A New Hybrid Machine Learning for Cybersecurity Threat Detection Based on Adaptive Boosting

• Published in: Applied artificial intelligence Vol. 33; no. 5; pp. 462 - 482
• Main Authors: Sornsuwit, Ployphan, Jaiyen, Saichon
• Format: Journal Article
• Language: English
• Published: Philadelphia Taylor & Francis 16.04.2019; Taylor & Francis Ltd; Taylor & Francis Group
• Subjects: Algorithms; Artificial intelligence; Classifiers; Communications traffic; Cybersecurity; Datasets; Intrusion detection systems; Machine learning; Phishing; Websites; Weight
• ISSN: 0883-9514; 1087-6545
• DOI: 10.1080/08839514.2019.1582861

A hybrid machine learning is a combination of multiple types of machine learning algorithms for improving the performance of single classifiers. Currently, cyber intrusion detection systems require high-performance methods for classifications because attackers can develop invasive methods and evade the detection tools. In this paper, the cyber intrusion detection architecture based on new hybrid machine learning is proposed for multiple cyber intrusion detection. In addition, the correlation-based feature selection is adopted for reducing the irrelevant features and the weight vote of adaptive boosting that is adopted to combine multiple classifiers is concentrated. In the experiments, UNB-CICT or network traffic dataset is used for evaluating the performance of the proposed method. The results show that the proposed method can achieve higher efficiency in every attack type detection. Furthermore, the experiments with Phishing website dataset UNSW-NB 15 dataset NSL-KDD dataset and KDD Cup'99 dataset are also conducted, and the results show that the proposed method can produce higher efficiency as well.