Scopus İndeksli Yayınlar Koleksiyonu

Permanent URI for this collectionhttps://hdl.handle.net/20.500.12573/395

Browse

Filters

2018 - 201912020 - 20243

Settings

Has files: YesSubject: search.filters.subject.Anomaly Detection

Search Results

Now showing 1 - 4 of 4
  • Article
    Citation - Scopus: 6
    Network Intrusion Detection Based on Machine Learning Strategies: Performance Comparisons on Imbalanced Wired, Wireless, and Software-Defined Networking (SDN) Network Traffics
    (Turkiye Klinikleri, 2024-07-26) Hacilar, Hilal; Aydin, Zafer; Güngör, Vehbi Çağrı
    The rapid growth of computer networks emphasizes the urgency of addressing security issues. Organizations rely on network intrusion detection systems (NIDSs) to protect sensitive data from unauthorized access and theft. These systems analyze network traffic to detect suspicious activities, such as attempted breaches or cyberattacks. However, existing studies lack a thorough assessment of class imbalances and classification performance for different types of network intrusions: wired, wireless, and software-defined networking (SDN). This research aims to fill this gap by examining these networks’ imbalances, feature selection, and binary classification to enhance intrusion detection system efficiency. Various techniques such as SMOTE, ROS, ADASYN, and SMOTETomek are used to handle imbalanced datasets. Additionally, eXtreme Gradient Boosting (XGBoost) identifies key features, and an autoencoder (AE) assists in feature extraction for the classification task. The study evaluates datasets such as AWID, UNSW, and InSDN, yielding the best results with different numbers of selected features. Bayesian optimization fine-tunes parameters, and diverse machine learning algorithms (SVM, kNN, XGBoost, random forest, ensemble classifiers, and autoencoders) are employed. The optimal results, considering F1-measure, overall accuracy, detection rate, and false alarm rate, have been achieved for the UNSW-NB15, preprocessed AWID, and InSDN datasets, with values of [0.9356, 0.9289, 0.9328, 0.07597], [0.997, 0.9995, 0.9999, 0.0171], and [0.9998, 0.9996, 0.9998, 0.0012], respectively. These findings demonstrate that combining Bayesian optimization with oversampling techniques significantly enhances classification performance across wired, wireless, and SDN networks when compared to previous research conducted on these datasets. © 2024 Elsevier B.V., All rights reserved.
  • Article
    Citation - WoS: 4
    Citation - Scopus: 7
    Network Anomaly Detection Using Deep Autoencoder and Parallel Artificial Bee Colony Algorithm-Trained Neural Network
    (PeerJ Inc, 2024-10-08) Hacilar, Hilal; Dedeturk, Bilge Kagan; Bakir-Gungor, Burcu; Gungor, Vehbi Cagri
    Cyberattacks are increasingly becoming more complex, which makes intrusion detection extremely difficult. Several intrusion detection approaches have been developed in the literature and utilized to tackle computer security intrusions. Implementing machine learning and deep learning models for network intrusion detection has been a topic of active research in cybersecurity. In this study, artificial neural networks (ANNs), a type of machine learning algorithm, are employed to determine optimal network weight sets during the training phase. Conventional training algorithms, such as back- propagation, may encounter challenges in optimization due to being entrapped within local minima during the iterative optimization process; global search strategies can be slow at locating global minima, and they may suffer from a low detection rate. In the ANN training, the Artificial Bee Colony (ABC) algorithm enables the avoidance of local minimum solutions by conducting a high-performance search in the solution space but it needs some modifications. To address these challenges, this work suggests a Deep Autoencoder (DAE)-based, vectorized, and parallelized ABC algorithm for training feed-forward artificial neural networks, which is tested on the UNSW-NB15 and NF-UNSW-NB15-v2 datasets. Our experimental results demonstrate that the proposed DAE-based parallel ABC-ANN outperforms existing metaheuristics, showing notable improvements in network intrusion detection. The experimental results reveal a notable improvement in network intrusion detection through this proposed approach, exhibiting an increase in detection rate (DR) by 0.76 to 0.81 and a reduction in false alarm rate (FAR) by 0.016 to 0.005 compared to the ANN-BP algorithm on the UNSWNB15 dataset. Furthermore, there is a reduction in FAR by 0.006 to 0.0003 compared to the ANN-BP algorithm on the NF-UNSW-NB15-v2 dataset. These findings underscore the effectiveness of our proposed approach in enhancing network security against network intrusions.
  • Article
    Citation - WoS: 25
    Citation - Scopus: 41
    An Efficient Network Intrusion Detection Approach Based on Logistic Regression Model and Parallel Artificial Bee Colony Algorithm
    (Elsevier, 2024-04) Kolukisa, Burak; Dedeturk, Bilge Kagan; Hacilar, Hilal; Gungor, Vehbi Cagri
    In recent years, the widespread use of the Internet has created many issues, especially in the area of cybersecurity. It is critical to detect intrusions in network traffic, and researchers have developed network intrusion and anomaly detection systems to cope with high numbers of attacks and attack variations. In particular, machine learning and meta-heuristic methods have been widely used for network intrusion detection systems (NIDS). However, existing studies on these systems usually suffer from low performance results such as accuracy, F1-measure, false positive rate, and false negative rate, and generally do not use automatic parameter tuning techniques. To address these challenges, this study proposes a novel approach based on a logistic regression model trained using a parallel artificial bee colony (LR-ABC) algorithm with a hyper-parameter optimization technique. The performance of the proposed model is evaluated against state -of-the-art machine learning and deep learning models on two publicly available NIDS datasets. Comparative performance evaluations show that the proposed method achieved satisfactory results with accuracy of 88.25% on the UNSW-NB15 dataset and 90.11% on the NSL-KDD dataset, and F1-measures of 88.26% and 90.15%, respectively. These findings demonstrate the efficacy of the proposed LR-ABC model in enhancing the accuracy and reliability, while providing a scalable solution to adapt to the dynamic and evolving landscape of cybersecurity threats.
  • Conference Object
    Citation - Scopus: 19
    A Novel Feature Design and Stacking Approach for Non-Technical Electricity Loss Detection
    (Institute of Electrical and Electronics Engineers Inc., 2018-05) Aydin, Zafer; Güngör, Vehbi Çağrı
    Non-technical electricity losses continue to jeopardize economic and social well-being of many countries. In this work, we develop machine learning classifiers that can identify anomalous electricity consumption in Turkey. Starting from weekly electricity usage data, we develop new features that capture statistical and frequency domain characteristics of the customers and their consumption patterns. We analyze the effect of reducing number of feature descriptors through dimensionality reduction and feature selection techniques. To overcome the class imbalance problem, we implement several ensemble methods and compare their prediction accuracy to those of the standard classifiers. The proposed features and combining strengths of different classifiers bring significant improvements on performance metrics, which is demonstrated through detailed simulations on shopping mall sector. We anticipate that advances in this field will contribute to the economies considerably. © 2018 Elsevier B.V., All rights reserved.