Advancing PortScan Event Detection: Leveraging eXtreme Gradient Boosted Trees with Fast Feature Binning and Unsupervised Learning Features
Author
Bucknor, OlanrewajuAffiliation
Electrical and Computer Engineering Department, Morgan State UniversityIssue Date
2024-10
Metadata
Show full item recordCitation
Bucknor, O. (2024). Advancing PortScan Event Detection: Leveraging eXtreme Gradient Boosted Trees with Fast Feature Binning and Unsupervised Learning Features. International Telemetering Conference Proceedings, 59.Additional Links
https://telemetry.org/Abstract
This study presents a novel approach for enhancing the detection of PortScan events using advanced machine learning techniques leveraging the eXtreme Gradient Boosted Trees (XGBoost) classifier. We introduce a comprehensive framework integrating Fast Feature Binning and Unsupervised Learning Features, supplemented by Early Stopping mechanisms. The utilization of XGBoost facilitates eWicient model training and robust classification, while Fast Feature Binning enhances computational eWiciency by reducing the dimensionality of the feature space without compromising information content. The incorporation of Unsupervised Learning Features empowers the model to discern intricate patterns inherent in PortScan activities, further enhancing its detection capabilities. Furthermore, Early Stopping mechanisms are employed to prevent overfitting and enhance generalization performance. Through comprehensive experimentation and evaluation, our approach demonstrates superior performance in accurately identifying PortScan events compared to conventional methods. This research contributes to advancing the field of network security by providing a robust and eWicient solution for detecting PortScan activities, thereby fortifying defense mechanisms against potential cyber threats.Type
Proceedingstext
Language
enISSN
0884-51231546-2188