Network intrusion detection systems (NIDSs) play an important role in computer network security. There are several detection mechanisms where anomaly-based automated detection outperforms others significantly. Amid the sophistication and growing number of attacks, dealing with large amounts of data is a recognized issue in the development of anomaly-based NIDS. However, do current models meet the needs of today's networks in terms of required accuracy and dependability? In this research, we propose a new hybrid model that combines machine learning and deep learning to increase detection rates while securing dependability. Our proposed method ensures efficient pre-processing by combining SMOTE for data balancing and XGBoost for feature selection. We compared our developed method to various machine learning and deep learning algorithms to find a more efficient algorithm to implement in the pipeline. Furthermore, we chose the most effective model for network intrusion based on a set of benchmarked performance analysis criteria. Our method produces excellent results when tested on two datasets, KDDCUP'99 and CIC-MalMem-2022, with an accuracy of 99.99% and 100% for KDDCUP'99 and CIC-MalMem-2022, respectively, and no overfitting or Type-1 and Type-2 issues.
翻译:计算机网络入侵探测系统(NIDS)在计算机网络安全中起着重要作用。有几种探测机制,以异常为基础的自动探测自动探测比其他功能大得惊人。在复杂和不断增加的攻击次数中,处理大量数据是发展以异常为基础的NIDS的一个公认问题。然而,目前的模型是否在要求准确性和可靠性方面满足当今网络的需要?在这个研究中,我们提出了一个新的混合模型,将机器学习和深层次学习结合起来,以提高探测率,同时确保高效的预处理,将SMOTE用于数据平衡和XGBosto用于特征选择。我们开发的方法与各种机器学习和深层次学习算法进行了比较,以找到在管道中执行的更有效算法。此外,我们选择了一套基准性绩效分析标准为基础的最有效的网络入侵模式。在对KDDDCCUP'99和CIC-MalMem-2022这两个数据集进行测试时,我们的方法产生优异的结果,其精准率分别为99-99 %和100%以上的KDDCUP'99和CIC-MalMem-2022型或型号。