Summary
Asia-Pacific Network Operations and Management Symposium
2022
Session Number:PS4
Session:
Number:PS4-15
Experimental Comparison of Hybrid Sampling Methods for an Efficient NIDS
Beom-Su Lee, Jong-Wouk Kim, Mi-Jung Choi,
pp.-
Publication Date:2022/09/28
Online ISSN:2188-5079
PDF download
Summary:
The recent tremendous development of the Internet and network technology has made our lives more convenient. However, problems such as cyberattacks and privacy concerns are also emerging. Cyberattacks such as DDoS, flooding attacks, and zero-day attacks are causing economic damage not only to enterprises and organizations but also to many users. Therefore, the importance of cyber security is increasing, and various devices are used to provide network security functions. The most representative network security device, the Network Intrusion Detection System (NIDS), analyzes the existing public dataset and applies it to intrusion detection. However, most public datasets for network security are unbalanced data with more benign data than malicious data. In order to design an effective NIDS, it is necessary to solve such data imbalance, and various sampling techniques are applied to solve the data imbalance problem. In this paper, a hybrid sampling method that combines undersampling and oversampling is applied to solve the data imbalance problem. Each sampling method generates sampled data and transforms each data into grayscale images to train a CNN-based detection model. As a result of the experiment, the hybrid sampling method outperforms the oversampling method. In particular, OSS-BSMOTE achieved the highest performance of 94.58% accuracy and 94.58% F1-Score (micro), and 91.36% F1-Score (macro).