Information Systems and E-Business Management ( IF 2.3 ) Pub Date : 2023-02-28 , DOI: 10.1007/s10257-023-00626-2 Ammar Almomani
Darknet, a source of cyber intelligence, refers to the internet’s unused address space, which people do not expect to interact with their computers. The establishment of security requires analyses of the threats characterizing the network. New machine learning classifiers known as stacking ensemble learning are proposed in this paper to analyze and classify darknet traffic. In dealing with darknet attack problems, this new system uses predictions formed by 3 base learning techniques. The system was tested on a dataset comprising more than 141,000 records analyzed from CIC-Darknet 2020. The experiment results demonstrated the study’s classifiers’ ability to distinguish between the malignant traffic and benign traffic easily. The classifiers can effectively detect known and unknown threats with high precision and accuracy greater than 99% in the training and 97% in the testing phases, with increments ranging from 4 to 64% by current algorithms. As a result, the proposed system becomes more robust and accurate as data grows. Also, the proposed system has the best standard deviation compared with current A.I. algorithms.
中文翻译:
基于改进的堆叠集成学习算法的暗网流量分析和分类系统
暗网是网络情报的来源,指的是互联网未使用的地址空间,人们不希望与计算机进行交互。建立安全性需要分析网络威胁的特征。本文提出了一种称为堆叠集成学习的新机器学习分类器来分析和分类暗网流量。在处理暗网攻击问题时,这个新系统使用了由 3 个基础学习技术形成的预测。该系统在包含 CIC-Darknet 2020 分析的超过 141,000 条记录的数据集上进行了测试。实验结果证明了该研究的分类器能够轻松区分恶性流量和良性流量。分类器可以有效地检测已知和未知的威胁,精度很高,训练阶段准确率超过 99%,测试阶段准确率超过 97%,当前算法的增量范围为 4% 到 64%。因此,随着数据的增长,所提出的系统变得更加稳健和准确。此外,与当前的人工智能算法相比,所提出的系统具有最佳的标准偏差。