XGBoost Regression Classifier (XRC) Model for Cyber Attack Detection and Classification Using Inception V4

Authors

  • K. M. Karthick Raghunath Department of Computer Science & Engineering, MVJ College of Engineering, Bangalore, India
  • V. Vinoth Kumar Department of Computer Science and Engineering, Jain (Deemed to be University), Bangalore, India
  • Muthukumaran Venkatesan Department of Mathematics, School of Applied sciences, REVA University, Bangalore, India
  • Krishna Kant Singh Department of Computer Science and Engineering, Jain (Deemed to be University), Bangalore, India
  • T. R. Mahesh Department of Computer Science and Engineering, Jain (Deemed to be University), Bangalore, India
  • Akansha Singh School of Computer Science Engineering and Technology, Bennett University, India https://orcid.org/0000-0002-5520-8066

DOI:

https://doi.org/10.13052/jwe1540-9589.21413

Keywords:

Cybersecurity, XGBoost Regression Classifier (XRC), Inception V4, Error rate, Cyber Security

Abstract

Massive reliance on practical systems has resulted in several security concerns. The ability to identify anomalies is a critical safety feature enabled by anomaly diagnostic techniques. The construction of a data system faces a significant issue in cyber security. Because of the exploitation of valuable data, cybersecurity impacts the privacy of such data. Attack incidents must be examined using an appropriate analytics approach in elevating the safety level. Design of advanced analytical, conceptual model creation gives practical guidance and prioritizes threats/attacks across the network system. There is now substantial effectiveness in attack categorization, and evaluation through Convolution Neural Network (CNN) based classifiers. In light of the drawbacks of previous approaches, this research proposes an approach relying on the Deep Learning (DL) strategies for cyberattacks detection and categorization in the context of cyberspace incidents. Likewise, this article presents an XGBoost Regression Classifier (XRC) using Inception V4 to address those restrictions. XGBoost refers to Extreme Gradient Boosting, a decentralized gradient-boosted decision tree (GBDT) supervised learning framework that is robust and can be used in a decentralized context. XGBoost is a well-known machine learning technique because of its ability to produce outstanding accuracy. The concepts of both XGBoost and Regression classifiers are integrated and represented as a suggested hybridized classifier, which is implemented in Inception V4 to further train and test the model. The proposed XRC categorizes and forecasts several common types of network cyberattacks that includes Distributed Denial of Service (DDoS), Phishing, Cross-site Scripting (CS), Internet of Things (IoT). The sigmoidal function is used as a supportive activator to the hybridized classifier to lower the erroneous ratio and increase the effectiveness. Research shows that training and testing errors were substantially decreased when using XRC. In 9 out of 13 instances, over 97% of threats are detected by the XRC, and over 75% of threats are detected in its most challenging datasets.

Downloads

Download data is not yet available.

Author Biographies

K. M. Karthick Raghunath, Department of Computer Science & Engineering, MVJ College of Engineering, Bangalore, India

K. M. Karthick Raghunath, is an Associate Professor in the Computer Science and Engineering Department in MVJ College of Engineering, Bangalore, India. He has received his B. Tech., in Information Technology from Anna University in 2008 and M.E., in Pervasive Computing Technology from Anna University (BIT Campus) in 2011. In 2019, he completed his Ph.D. degree from Anna University, Chennai. With nearly a decade of experience in teaching, his areas of specialization include pervasive computing, Artificial Intelligence, IoT, Data Science, and WSN.

V. Vinoth Kumar, Department of Computer Science and Engineering, Jain (Deemed to be University), Bangalore, India

V. Vinoth Kumar is an Associate Professor at Department of Computer Science, JAIN (Deemed-to-be University), Bangalore, India. His current research interests include Wireless Networks, Internet of Things, machine learning and Big Data Applications. He is the author/co-author of papers in international journals and conferences including SCI indexed papers. He has published as over than 35 papers in IEEE Access, Springer, Elsevier, IGI Global, Emerald etc.. He is the Associate Editor of International Journal of e-Collaboration (IJeC), International Journal of Pervasive Computing and Communications (IJPCC) and Editorial member of various journals.

Muthukumaran Venkatesan, Department of Mathematics, School of Applied sciences, REVA University, Bangalore, India

Muthukumaran Venkatesan is working as an Assistant Professor in the Department of Mathematics, REVA University Bangalore, India. He received the B.Sc. degree in Mathematics from the Thiruvalluvar University Serkkadu, Vellore, India, in 2009, and the M. Sc. degrees in Mathematics from the Thiruvalluvar University Serkkadu, Vellore, India, in 2012. The M. Phil. Mathematics from the Thiruvalluvar University Serkkadu, Vellore, India, in 2014 and Ph.D. degrees in Mathematics from the School of Advanced Sciences, Vellore Institute of Technology, Vellore in 2019. His current research interests include Fuzzy Algebra, Fuzzy Image Processing, Data Mining, and Cryptography.

Krishna Kant Singh, Department of Computer Science and Engineering, Jain (Deemed to be University), Bangalore, India

Krishna Kant Singh is working as Professor, Faculty of Engineering & Technology, Jain (Deemed-to-be University), Bengaluru, India. He has wide teaching and research experience. Dr. Singh has acquired B.Tech, M.Tech, and Ph.D. (IIT Roorkee) in the area of image processing and Machine Learning. He has authored more than 90 research papers in Scopus and SCIE indexed journals of repute. He has also authored 25 technical books. He is also an associate editor of IEEE ACCESS (SCIE Indexed) and Guest Editor of Microprocessors and Microsystems, Wireless Personal Communications, Complex & Intelligent Systems. He is also member of Editorial board of Applied Computing and Geoscience (Elsevier). Dr. Singh is an active researcher in the field of Machine Learning, Cognitive Computing, 6G and beyond networks.

T. R. Mahesh, Department of Computer Science and Engineering, Jain (Deemed to be University), Bangalore, India

T. R. Mahesh has received Bachelor of Engineering, Master of Technology and Doctorate of Philosophy in Computer Science and Engineering and he is carrying out research in the area of Data mining, machine learning, artificial intelligence and web mining. He has more than 20 years of experience in academics and has served at various levels. He has published various papers in National and International reputed journals. Currently he is serving as Associate Professor and Program Head in the Department of Computer Science and Engineering at Faculty of Engineering and Technology, JAIN (Deemed-to-be University), Bengaluru.

Akansha Singh, School of Computer Science Engineering and Technology, Bennett University, India

Akansha Singh is working as Associate Professor in School of Computer Science and Engineering, Bennett University, Greater Noida, India. She is B.Tech, M.Tech and PhD in Computer Science. She received her PhD from IIT Roorkee in the area of image processing and machine learning. Dr. Singh has to her credit more than 70 research papers, 20 books and numerous conference papers. She has been the editor for books on emerging topics with publishers like Elsevier, Taylor and Francis, Wiley etc. Dr. Singh has served as reviewer and technical committee member for multiple conferences and journals of High Repute. She is also the Associate Editor for IEEE Access and Open Computer Science journal. Dr. Singh has also undertaken government funded project as Principal Investigator. Her research areas include image processing, remote sensing, IoT and machine learning.

References

Z. Wang, L. Chen, S. Song, P. X. Cong, and Q. Ruan, “Automatic cyber security risk assessment based on fuzzy fractional ordinary differential equations,” Alexandria Engineering Journal, vol. 59, no. 4, pp. 2725–2731, 2020.

Van Staalduinen M. A, Khan F, Gadag V and Reniers G, “Functional quantitative security risk analysis (QSRA) to assist in protecting critical process infrastructure”, Reliability Engineering & System Safety, vol. 157, pp. 23–34, 2017.

A. Tantawy, S. Abdelwahed, A. Erradi, and K. Shaban, “Model-based risk assessment for cyber physical systems security,” Computers & Security, vol. 96, p. 101864, 2020.

C. Schmitz and S. Pape, “LiSRA: Lightweight Security Risk Assessment for decision support in information security,” Computers & Security, vol. 90, pp. 101656, 2020.

Venkatachary S. K, Prasad J and Samikannu R, “Cybersecurity and cyber terrorism-in energy sector–a review”, Journal of Cyber Security Technology, vol. 2, no. 3, pp. 111–130, 2018.

Kumar V. S, Prasad J and Samikannu R, “A critical review of cyber security and cyber terrorism–threats to critical infrastructure in the energy sector”, International Journal of Critical Infrastructures, vol. 14, no. 2, pp. 101–119, 2018.

Venkatachary S. K, Prasad J and Samikannu R, “Economic impacts of cyber security in energy sector: a review”, International Journal of Energy Economics and Policy, vol. 7, no. 5, pp. 250–262, 2017.

Venkatachary S. K, Prasad J and Samikannu R, Alagappan A and Andrews L. J. B, “Cybersecurity infrastructure challenges in IoT based virtual power plants”, Journal of Statistics and Management Systems, vol. 23, no. 2, pp. 263–276, 2020.

Benaroch M, “Real options models for proactive uncertainty-reducing mitigations and applications in cybersecurity investment decision making”, Information Systems Research, vol. 29, no. 2, pp. 315–340, 2018.

A. Nhlabatsi et al., “Threat-Specific Security Risk Evaluation in the Cloud,” in IEEE Transactions on Cloud Computing, vol. 9, no. 2, pp. 793–806, 2021.

Khidzir N. Z, Daud K. A. M, Ismail A. R, Ghani M. S. A. A and Ibrahim M. A. H, “Information Security Requirement: The Relationship Between Cybersecurity Risk Confidentiality, Integrity and Availability in Digital Social Media”, Regional Conference on Science, Technology and Social Sciences (RCSTSS), pp. 229–237, 2018.

Kusyk J, Uyar M. U and Sahin C. S, “Survey on evolutionary computation methods for cybersecurity of mobile ad hoc networks”, Evolutionary Intelligence, vol. 10, no. 3, pp. 95–117, 2018.

Sampathkumar, A., and Vivekanandan, P, Gene Selection Using Parallel Lion Optimization Method in Microarray Data for Cancer Classification. Journal of Medical Imaging and Health Informatics, vol. 9, no. 6, pp. 1294–1300, 2019.

Ashibani Y and Mahmoud Q. H, “Cyber physical systems security: Analysis, challenges and solutions”, Computers & Security, vol. 68, pp. 81–97, 2017.

Sampathkumar, A., Maheswar, P& Hashvardhan, “Majority Voting based Hybrid Ensemble Classification Approach for Predicting Parking Availability in Smart City based on IoT”, 11th International Conference on Computing Communication and Networking Technologies (ICCCNT), pp. 1–8, 2020.

Abdo H, Kaouk M, Flaus J. M and Masse F, “A safety/security risk analysis approach of Industrial Control Systems: A cyber bowtie–combining new version of attack tree with bowtie analysis”, Computers & Security, vol. 72, pp. 175–195, 2018.

Urbina D. I, Giraldo J. A, Cardenas A. A, Tippenhauer N. O, Valente J, Faisal M and Sandberg H, “Limiting the impact of stealthy attacks on industrial control systems”, Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 1092–1105, 2016.

A. Gupta, A. Anpalagan, G. H. S. Carvalho, A. S. Khwaja, L. Guan, and I. Woungang, “RETRACTED: Prevailing and emerging cyber threats and security practices in IoT-Enabled smart grids: A survey,” Journal of Network and Computer Applications, vol. 132, pp. 118–148, 2019.

Januário F, Cardoso A and Gil P, “A distributed multi-agent framework for resilience enhancement in cyber-physical systems”, IEEE Access, vol. 7, pp. 31342–31357, 2019.

Durand L, “Cyber security: a risky business”, 2018. https://studenttheses.universiteitleiden.nl/access/item%3A2666281/view

Wu Z, Albalawi F, Zhang J, Zhang Z, Durand H and Christofides P. D, “Detecting and handling cyber-attacks in model predictive control of chemical processes”, Mathematics, vol. 6, no. 10, 2018.

Sándor H, Genge B, Szántó Z, Márton L and Haller P, “Cyber attack detection and mitigation: Software defined survivable industrial control systems”, International Journal of Critical Infrastructure Protection, vol. 25, pp. 152–168, 2019.

Paoletti N, Jiang Z, Islam M. A, Abbas H, Mangharam R, Lin S and Smolka S. A, “Synthesizing stealthy reprogramming attacks on cardiac devices”, Proceedings of the 10th ACM/IEEE International Conference on Cyber-Physical Systems, pp. 13–22, 2019.

Liu L, De Vel O, Han Q. L, Zhang J and Xiang Y, “Detecting and preventing cyber insider threats: A survey”, IEEE Communications Surveys & Tutorials, vol. 20, no. 2, pp. 1397–1417, 2018.

Dataset of UHN, EMBER: https://csr.lanl.gov/data/2017/

Dataset of CSE-CIC-IDS 2018, https://www.kaggle.com/solarmainframe/ids-intrusion-csv

L. Lorenzi, “Analytical Methods for Kolmogorov Equations,” Oct. 2016.

J. Milosevic, H. Sandberg, and K. H. Johansson, “Estimating the Impact of Cyber-Attack Strategies for Stochastic Networked Control Systems,” IEEE Transactions on Control of Network Systems, vol. 7, no. 2, pp. 747–757, Jun. 2020.

R. Hoffman, “The General Cyber-Attack Life Cycle And Its Continuous-Time Markov Chain Model,” Ekonomiczne Problemy Usług, vol. 131, pp. 121–130, 2018.

H. Om and T. K. Sarkar, “Designing Intrusion Detection System for Web Documents Using Neural Network,” Communications and Network, vol. 02, no. 01, pp. 54–61, 2010.

M. E. Haque and T. M. Alkharobi, “Adaptive Hybrid Model for Network Intrusion Detection and Comparison among Machine Learning Algorithms,” International Journal of Machine Learning and Computing, vol. 5, no. 1, pp. 17–23, Feb. 2015.

G. R. Kumar, N. Mangathayaru, and G. Narsimha, “An approach for intrusion detection using fuzzy feature clustering,” 2016 International Conference on Engineering & MIS (ICEMIS), Sep. 2016.

C. Liu, J. Yang, and J. Wu, “Web intrusion detection system combined with feature analysis and SVM optimization,” EURASIP Journal on Wireless Communications and Networking, vol. 2020, no. 1, Feb. 2020.

S. S. Sivatha Sindhu, S. Geetha, and A. Kannan, “Decision tree based light weight intrusion detection using a wrapper approach,” Expert Systems with Applications, vol. 39, no. 1, pp. 129–141, Jan. 2012.

T. A. Deepak, “XGBoost Classification based Network Intrusion Detection System for Big Data using PySparkling Water,” International Journal of Advanced Trends in Computer Science and Engineering, vol. 9, no. 1, pp. 377–382, Feb. 2020.

A.-C. Enache and V. Sgârciu, “Enhanced Intrusion Detection System Based on Bat Algorithm-support Vector Machine,” Proceedings of the 11th International Conference on Security and Cryptography, 2014.

Published

2022-04-20

Issue

Section

Advances in Web Data Provenance for Mitigation of Web Application Security Risks