XGBoost for IDS on WSN Cyber Attacks with Imbalanced Data
Aji Gautama Putrada, Nur Alamsyah, Syafrial Fachri Pane, Mohamad Nurkamal Fauzan
Abstract
A wireless sensor network (WSN) is also vulnerable to cyber-attacks, just other systems connected to the computer network, which makes the intrusion detection system (IDS) for WSN an interesting research study. However, IDS datasets are usually associated with imbalanced data because attacks usually occur in low frequency. This study proposes the application of XGBoost in IDS on WSN cyber attacks that experience imbalanced data. We obtained the attack dataset on WSN from Kaggle, which data on blackhole, grayhole, flooding, and scheduling attacks. We use decision trees and naive Bayes to benchmark the performance of our proposed method. Then the precision, recall, receiver operating curve (ROC), and area under curve (AUC) value is to evaluate our IDS model. The test results show that the three classes have moderate imbalanced data, while one class, the flooding attack class, has severe imbalanced data. Compared to the two benchmark methods, decision tree and naive Bayes, XGBoost has the best AUC for scheduling, normal, grayhole, flooding, and blackhole classes with values of 0.987, 0.9963, 0.9994, 0.9997, and 0.9999 respectively.