Komparasi Performa Tree-Based Classifier Untuk Deteksi Anomali Pada Data Berdimensi Tinggi dan Tidak Seimbang

Authors

  • Kurniabudi Kurniabudi Universitas Dinamika Bangsa, Jambi
  • Abdul Harris Universitas Dinamika Bangsa, Jambi
  • Veronica Veronica Universitas Dinamika Bangsa, Jambi

DOI:

https://doi.org/10.30865/mib.v6i1.3473

Keywords:

Anomaly Detection, Feature Selection, CICIDS-2017, Chi-Square, Tree-Based Classifier

Abstract

Anomaly detection is one solution to overcome the issue of data network traffic security, but is faced with the challenge of high data dimensionality and imbalanced data. High-dimensional and imbalanced data can affect the performance of the detection system. Therefore we need a feature selection technique that can reduce the dimensionality of the data by eliminating irrelevant features. In addition, the selected features need to be validated with the right classification algorithm to produce high anomaly detection performance. The purpose of this study is to produce a combination of feature selection techniques and appropriate classification algorithms to produce a system that is able to detect attacks on high-dimensional and imbalanced data. Chi-square feature selection technique was used to eliminate irrelevant features. To determine the ideal classification algorithm, in this study, a comparison of the performance of the tree-based classifer algorithm was carried out. This study also examines the performance of classification techniques in detecting traffic on high-dimensional and unbalanced data. Several Tree-based classification algorithms such as REPTree, J48, Random Tree and Random Forest were tested and compared. Testing with the best performance as a recommendation for the ideal combination of feature selection techniques and classification algorithms. This research produces an anomaly detection system that has high performance. For experimental data, the CICIDS-2017 dataset is used, which has high data dimensionality and contains unbalanced data. The test results show that Random Tree has an accuracy of 99.983% and Random Forest 99.984%.

References

S. Sahu and B. M. Mehtre, “Network intrusion detection system using J48 Decision Tree,†2015 Int. Conf. Adv. Comput. Commun. Informatics, ICACCI 2015, pp. 2023–2026, 2015.

N. Farnaaz and M. A. Jabbar, “Random Forest Modeling for Network Intrusion Detection System,†Procedia Comput. Sci., vol. 89, pp. 213–217, 2016.

T. Ait Tchakoucht and M. Ezziyyani, “Building a fast intrusion detection system for high-speed-networks: Probe and dos attacks detection,†Procedia Comput. Sci., vol. 127, pp. 521–530, 2018.

A. Abd and A. Hadi, “Performance Analysis of Big Data Intrusion Detection System over Random Forest Algorithm,†Int. J. Appl. Eng. Res., vol. 13, no. 2, pp. 1520–1527, 2018.

T. Garg and S. S. Khurana, “Comparison of classification techniques for intrusion detection dataset using WEKA,†Int. Conf. Recent Adv. Innov. Eng. ICRAIE 2014, 2014.

I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterization,†ICISSP 2018 - Proc. 4th Int. Conf. Inf. Syst. Secur. Priv., vol. 2018-Janua, no. Cic, pp. 108–116, 2018.

R. Panigrahi and S. Borah, “A detailed analysis of CICIDS2017 dataset for designing Intrusion Detection Systems,†Int. J. Eng. Technol., vol. 7, no. 3.24 Special Issue 24, pp. 479–482, 2018.

D. Summeet and D. Xian, Data Mining and Machine Learning in Cybersecurity. CRC Press, 2011.

Downloads

Published

2022-01-25

Issue

Vol. 6 No. 1 (2022): Januari 2022

Section

Articles

License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under Creative Commons Attribution 4.0 International License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (Refer to The Effect of Open Access).