–0, 2022, Accessed: 00, 2022. [Online]. Available: https://hdl.handle.net/11511/99087.
