Ensemble Learning for Network Intrusion Detection Based on Correlation and Embedded Feature Selection Techniques

Computers, Journal Year: 2025, Volume and Issue: 14(3), P. 82 - 82

Published: Feb. 25, 2025

Recent advancements across various sectors have resulted in a significant increase the utilization of smart gadgets. This augmentation has an expansion network and devices linked to it. Nevertheless, development concurrently rise policy infractions impacting information security. Finding intruders immediately is critical component maintaining The intrusion detection system useful for security because it can quickly identify threats give alarms. In this paper, new approach was proposed. Combining results machine learning models like random forest, decision tree, k-nearest neighbors, XGBoost with logistic regression as meta-model what method based on. For feature selection technique, proposed creates advanced that combines correlation-based embedded technique on XGBoost. handling challenge imbalanced dataset, SMOTE-TOMEK used. suggested algorithm tested NSL-KDD CIC-IDS datasets. It shows high performance accuracy 99.99% both These prove effectiveness approach.

Language: Английский

---

Universal attention guided adversarial defense using feature pyramid and non-local mechanisms

Scientific Reports, Journal Year: 2025, Volume and Issue: 15(1)

Published: Feb. 12, 2025

Deep Neural Networks (DNNs) have been shown to be vulnerable adversarial examples, significantly hindering the development of deep learning technologies in high-security domains. A key challenge is that current defense methods often lack universality, as they are effective only against certain types attacks. This study addresses this by focusing on analyzing examples through changes model attention, and classifying attack algorithms into attention-shifting attention-attenuation categories. Our main novelty lies proposing two modules: Feature Pyramid-based Attention Space-guided (FPAS) module counter attacks, Attention-based Non-Local (ANL) mitigate These modules enhance model's capability with minimal intrusion original model. By integrating FPAS ANL Wide-ResNet within a boosting framework, we demonstrate their synergistic capability. Even when embedded patches, our models showed significant improvements over baseline, enhancing average rate 5.47% 7.74%, respectively. Extensive experiments confirm universal strategy offers comprehensive protection attacks at lower implementation cost compared mainstream methods, also adaptable for integration existing strategies further robustness.

Language: Английский

---

Improved density peak clustering with a flexible manifold distance and natural nearest neighbors for network intrusion detection

Scientific Reports, Journal Year: 2025, Volume and Issue: 15(1)

Published: March 12, 2025

Recently, density peak clustering (DPC) has gained attention for its ability to intuitively determine the number of classes, identify arbitrarily shaped clusters, and automatically detect exclude anomalies. However, DPC faces challenges as it considers only global distribution, resulting in difficulties with group density, point allocation strategy may lead a domino effect. To expand scope DPC, this paper introduces algorithm based on manifold distance natural nearest neighbors (DPC-MDNN). This approach establishes neighbor relationships representative points using local distribution segmentation. In addition, an assignment representatives candidates is adopted, reducing effect through microcluster merging. Extensive comparisons five competing methods across artificial real datasets demonstrate that DPC-MDNN can more accurately centers achieve better results. Furthermore, application experiments three subdatasets confirm enhances accuracy network intrusion detection high practicality.

Language: Английский

---

Enhancing malware detection with feature selection and scaling techniques using machine learning models

Scientific Reports, Journal Year: 2025, Volume and Issue: 15(1)

Published: March 17, 2025

Abstract The increasing prevalence of malware presents a critical challenge to cybersecurity, emphasizing the need for robust detection methods. This study uses binary tabular classification dataset evaluate impact feature selection, scaling, and machine learning (ML) models on detection. methodology involves experimenting with three scaling techniques (no normalization, min-max scaling), selection methods Linear Discriminant Analysis (LDA), Principal Component (PCA)), twelve ML models, including traditional algorithms ensemble A publicly available 11,598 samples 139 features is utilized, model performance assessed using metrics such as accuracy, precision, recall, F1-score, AUC-ROC. Results reveal that Light Gradient Boosting Machine (LGBM) achieves highest accuracy 97.16% when PCA either or normalization are applied. Additionally, consistently outperform demonstrating their effectiveness in enhancing These findings offer valuable insights into optimizing preprocessing strategies developing reliable efficient systems.

Language: Английский

---

AI driven IOMT security framework for advanced malware and ransomware detection in SDN

Journal of Cloud Computing Advances Systems and Applications, Journal Year: 2025, Volume and Issue: 14(1)

Published: April 1, 2025

Language: Английский

---

A Hybrid Federated Learning Framework for Privacy-Preserving Near-Real-Time Intrusion Detection in IoT Environments

Electronics, Journal Year: 2025, Volume and Issue: 14(7), P. 1430 - 1430

Published: April 2, 2025

The proliferation of Internet Things (IoT) devices has introduced significant challenges in cybersecurity, particularly the realm intrusion detection. While effective, traditional centralized machine learning approaches often compromise data privacy and scalability due to need for aggregation. In this study, we propose a federated framework near-real-time detection IoT environments. Federated enables decentralized model training across multiple without exchanging raw data, thereby preserving reducing communication overhead. Our approach builds upon previously proposed hybrid model, which combines deployed on with second-level cloud-based analysis. This previous work required all be passed cloud aggregate form, limiting security. We extend incorporate learning, allowing distributed while maintaining high accuracy privacy. evaluate performance our federated-learning-based against focusing retention, efficiency, preservation. experiments utilize actual attack partitioned nodes. results demonstrate that not only offers advantages terms but also retains competitive accuracy. paper explores integration infrastructure, leveraging platforms such as Databricks Google Cloud Storage. discuss benefits implementing environment, including use Apache Spark MLlib scalable training. show algorithms used maintain an excellent identification (98% logistic R=regression, 97% SVM, 100% Random Forest). report very short time (less than 11 s single machine). low application is confirmed (0.16 over 1,697,851 packets). findings highlight potential viable solution enhancing cybersecurity ecosystems, paving way further research privacy-preserving techniques.

Language: Английский

---

An Edge-Computing-Based Integrated Framework for Network Traffic Analysis and Intrusion Detection to Enhance Cyber–Physical System Security in Industrial IoT

Sensors, Journal Year: 2025, Volume and Issue: 25(8), P. 2395 - 2395

Published: April 10, 2025

Industrial Internet of things (IIoT) environments need to implement reliable security measures because the growth in network traffic and overall connectivity. Accordingly, this work provides architecture analysis detection intrusions a with help edge computing using machine-learning methods. The study uses k-means DBSCAN techniques examine flow discover several groups behavior possible anomalies. An assessment two clustering methods shows that K-means achieves silhouette score 0.612, while 0.473. For intrusion detection, k-nearest neighbors (KNN), random forest (RF), logistic regression (LR) were used evaluated. revealed both KNN RF yielded seamless results terms precision, recall, F1 score, close maximum value 1.00, as demonstrated by ROC precision–recall curves. Accuracy matrices show had better precision recall for benign attacks, LR good slight fluctuations. With integration computing, framework is improved real-time data processing, which means lower latency system. This enriches knowledge IIOT offering detailed solution issue cybersecurity IoT systems, based on well-grounded performance assessments right implementation current technologies. thus support effectiveness proposed improve provide tangible improvements over approaches identifying potential threats within network.

Language: Английский

---

Assembling multipath service function chains in substrate graphs using sharing instances and deep learning

Engineering Applications of Artificial Intelligence, Journal Year: 2025, Volume and Issue: 152, P. 110900 - 110900

Published: April 16, 2025

Language: Английский

---

Enhanced anomaly network intrusion detection using an improved snow ablation optimizer with dimensionality reduction and hybrid deep learning model

Scientific Reports, Journal Year: 2025, Volume and Issue: 15(1)

Published: April 17, 2025

With the enlarged utilization of computer networks, security has become one critical issues. A network intrusion by malicious or unauthorized consumers may cause severe interruption to networks. So, progress a strong and dependable detection system (IDS) is gradually significant. Intrusion relates suite models employed recognize attacks against infrastructures computers. There are dual main models, such as misuse anomaly detection. Anomaly central part in which disruptions normal behaviour propose presence unintentionally intentionally induced attacks, defects, faults, etc. arrival anomaly-based IDS, many have progressed tracking new threats systems. Machine learning (ML) deep (DL) currently leveraged for cybersecurity. This manuscript proposes an Enhanced Detection using Optimization Algorithm with Dimensionality Reduction Hybrid Model (EAID-OADRHM) technique. The proposed EAID-OADRHM technique presents approach perceiving migrating Min-max scaling normalization primarily at data pre-processing level clean transform input into consistent range. Furthermore, utilizes equilibrium optimizer (EO) model dimensionality reduction process. Additionally, classification performed employing long short-term memory autoencoder (LSTM-AE) model. Finally, improved Snow Ablation Optimizer (ISAO) optimally tunes hyperparameters LSTM-AE model, leading enhanced performance. simulation validation examined under CIC-IDS2017 dataset, outcomes computed numerous measures. experimental assessment portrayed superior accuracy value 99.46% over existing methods

Language: Английский

---

A new intrusion detection method using ensemble classification and feature selection

Scientific Reports, Journal Year: 2025, Volume and Issue: 15(1)

Published: April 20, 2025

Intrusion Detection Systems (IDS) play a crucial role in ensuring network security by identifying and mitigating cyber threats. This study introduces hybrid intrusion detection approach that integrates Convolutional Neural Networks (CNNs) for feature extraction the Random Forest (RF) algorithm classification. The proposed method enhances accuracy leveraging CNNs to automatically extract relevant features, reducing data dimensionality noise. Subsequently, RF classifier processes these optimized features achieve robust precise To evaluate effectiveness of approach, experiments were conducted on KDD99 UNSW-NB15 datasets. results demonstrate model achieves an 97% precision over 98%, outperforming traditional machine learning-based IDS solutions. These findings highlight potential framework as scalable efficient cybersecurity solution real-world environments.

Language: Английский

---