Stacknet Based Decision Fusion Classifier for Network Intrusion Detection
Network intrusion is a subject of great concern to a variety of stakeholders. Decision fusion (ensemble) models that combine several base learners have been widely used to enhance detection rate of unauthorised network intrusion. However, the design of such an optimal decision fusion classifier is a challenging and open problem. The Matthews Correlation Coefficient (MCC) is an effective measure for detecting associations between variables in many fields; however, very few studies have applied it in selecting weak learners to the best of the authors’ knowledge. In this paper, we propose a decision fusion model with correlation-based MCC weak learner selection technique to augment the classification performance of the decision fusion model under a StackNet strategy. Specifically, the proposed model sought to improve the association between the prediction accuracy and diversity of base classifiers. We compare our proposed model with five other ensemble models, a deep neural model and two stand-alone state-of-the-art classifiers commonly used in network intrusion detection based on accuracy, the Area Under Curve (AUC), recall, precision, F1-score and Kappa evaluation metrics. The experimental results using benchmark dataset KDDcup99 from Kaggle shows that the proposed model has a identified unauthorised network traffic at 99.8% accuracy, Extreme Gradient Boosting (Xgboost) (97.61%), Catboost (97.49%), Light Gradient Boosting Machine (LightGBM) (98.3%), Multilayer Perceptron (MLP) (97.7%), Random Forest (RF) (97.97%), Extra Trees Classifier (ET) (95.82%), Different decision (DT) (96.95%) and, K-Nearest Neighbor (KNN) (95.56), indicating that it is a more efficient and better intrusion detection system.
[1] Ajdani M. and Ghaffary H., “Design Network Intrusion Detection System Using Support Vector Machine,” International Journal of Communication Systems, vol. 34, no. 3, pp. e4689, 2021.
[2] Autee P., Bagwe S., Shah V., and Srivastava K., “StackNet-DenVIS: a Multilayer Perceptron Stacked Ensembling Approach for COVID-19 Detection Using X-ray Images,” Physical and Engineering Sciences in Medicine, vol. 43, no. 4, pp. 1399-1414, 2020.
[3] Bhavani T., Rao M., and Reddy A., “Network Intrusion Detection System Using Random Forest 488 The International Arab Journal of Information Technology, Vol. 19, No. 3A, Special Issue 2022 and Decision Tree Machine Learning Techniques,” in Proceeding of the Advances in Intelligent Systems and Computing, pp. 637-643, 2020.
[4] Buil-Gil D., Miró-Llinares F., Moneva A., Kemp S., and Díaz-Castaño N., “Cybercrime And Shifts in Opportunities During COVID-19: A Preliminary Analysis in The UK,” European Societies, vol. 23, pp. S47-S59, 2021.
[5] Devarajan R. and Rao P., “An Efficient Intrusion Detection System by Using Behaviour Profiling and Statistical Approach Model,” The International Arab Journal of Information Technology, vol. 18, no. 1, pp. 114-124, 2021.
[6] Elmasry W., Akbulut A., and Zaim A., “Evolving Deep Learning Architectures for Network Intrusion Detection Using A Double PSO Metaheuristic,” Computer Networks, vol. 168, pp. 107042, 2020.
[7] Ferrag M., Maglaras L., Ahmim A., Derdour M., and Janicke H., “RDTIDS: Rules and Decision Tree-Based Intrusion Detection System for Internet-of-Things Networks,” Future Internet, vol. 12, no. 3, pp. 44, 2020.
[8] Fitni Q. Ramli K., “Implementation of Ensemble Learning and Feature Selection for Performance Improvements in Anomaly-Based Intrusion Detection Systems,” in Proceeding of the IEEE International Conference on Industry 4.0, Artificial Intelligence, and Communications Technology, Bali, pp. 118-124, 2020.
[9] Gamage S. and Samarabandu J., “Deep learning Methods in Network Intrusion Detection: A Survey and an Objective Comparison,” Journal of Network and Computer Applications, vol. 169, pp. 102767, 2020.
[10] Hawdon J., Parti K., and Dearden T., “Cybercrime in America amid COVID-19: the Initial Results from a Natural Experiment American,” Journal of Criminal Justice, vol. 45, no. 4, pp. 546-562, 2020.
[11] Hnaif A., Jaber K., Alia M., and Daghbosheh M., “Parallel Scalable Approximate Matching Algorithm for Network Intrusion Detection Systems the International Arab,” Journal of Information Technology, vol. 18, no. 1, pp. 77-84, 2021.
[12] Injadat M., Moubayed A., Nassif A., and Shami A., “Multi-Stage Optimized Machine Learning Framework for Network Intrusion Detection,” IEEE Transactions on Network and Service Management, vol. 18, no. 2, pp. 1803-1816, 2021.
[13] Jiang K., Wang W., Wang A., and Wu H., “Network Intrusion Detection Combined Hybrid Sampling with Deep Hierarchical Network,” IEEE Access, vol. 8, pp. 32464-32476, 2020.
[14] Khan S., Loo K., and Din Z., “Framework for Intrusion Detection in IEEE 802.11 Wireless Mesh Networks,” The International Arab Journal of Information Technology, vol. 7, no. 4, pp. 435- 440, 2010.
[15] Kilincer I., Ertam F., and Sengur A., “Machine Learning Methods for Cyber Security Intrusion Detection: Datasets and Comparative Study,” Computer Networks, vol. 188, pp. 107840, 2021.
[16] Krishnaveni S., Vigneshwar P., Kishore S., Jothi B., and Sivamohan S., “Anomaly-Based Intrusion Detection System Using Support Vector Machine,” Artificial Intelligence and Evolutionary Computations in Engineering System, pp. 723-731, 2020.
[17] Mahfouz A., Abuhussein A., Venugopal D., and Shiva S., “Network Intrusion Detection Model Using One-Class Support Vector Machine,” Advances in Machine Learning and Computational Intelligence, pp. 79-86, 2021.
[18] Malik A. and Khan F., “A Hybrid Technique Using Binary Particle Swarm Optimisation and Decision Tree Pruning for Network Intrusion Detection,” Cluster Computer, vol. 21, no. 1, pp. 667-680, 2018.
[19] Michailidis M., “StackNet, Meta Modelling Framework,” https://github.com/ kaz- Anova/StackNet, Last Visited, 2022.
[20] Aljanabi M. and Ismail M., “Improved Intrusion Detection Algorithm Based on TLBO and GA Algorithms,” The International Arab Journal of Information Technology, vol. 18, no. 2, pp. 170- 179, 2021.
[21] Nti I., Adekoya A., and Weyori B., “A Comprehensive Evaluation of Ensemble Learning for Stock-Market Prediction,” Journal of Big Data, vol. 7, no. 1, pp. 1-40, 2020.
[22] Nti I., Nyarko-Boateng O., Adekoya A., and Arjun R., “Network Intrusion Detection with StackNet: A Phi Coefficient Based Weak Learner Selection Approach,” in Proceeding of the 22nd International Arab Conference on Information Technology, Abu Dhabi, pp. 10-11, 2021.
[23] Pawlicki M., ChoraĆ M., and Kozik R., “Defending Network Intrusion Detection Systems against Adversarial Evasion Attacks,” Future Generation Computer Systems, vol. 110, pp. 148- 154, 2020.
[24] Rajagopal S., Kundapur P., and Hareesha K., “A Stacking Ensemble for Network Intrusion Detection Using Heterogeneous Datasets,” Security and Communication Networks, vol. 2020, pp. 1-9, 2020.
[25] Relan N. and Patil D., “Implementation of Network Intrusion Detection System Using Variant Of Decision Tree Algorithm,” in Proceeding of the International Conference on Stacknet Based Decision Fusion Classifier for Network Intrusion Detection 489 Nascent Technologies in the Engineering Field, Navi Mumbai, pp. 1-5, 2015.
[26] Sahu S. and Mehtre B., “Network Intrusion Detection System Using J48 Decision Tree,” in Proceeding of the International Conference on Advances in Computing, Communications and Informatics, Kochi, pp. 2023-2026, 2015.
[27] Salo F., Injadat M., Nassif A., and Essex A., “Data Mining with Big Data in Intrusion Detection Systems: A Systematic Literature Review,” arXiv preprint arXiv: 2005.12267, 2020.
[28] Salo F., Injadat M., Nassif A., Shami A., and Essex A., “Data Mining Techniques in Intrusion Detection Systems: A Systematic Literature Review,” IEEE Access, vol. 6, pp. 56046-56058, 2018.
[29] Senthilnayaki B., Venkatalakshmi K., and Kannan A., “Intrusion Detection System Using Fuzzy Rough Set Feature Selection and Modified KNN Classifier,” The International Arab Journal of Information Technology, vol. 16, no. 4, pp. 746- 753, 2019.
[30] Shah S., Muhuri P., Yuan X., and Roy K., Chatterjee P., “Implementing a Network Intrusion Detection System Using Semi-Supervised Support Vector Machine and Random Forest,” in Proceedings of the 2021 ACM Southeast Conference, pp. 180-184, New York, 2021.
[31] Singh J., Kaur L., and Gupta S., “A Cross-Layer Based Intrusion Detection Technique for Wireless Networks,” The International Arab Journal of Information Technology, vol. 9, no. 3, pp. 201- 207, 2012.
[32] Sornsuwit P. and Jaiyen S., “A New Hybrid Machine Learning for Cybersecurity Threat Detection Based on Adaptive Boosting,” Applied Artificial Intelligence, vol. 33, no. 5, pp. 462-482, 2019.
[33] Sornsuwit P. and Jaiyen S., “Intrusion Detection Model Based On Ensemble Learning for U2R and R2L Attacks,” in Proceeding of the 7th International Conference on Information Technology and Electrical Engineering, Chiang Mai, pp. 354-359, 2015.
[34] Su T., Sun H., Zhu J., Wang S., and Li Y., “BAT: Deep Learning Methods on Network Intrusion Detection Using NSL-KDD Dataset,” IEEE Access, vol. 8, pp. 29575-29585, 2020.
[35] Tabash M., Allah M., and Tawfik B., “Intrusion Detection Model Using Naive Bayes And Deep Learning Technique,” The International Arab Journal of Information Technology, vol. 17, no. 2, pp. 215-224, 2020.
[36] Tama B. and Lim S., “Ensemble learning for Intrusion Detection Systems: A Systematic Mapping Study and Cross-Benchmark Evaluation,” Computer Science Review, vol. 39, pp. 100357, 2021.
[37] Tian J. and Gao M., “Network Intrusion Detection Method Based on High Speed and Precise Genetic Algorithm Neural Network,” in Proceeding of the International Conference on Networks Security, Wireless Communications and Trusted Computing, Wuhan, pp. 619-622, 2009.
[38] Vinayakumar R., Soman K., and Poornachandran P., “Applying Convolutional Neural Network For Network Intrusion Detection,” in Proceeding of the International Conference on Advances in Computing, Communications and Informatics, Manipal, pp. 1222-1228, 2017.
[39] Wang Y., Shen Y., and Zhang G., “Research on Intrusion Detection Model Using Ensemble learning Methods,” in Proceeding of the 7th IEEE International Conference on Software Engineering and service science, pp. 422-425, 2016.
[40] Wazirali R., “An Improved Intrusion Detection System Based on KNN Hyperparameter Tuning and Cross-Validation,” Arabian Journal for Science and Engineering, vol. 45, no. 12, pp. 10859-10873, 2020.
[41] Wolpert D., “Stacked Generalisation,” Neural Networks, vol. 5, no. 2, pp. 241-259, 1992.