A Precise and Distinctive Model of Supervised Machine Learning Using Classification Algorithm to Identify Network Attacks
摘要
Machine learning algorithm was based on a supervised concept and was designed in a way to enforce the security of the cloud in this study. In order to analyze the existing computing cloud security structure and gain better insights into the safety concerns of the cloud, using the labeled data, the model detected the traffic and classified it into standard or anomalous traffic. The built model outperformed the conventional ways of traffic identifying attacks to be able to then investigate and identify trends in attacks in such a way that we can be sure that the model we built will be able to predict and classify traffic as an attack or not. These approaches relied on historical knowledge of known prior attacks. The study designed and implemented five supervised machine learning algorithms: a support vector machines classifier, XGBoost classifier, naive Bayes, logistical regression, and LightGBM model. The target feature was the assigned traffic class (either “normal” or “anomaly”). During feature engineering, both classes were encoded to yield two numerical information classes codes, “0” will represent regular traffic and “1” will represent anomalous traffic. Encoding used was one-hot encoding. By taking four statistical metrics where the metrics were precision, recall score, F1-score, and accuracy, the results showed that the XGBoost classification model performs the best compared to the other algorithms. The best ranking was given to XGBoost which scored 100 on all metrics and a low false-positive rate (15 false entries). Accordingly, the research shows that the best approach to find the attacks within the network is the XGBoost classifier method.