Top

Hint

Swipe to navigate through the chapters of this book

Published in:

Read chapter Read first chapter

2020 | OriginalPaper | Chapter

On the Impact of Network Data Balancing in Cybersecurity Applications

Authors : Marek Pawlicki, Michał Choraś, Rafał Kozik, Witold Hołubowicz

Published in: Computational Science – ICCS 2020

Publisher: Springer International Publishing

Abstract

Machine learning methods are now widely used to detect a wide range of cyberattacks. Nevertheless, the commonly used algorithms come with challenges of their own - one of them lies in network dataset characteristics. The dataset should be well-balanced in terms of the number of malicious data samples vs. benign traffic samples to achieve adequate results. When the data is not balanced, numerous machine learning approaches show a tendency to classify minority class samples as majority class samples. Since usually in network traffic data there are significantly fewer malicious samples than benign samples, in this work the problem of learning from imbalanced network traffic data in the cybersecurity domain is addressed. A number of balancing approaches is evaluated along with their impact on different machine learning algorithms.

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 69.000 Bücher
über 500 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 50.000 Bücher
über 380 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 58.000 Bücher
über 300 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

inform now

previous chapter Fingerprinting of URL Logs: Continuous User Authentication from Behavioural Patterns

next chapter Pattern Recognition Model to Aid the Optimization of Dynamic Spectrally-Spatially Flexible Optical Networks

Parekh, G., et al.: Identifying core concepts of cybersecurity: results of two Delphi processes. IEEE Trans. Educ. 61(1), 11–20 (2018) MathSciNetCrossRef

Tabasum, A., Safi, Z., AlKhater, W., Shikfa, A.: Cybersecurity issues in implanted medical devices. In: International Conference on Computer and Applications (ICCA), pp. 1–9, August 2018

Bastos, D., Shackleton, M., El-Moussa, F.: Internet of things: a survey of technologies and security risks in smart home and city environments. In: Living in the Internet of Things: Cybersecurity of the IoT - 2018, pp. 1–7 (2018)

Kozik, R., Choraś, M., Ficco, M., Palmieri, F.: A scalable distributed machine learning approach for attack detection in edge computing environments. J. Parallel Distrib. Comput. 119, 18–26 (2018) CrossRef

Sewak, M., Sahay, S.K., Rathore, H.: Comparison of deep learning and the classical machine learning algorithm for the malware detection. In: 19th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), pp. 293–296, June 2018

Choraś, M., Kozik, R.: Machine learning techniques applied to detect cyber attacks on web applications. Logic J. IGPL 23(1), 45–56 (2015) MathSciNetCrossRef

Özkan, K., Işı, Ş., Kartal, Y.: Evaluation of convolutional neural network features for malware detection. In: 6th International Symposium on Digital Forensic and Security (ISDFS), pp. 1–5, March 2018

Nguyen, K.D.T., Tuan, T.M., Le, S.H., Viet, A.P., Ogawa, M., Minh, N.L.: Comparison of three deep learning-based approaches for IoT malware detection. In: 10th International Conference on Knowledge and Systems Engineering (KSE), pp. 382–388, November 2018

Wang, Y., Shen, Y., Zhang, G.: Research on intrusion detection model using ensemble learning methods. In: 7th IEEE International Conference on Software Engineering and Service Science (ICSESS), pp. 422–425, August 2016

10.

Gautam, R.K.S., Doegar, E.A.: An ensemble approach for intrusion detection system using machine learning algorithms. In: 8th International Conference on Cloud Computing, Data Science Engineering (Confluence), pp. 14–15, January 2018

11.

Kunal, Dua, M.: Machine learning approach to IDS: a comprehensive review. In: 3rd International conference on Electronics, Communication and Aerospace Technology (ICECA), pp. 117–121, June 2019

12.

Skansi, S.: Introduction to Deep Learning. UTCS. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-73004-2 CrossRefMATH

13.

Sonawane, H.A., Pattewar, T.M.: A comparative performance evaluation of intrusion detection based on neural network and PCA. In: International Conference on Communications and Signal Processing (ICCSP), pp. 0841–0845, April 2015

14.

Breiman, L.: Random forests. Mach. Learn. 45(1), 5–32 (2001) CrossRef

15.

Maimon, O., Rokach, L.: Data Mining and Knowledge Discovery Handbook, 2nd edn. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-09823-4 CrossRefMATH

16.

Kozik, R., Choraś, M.: Solution to data imbalance problem in application layer anomaly detection systems. In: Martínez-Álvarez, F., Troncoso, A., Quintián, H., Corchado, E. (eds.) HAIS 2016. LNCS (LNAI), vol. 9648, pp. 441–450. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-32034-2_37 CrossRef

17.

Zhang, J., Mani, I.: KNN approach to unbalanced data distributions: a case study involving information extraction. In: Proceedings of the ICML 2003 Workshop on Learning from Imbalanced Datasets (2003)

18.

Tomek, I.: Two modifications of CNN. IEEE Trans. Syst. Man Cybern. SMC 6(11), 769–772 (1976) MathSciNetMATH

19.

Han, H., Wang, W.-Y., Mao, B.-H.: Borderline-SMOTE: a new over-sampling method in imbalanced data sets learning. In: Huang, D.-S., Zhang, X.-P., Huang, G.-B. (eds.) ICIC 2005. LNCS, vol. 3644, pp. 878–887. Springer, Heidelberg (2005). https://doi.org/10.1007/11538059_91 CrossRef

20.

Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, pp. 108–116. INSTICC, SciTePress (2018)

21.

Brodersen, K.H., Ong, C.S., Stephan, K.E., Buhmann, J.M.: The balanced accuracy and its posterior distribution. In: 20th International Conference on Pattern Recognition, pp. 3121–3124 (2010)

Title: On the Impact of Network Data Balancing in Cybersecurity Applications
Authors: Marek Pawlicki
Michał Choraś
Rafał Kozik
Witold Hołubowicz
Publisher: Springer International Publishing
Book: Computational Science – ICCS 2020
Print ISBN: 978-3-030-50422-9

Electronic ISBN: 978-3-030-50423-6

Copyright Year: 2020
DOI: https://doi.org/10.1007/978-3-030-50423-6_15

Springer Professional

Hint

Swipe to navigate through the chapters of this book

Abstract

Please log in to get access to this content

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"