Research

Abstract

The network security sector has observed a rise in severe attacks emanating from the darknet or encrypted networks in recent years. Network intrusion detection systems (NIDS) capable of detecting darknet or encrypted traffic must be developed to increase system security. Machine learning algorithms can effectively detect darknet activities when trained on encrypted and conventional network data. However, the performance of the system may be influenced, among other things, by the choice of machine learning models, data preparation techniques, and feature selection methodologies. The histogram-based gradient boosting strategy known as categorical boosting (CatBoost) was tested to see how well it could find darknet traffic. The performance of the model was examined using feature selection strategies such as correlation coefficient, variance threshold, SelectKBest, and recursive feature removal (RFE). Following the categorization of traffic as “darknet” or “regular”, a multi-class classification was used to determine the software application associated with the traffic. Further study was carried out on well-known machine learning methods such as random forests (RF), decision trees (DT), linear support vector classifier (SVC Linear), and long-short term memory (LST) (LSTM). The proposed model achieved good results with 98.51% binary classification accuracy and 88% multi-class classification accuracy.

Original language	en
Pages (from-to)	795-807
Publication status	Published - 2023

Access document

10.1007/978-981-99-1624-5_59

License

https://www.springernature.com/gp/researchers/text-and-data-mining

Access document

10.1007/978-981-99-1624-5_59

License

https://www.springernature.com/gp/researchers/text-and-data-mining

Q Abu Al-Haija (2022). Electronics, Vol. 11, (4), pp. 556.
https://doi.org/10.3390/electronics11040556
. .
https://doi.org/10.1109/RUSAUTOCON.2019.8867696
. .
https://doi.org/10.1007/978-981-13-1810-8_37
BS Bhati (2021). Trans Emerg Telecommun Technol, Vol. 32, (6).
Bhati BS, Chugh G, Al-Turjman F, Bhati NS (2021) An improved ensemble based intrusion detection technique using XGBOOST. Trans Emerg Telecommun Technol 32(6):e4076
. .
https://doi.org/10.1145/3487923.3487938
. .
Chindove H, Brown D (2021) Adaptive network intrusion detection using optimised machine learning models. In: Southern Africa telecommunication networks and applications conference, pp 1–6
. .
https://doi.org/10.1007/978-981-16-3071-2_20
. .
https://doi.org/10.1145/3442520.3442521
. .
Ke G, Meng Q, Finley T, Wang T, Chen W, Ma W, Ye Q, Liu TY (2017) Lightgbm: a highly efficient gradient boosting decision tree. Adv Neural Inf Process Syst 30
H Khafajeh (2020). J Theor Appl Inf Technol, Vol. 98, (5), pp. 825.
Khafajeh H (2020) An efficient intrusion detection approach using light gradient boosting. J Theor Appl Inf Technol 98(5):825–835
. .
https://doi.org/10.1109/BigData47090.2019.9006374
. .
https://doi.org/10.1109/ACCESS.2021.3075066
. .
https://doi.org/10.1109/CICN49253.2020.9242642
MB Sarwar (2021). IEEE Access, Vol. 9, pp. 113705.
https://doi.org/10.1109/ACCESS.2021.3105000
. .
https://doi.org/10.1007/978-981-16-3728-5_13

Access document

10.1007/978-981-99-1624-5_59

License

https://www.springernature.com/gp/researchers/text-and-data-mining

About UNIMA research

Research discovery