TY - GEN
T1 - Machine Learning Techniques Applied to Intrusion Detection Systems
AU - Lara, Gabriel
AU - Flores-Moyano, Ricardo
AU - Baldeon-Calisto, Maria
AU - Riofrío, Daniel
AU - Pérez-Pérez, Noel
AU - Benítez, Diego
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - As cyber threats continue to evolve, the necessity of Intrusion Detection Systems (IDS) to protect sensitive information has become increasingly apparent. To address the limitations of conventional signature-based IDS, machine learning-based approaches have been proposed. However, the dearth of up-to-date network datasets impedes the advancement of these innovative methods. Furthermore, robust and reproducible results are required to ensure that the performance of ML models is not merely a product of randomness but a reflection of genuine and reliable capabilities. In this context, this paper presents a comprehensive evaluation of standalone and hybrid machine learning algorithms aimed at improving the differentiation between normal and malicious traffic. The hybrid model combines rule-based filtering with machine learning-based evaluation. A set of predefined rules is first applied to filter the dataset, and then the ML algorithms focus on the most relevant data, thus improving the efficiency in detecting previously unseen threats and reducing computational complexity. This approach is designed to improve detection accuracy while maintaining a low false positive rate, addressing both precision and operational efficiency in real-world scenarios.
AB - As cyber threats continue to evolve, the necessity of Intrusion Detection Systems (IDS) to protect sensitive information has become increasingly apparent. To address the limitations of conventional signature-based IDS, machine learning-based approaches have been proposed. However, the dearth of up-to-date network datasets impedes the advancement of these innovative methods. Furthermore, robust and reproducible results are required to ensure that the performance of ML models is not merely a product of randomness but a reflection of genuine and reliable capabilities. In this context, this paper presents a comprehensive evaluation of standalone and hybrid machine learning algorithms aimed at improving the differentiation between normal and malicious traffic. The hybrid model combines rule-based filtering with machine learning-based evaluation. A set of predefined rules is first applied to filter the dataset, and then the ML algorithms focus on the most relevant data, thus improving the efficiency in detecting previously unseen threats and reducing computational complexity. This approach is designed to improve detection accuracy while maintaining a low false positive rate, addressing both precision and operational efficiency in real-world scenarios.
KW - Machine learning
KW - cross-validation
KW - hybrid model
KW - intrusion detection systems
KW - statistical test
UR - https://www.scopus.com/pages/publications/85211811438
U2 - 10.1109/ETCM63562.2024.10746020
DO - 10.1109/ETCM63562.2024.10746020
M3 - Contribución a la conferencia
AN - SCOPUS:85211811438
T3 - ETCM 2024 - 8th Ecuador Technical Chapters Meeting
BT - ETCM 2024 - 8th Ecuador Technical Chapters Meeting
A2 - Rivas-Lalaleo, David
A2 - Maita, Soraya Lucia Sinche
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 8th IEEE Ecuador Technical Chapters Meeting, ETCM 2024
Y2 - 15 October 2024 through 18 October 2024
ER -