An Isolation Forest Learning Based Outlier Detection Approach for Effectively Classifying Cyber Anomalies

Rony Chowdhury Ripan; Iqbal H. Sarker; Md Musfique Anwar; Md Hasan Furhad; Fazle Rahat; Mohammed Moshiul Hoque; Muhammad Sarfraz

doi:10.1007/978-3-030-73050-5_27

An Isolation Forest Learning Based Outlier Detection Approach for Effectively Classifying Cyber Anomalies

Rony Chowdhury Ripan, Iqbal H. Sarker^*, Md Musfique Anwar, Md Hasan Furhad, Fazle Rahat, Mohammed Moshiul Hoque, Muhammad Sarfraz

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

22 Scopus citations

Abstract

Cybersecurity has recently gained considerable interest in today’s security issues because of the popularity of the Internet-of-Things (IoT), the considerable growth of mobile networks, and many related apps. Therefore, detecting numerous cyber-attacks in a network and creating an effective intrusion detection system plays a vital role in today’s security. However, it is difficult to accurately model cyber threats since modern security databases contain large number of security features that could include Outliers. In this paper, we present an Isolation Forest Learning-Based Outlier Detection Model for effectively classifying cyber anomalies. In order to evaluate the efficacy of the resulting Outlier Detection model, we also use several conventional machine learning approaches, such as Logistic Regression (LR), Support Vector Machine (SVM), AdaBoost Classifier (ABC), Naive Bayes (NB), and K-Nearest Neighbor (KNN). The effectiveness of our propsoed Outlier Detection model is evaluated by conducting experiments on Network Intrusion Dataset with evaluation metrics such as precision, recall, F1-score, and accuracy. Experimental results show that the classification accuracy of cyber anomalies has been improved after removing outliers.

Original language	English
Title of host publication	Hybrid Intelligent Systems - 20th International Conference on Hybrid Intelligent Systems, HIS 2020
Editors	Ajith Abraham, Thomas Hanne, Oscar Castillo, Niketa Gandhi, Tatiane Nogueira Rios, Tzung-Pei Hong
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	270-279
Number of pages	10
ISBN (Print)	9783030730499
DOIs	https://doi.org/10.1007/978-3-030-73050-5_27
State	Published - 2021
Externally published	Yes

Publication series

Name	Advances in Intelligent Systems and Computing
Volume	1375 AIST
ISSN (Print)	2194-5357
ISSN (Electronic)	2194-5365

Bibliographical note

Publisher Copyright:
© 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.

Keywords

Cyber data analytics
Cybersecurity
Machine learning
Network intrusion detection system
Outlier detection

ASJC Scopus subject areas

Control and Systems Engineering
General Computer Science

Access to Document

10.1007/978-3-030-73050-5_27

Cite this

Ripan, R. C., Sarker, I. H., Anwar, M. M., Furhad, M. H., Rahat, F., Hoque, M. M., & Sarfraz, M. (2021). An Isolation Forest Learning Based Outlier Detection Approach for Effectively Classifying Cyber Anomalies. In A. Abraham, T. Hanne, O. Castillo, N. Gandhi, T. Nogueira Rios, & T.-P. Hong (Eds.), Hybrid Intelligent Systems - 20th International Conference on Hybrid Intelligent Systems, HIS 2020 (pp. 270-279). (Advances in Intelligent Systems and Computing; Vol. 1375 AIST). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-73050-5_27

Ripan, Rony Chowdhury ; Sarker, Iqbal H. ; Anwar, Md Musfique et al. / An Isolation Forest Learning Based Outlier Detection Approach for Effectively Classifying Cyber Anomalies. Hybrid Intelligent Systems - 20th International Conference on Hybrid Intelligent Systems, HIS 2020. editor / Ajith Abraham ; Thomas Hanne ; Oscar Castillo ; Niketa Gandhi ; Tatiane Nogueira Rios ; Tzung-Pei Hong. Springer Science and Business Media Deutschland GmbH, 2021. pp. 270-279 (Advances in Intelligent Systems and Computing).

@inproceedings{3540bffac0534c0ba4e3488aacc03d51,

title = "An Isolation Forest Learning Based Outlier Detection Approach for Effectively Classifying Cyber Anomalies",

abstract = "Cybersecurity has recently gained considerable interest in today{\textquoteright}s security issues because of the popularity of the Internet-of-Things (IoT), the considerable growth of mobile networks, and many related apps. Therefore, detecting numerous cyber-attacks in a network and creating an effective intrusion detection system plays a vital role in today{\textquoteright}s security. However, it is difficult to accurately model cyber threats since modern security databases contain large number of security features that could include Outliers. In this paper, we present an Isolation Forest Learning-Based Outlier Detection Model for effectively classifying cyber anomalies. In order to evaluate the efficacy of the resulting Outlier Detection model, we also use several conventional machine learning approaches, such as Logistic Regression (LR), Support Vector Machine (SVM), AdaBoost Classifier (ABC), Naive Bayes (NB), and K-Nearest Neighbor (KNN). The effectiveness of our propsoed Outlier Detection model is evaluated by conducting experiments on Network Intrusion Dataset with evaluation metrics such as precision, recall, F1-score, and accuracy. Experimental results show that the classification accuracy of cyber anomalies has been improved after removing outliers.",

keywords = "Cyber data analytics, Cybersecurity, Machine learning, Network intrusion detection system, Outlier detection",

author = "Ripan, \{Rony Chowdhury\} and Sarker, \{Iqbal H.\} and Anwar, \{Md Musfique\} and Furhad, \{Md Hasan\} and Fazle Rahat and Hoque, \{Mohammed Moshiul\} and Muhammad Sarfraz",

note = "Publisher Copyright: {\textcopyright} 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.",

year = "2021",

doi = "10.1007/978-3-030-73050-5\_27",

language = "English",

isbn = "9783030730499",

series = "Advances in Intelligent Systems and Computing",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "270--279",

editor = "Ajith Abraham and Thomas Hanne and Oscar Castillo and Niketa Gandhi and \{Nogueira Rios\}, Tatiane and Tzung-Pei Hong",

booktitle = "Hybrid Intelligent Systems - 20th International Conference on Hybrid Intelligent Systems, HIS 2020",

address = "Germany",

}

Ripan, RC, Sarker, IH, Anwar, MM, Furhad, MH, Rahat, F, Hoque, MM & Sarfraz, M 2021, An Isolation Forest Learning Based Outlier Detection Approach for Effectively Classifying Cyber Anomalies. in A Abraham, T Hanne, O Castillo, N Gandhi, T Nogueira Rios & T-P Hong (eds), Hybrid Intelligent Systems - 20th International Conference on Hybrid Intelligent Systems, HIS 2020. Advances in Intelligent Systems and Computing, vol. 1375 AIST, Springer Science and Business Media Deutschland GmbH, pp. 270-279. https://doi.org/10.1007/978-3-030-73050-5_27

An Isolation Forest Learning Based Outlier Detection Approach for Effectively Classifying Cyber Anomalies. / Ripan, Rony Chowdhury; Sarker, Iqbal H.; Anwar, Md Musfique et al.
Hybrid Intelligent Systems - 20th International Conference on Hybrid Intelligent Systems, HIS 2020. ed. / Ajith Abraham; Thomas Hanne; Oscar Castillo; Niketa Gandhi; Tatiane Nogueira Rios; Tzung-Pei Hong. Springer Science and Business Media Deutschland GmbH, 2021. p. 270-279 (Advances in Intelligent Systems and Computing; Vol. 1375 AIST).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - An Isolation Forest Learning Based Outlier Detection Approach for Effectively Classifying Cyber Anomalies

AU - Ripan, Rony Chowdhury

AU - Sarker, Iqbal H.

AU - Anwar, Md Musfique

AU - Furhad, Md Hasan

AU - Rahat, Fazle

AU - Hoque, Mohammed Moshiul

AU - Sarfraz, Muhammad

PY - 2021

Y1 - 2021

N2 - Cybersecurity has recently gained considerable interest in today’s security issues because of the popularity of the Internet-of-Things (IoT), the considerable growth of mobile networks, and many related apps. Therefore, detecting numerous cyber-attacks in a network and creating an effective intrusion detection system plays a vital role in today’s security. However, it is difficult to accurately model cyber threats since modern security databases contain large number of security features that could include Outliers. In this paper, we present an Isolation Forest Learning-Based Outlier Detection Model for effectively classifying cyber anomalies. In order to evaluate the efficacy of the resulting Outlier Detection model, we also use several conventional machine learning approaches, such as Logistic Regression (LR), Support Vector Machine (SVM), AdaBoost Classifier (ABC), Naive Bayes (NB), and K-Nearest Neighbor (KNN). The effectiveness of our propsoed Outlier Detection model is evaluated by conducting experiments on Network Intrusion Dataset with evaluation metrics such as precision, recall, F1-score, and accuracy. Experimental results show that the classification accuracy of cyber anomalies has been improved after removing outliers.

AB - Cybersecurity has recently gained considerable interest in today’s security issues because of the popularity of the Internet-of-Things (IoT), the considerable growth of mobile networks, and many related apps. Therefore, detecting numerous cyber-attacks in a network and creating an effective intrusion detection system plays a vital role in today’s security. However, it is difficult to accurately model cyber threats since modern security databases contain large number of security features that could include Outliers. In this paper, we present an Isolation Forest Learning-Based Outlier Detection Model for effectively classifying cyber anomalies. In order to evaluate the efficacy of the resulting Outlier Detection model, we also use several conventional machine learning approaches, such as Logistic Regression (LR), Support Vector Machine (SVM), AdaBoost Classifier (ABC), Naive Bayes (NB), and K-Nearest Neighbor (KNN). The effectiveness of our propsoed Outlier Detection model is evaluated by conducting experiments on Network Intrusion Dataset with evaluation metrics such as precision, recall, F1-score, and accuracy. Experimental results show that the classification accuracy of cyber anomalies has been improved after removing outliers.

KW - Cyber data analytics

KW - Cybersecurity

KW - Machine learning

KW - Network intrusion detection system

KW - Outlier detection

UR - https://www.scopus.com/pages/publications/85105960212

U2 - 10.1007/978-3-030-73050-5_27

DO - 10.1007/978-3-030-73050-5_27

M3 - Conference contribution

AN - SCOPUS:85105960212

SN - 9783030730499

T3 - Advances in Intelligent Systems and Computing

SP - 270

EP - 279

BT - Hybrid Intelligent Systems - 20th International Conference on Hybrid Intelligent Systems, HIS 2020

A2 - Abraham, Ajith

A2 - Hanne, Thomas

A2 - Castillo, Oscar

A2 - Gandhi, Niketa

A2 - Nogueira Rios, Tatiane

A2 - Hong, Tzung-Pei

PB - Springer Science and Business Media Deutschland GmbH

ER -

Ripan RC, Sarker IH, Anwar MM, Furhad MH, Rahat F, Hoque MM et al. An Isolation Forest Learning Based Outlier Detection Approach for Effectively Classifying Cyber Anomalies. In Abraham A, Hanne T, Castillo O, Gandhi N, Nogueira Rios T, Hong TP, editors, Hybrid Intelligent Systems - 20th International Conference on Hybrid Intelligent Systems, HIS 2020. Springer Science and Business Media Deutschland GmbH. 2021. p. 270-279. (Advances in Intelligent Systems and Computing). doi: 10.1007/978-3-030-73050-5_27

An Isolation Forest Learning Based Outlier Detection Approach for Effectively Classifying Cyber Anomalies

Abstract

Publication series

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this