Browsing by Author "Siriporn Chimphlee"

Now showing 1 - 15 of 15
  • Default Image
    Item
    An approach to solve computer attacks based on hybrid model
    (2006) Surat Srinoy; Witcha Chimphlee; Siriporn Chimphlee; Yoothapoom Poopaibool; S. Srinoy; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Ratchasima Road, Thailand; email: surat_sri@dusit.ac.th
    It is an important issue for the security of network to detect new intrusion attack. We introduce the idea of the Independent component analysis (ICA) based feature selection heuristics, and present Support Vector Machine (SVM) algorithm for data classification. ICA aims at extracting unknown hidden factors/components from multivariate data using only the assumption that unknown factors are mutually independent. The experimental results on dataset Knowledge Discovery and Data Mining (KDDCup99) show that our method outperforms the existing intrusion detection methods.
  • Default Image
    Item
    An improving fuzzy ant clustering using artificial immune recognition system
    (2006) Werasak Kurutach; Surat Srinoy; Witcha Chimphlee; Siriporn Chimphlee
    We present a swarm intelligence approach to data clustering. Ant based clustering is used to initially create raw clusters and then these clusters are refined using Artificial Immune Recognition System (AIRS). AIRS that has been developed as an immune-inspired supervise learning algorithm. Certain unnecessary complications of the original algorithm are discussed and means of overcoming these complexities are proposed. We propose artificial immune recognition systems (AIRS) in the second stage for refinement mean of overcoming these complexities are proposed. Our approach allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. The experimental results on Knowledge Discovery and Data Mining-(KDDCup 1999) dataset.
  • Default Image
    Item
    Anomaly intrusion detection systems based on evolutionary computing
    (2007) Surat Srinoy; Siriporn Chimphlee; Witcha Chimphlee
    As malicious intrusions are a growing problem, we need a solution to detect the intrusions accurately. Network administrators are continuously looking for new ways to protect their resources from harm, both internally and externally. Intrusion detection systems look for unusual or suspicious activity, such as patterns of network traffic that are likely indicators of unauthorized activity. New intrusion types, of which detection systems are unaware, are the most difficult to detect. The amount of available network audit data instances is usually large; human labeling is tedious, time-consuming, and expensive. The objective of this paper is to describe a fuzzy c-means and genetic algorithms and discuss its usage to detect intrusion in a computer network. We are using a Genetic Algorithms (GA) to select a subset of input features for clustering with a goal of increasing the detection rate and decreasing the false alarm rate in network intrusion detection. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Experiments were performed with DARPA data sets, which have information on computer networks, during normal behavior and intrusive behavior.
  • Default Image
    Item
    Anomaly-based intrusion detection using fuzzy rough clustering
    (2006) Witcha Chimphlee; Abdul Hanan Abdullah; Mohd Noor Md. Sap; Surat Srinoy; Siriporn Chimphlee; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Thailand; email: witcha_chi@dusit.ac.th
    It is an important issue for the security of network to detect new intrusion attack and also to increase the detection rates and reduce false positive rates in Intrusion Detection System (IDS). Anomaly intrusion detection focuses on modeling normal behaviors and identifying significant deviations, which could be novel attacks. The normal and the suspicious behavior in computer networks are hard to predict as the boundaries between them cannot be well defined. We apply the idea of the Fuzzy Rough C-means (FRCM) to clustering analysis. FRCM integrates the advantage of fuzzy set theory and rough set theory that the improved algorithm to network intrusion detection. The experimental results on dataset KDDCup99 show that our method outperforms the existing unsupervised intrusion detection methods © 2006 IEEE.
  • Default Image
    Item
    Forecasting Carbon Dioxide Emission in Thailand Using Machine Learning Techniques
    (Institute of Advanced Engineering and Science, 2023) Siriporn Chimphlee; Witcha Chimphlee; W. Chimphlee; Faculty of Science and Technology, Suan Dusit University, Bangkok, 295 Ratchasima Road, Dusit, 10300, Thailand; email: witcha_chi@dusit.ac.th
    Machine Learning (ML) models and the massive quantity of data accessible provide useful tools for analyzing the advancement of climate change trends and identifying major contributors. Random Forest (RF), Gradient Boosting Regression (GBR), XGBoost (XGB), Support Vector Machines (SVC), Decision Trees (DT), K-Nearest Neighbors (KNN), Principal Component Analysis (PCA), ensemble methods, and Genetic Algorithms (GA) are used in this study to predict CO2 emissions in Thailand. A variety of evaluation criteria are used to determine how well these models work, including R-squared (R2), mean absolute error (MAE), root mean squared error (RMSE), mean absolute percentage error (MAPE), and correctness. The results show that the RF and XGB algorithms function exceptionally well, with high R-squared values and low error rates. KNN, PCA, ensemble methods, and GA, on the other hand, outperform the top-performing models. Their lower R-squared values and higher error scores indicate that they are unable to accurately anticipate CO2 emissions. This paper contributes to the field of environmental modeling by comparing the effectiveness of various machine learning approaches in forecasting CO2 emissions. The findings can assist Thailand in promoting sustainable development and developing policies that are consistent with worldwide efforts to combat climate change. © 2023 Institute of Advanced Engineering and Science. All rights reserved.
  • Default Image
    Item
    Hyperparameters optimization XGBoost for network intrusion detection using CSE-CIC-IDS 2018 dataset
    (Institute of Advanced Engineering and Science, 2024) Witcha Chimphlee; Siriporn Chimphlee; S. Chimphlee; Department of Data Science and Analytics, Faculty of Science and Technology, Suan Dusit University, Bangkok, Thailand; email: siriporn.chi@gmail.com
    With the introduction of high-speed internet access, the demand for security and dependable networks has grown. In recent years, network attacks have gotten more complex and intense, making security a vital component of organizational information systems. Network intrusion detection systems (NIDS) have become an essential detection technology to protect data integrity and system availability against such attacks. NIDS is one of the most well-known areas of machine learning software in the security field, with machine learni ng algorithms constantly being developed to improve performance. This research focuses on detecting abnormalities in societal infiltration using the hyperparameters optimization XGBoost (HO-XGB) algorithm with the Communications Security Establishment-The Canadian Institute for Cybersecurity-Intrusion Detection System2018 (CSE-CIC-IDS2018) dataset to get the best potential results. When compared to typical machine learning methods published in the literature, HO-XGB outperforms them. The study shows that XGBoost outperforms other detection algorithms. We refined the HO-XGB model's hyperparameters, which included learning_rate, subsample, max_leaves, max_depth, gamma, colsample_bytree, min_child_weight, n_estimators, max_depth, and reg_alpha. The experimental findings reveal that HO-XGB1 outperforms multiple parameter settings for intrusion detection, effectively optimizing XGBoost's hyperparameters.
  • Default Image
    Item
    Independent component analysis and rough fuzzy based approach to web usage mining
    (2006) Siriporn Chimphlee; Naomie Salim; Mohd Salim Bin Ngadiman; Witcha Chimphlee; Surat Srinoy; S. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Rd, Thailand; email: siripom.chi@dusit.ac.th
    Web Usage Mining is that area of Web Mining which deals with the extraction of interesting knowledge from logging information produced by Web servers. A challenge in web classification is how to deal with the high dimensionality of the feature space. In this paper we present Independent Component Analysis (ICA) for feature selection and using Rough Fuzzy for clustering web user sessions. It aims at discovery of trends and regularities in web users' access patterns. ICA is a very general-purpose statistical technique in which observed random data are linearly transformed into components that are maximally independent from each other, and simultaneously have "interesting" distributions. Our experiments indicate can improve the predictive performance when the original feature set for representing web log is large and can handling the different groups of uncertainties/impreciseness accuracy.
  • Default Image
    Item
    Integrating genetic algorithms and fuzzy c-means for anomaly detection
    (2005) Witcha Chimphlee; Abdul Hanan Abdullah; Mohd Moor Md Sap; Siriporn Chimphlee; Surat Srinoy; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Road, Thailand; email: witcha_chi@dusit.ac.th
    The goal of intrusion detection is to discover unauthorized use of computer systems. New intrusion types, of which detection systems are unaware, are the most difficult to detect. The amount of available network audit data instances is usually large; human labeling is tedious, time-consuming, and expensive. Traditional anomaly detection algorithms require a set of purely normal data from which they train their model. In this paper we propose an intrusion detection method that combines Fuzzy Clustering and Genetic Algorithms. Clustering-based intrusion detection algorithm which trains on unlabeled data in order to detect new intrusions. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Genetic Algorithms (GA) to the problem of selection of optimized feature subsets to reduce the error caused by using land-selected features. Our method is able to detect many different types of intrusions, while maintaining a low false positive rate. We used data set from 1999 KDD intrusion detection contest. © 2005 IEEE.
  • Default Image
    Item
    INTRUSION DETECTION SYSTEM (IDS) DEVELOPMENT USING TREE-BASED MACHINE LEARNING ALGORITHMS
    (Academy and Industry Research Collaboration Center (AIRCC), 2023) Witcha Chimphlee; Siriporn Chimphlee
    The paper proposes a two-phase classification method for detecting anomalies in network traffic, aiming to tackle the challenges of imbalance and feature selection. The study uses Information Gain to select relevant features and evaluates its performance on the CICIDS-2018 dataset with various classifiers. Results indicate that the ensemble classifier achieved the highest accuracy, precision, and recall. The proposed method addresses challenges in intrusion detection and highlights the effectiveness of ensemble classifiers in improving anomaly detection accuracy. Also, the quantity of pertinent characteristics chosen by Information Gain has a considerable impact on the F1-score and detection accuracy. Specifically, the Ensemble Learning achieved the highest accuracy of 98.36% and F1-score of 97.98% using the relevant selected features. © (2023), (Academy and Industry Research Collaboration Center (AIRCC)). All Rights Reserved.
  • Default Image
    Item
    Intrusion detection via independent component analysis based on rough fuzzy
    (2006) Surat Srinoy; Werasak Kurutach; Witcha Chimphlee; Siriporn Chimphlee; Santi Sounsri; S. Srinoy; Department of Computer Engineering, Mahanakorn University of Technology, Nongchok, Bangkok, 51 Chuemsumphun Road, Thailand; email: surat_sri@dusit.ac.th
    Independent component analysis (ICA) aims at extracting unknown hidden factors/components from multivariate data using only the assumption that unknown factors are mutually independent. In this paper we discuss an intrusion detection method that proposes independent component analysis based feature selection heuristics and using rough fuzzy for clustering data. Rough set has to decrease the amount of data and get rid of redundancy and Fuzzy methods allow objects to belong to several clusters simultaneously, with different degrees of membership. The experimental results on Knowledge Discovery and Data Mining-(KDDCup 1999) dataset.
  • Default Image
    Item
    Machine learning to improve the performance of anomaly-based network intrusion detection in big data
    (Institute of Advanced Engineering and Science, 2023) Siriporn Chimphlee; Witcha Chimphlee; W. Chimphlee; Department of Data Science and Analytics, Faculty of Science and Technology, Suan Dusit University, Bangkok, 295 Nakornratchasrima Road, Dusit, Thailand; email: witcha_chi@dusit.ac.th
    With the rapid growth of digital technology communications are overwhelmed by network data traffic. The demand for the internet is growing every day in today's cyber world, raising concerns about network security. Big Data are a term that describes a vast volume of complicated data that is critical for evaluating network patterns and determining what has occurred in the network. Therefore, detecting attacks in a large network is challenging. Intrusion detection system (IDS) is a promising cybersecurity research field. In this paper, we proposed an efficient classification scheme for IDS, which is divided into two procedures, on the CSE-CIC-IDS-2018 dataset, data pre-processing techniques including under-sampling, feature selection, and classifier algorithms were used to assess and decide the best performing model to classify invaders. We have implemented and compared seven classifier machine learning algorithms with various criteria. This work explored the application of the random forest (RF) for feature selection in conjunction with machine learning (ML) techniques including linear regression (LR), k-Nearest Neighbor (k-NN), classification and regression trees (CART), Bayes, RF, multi layer perceptron (MLP), and XGBoost in order to implement IDSS. The experimental results show that the MLP algorithm in the most successful with best performance with evaluation matrix. © 2023 Institute of Advanced Engineering and Science. All rights reserved.
  • Default Image
    Item
    Rough fuzzy approach for web usage mining
    (2006) Siriporn Chimphlee; Naomie Salim; Mohd Salihin Bin Ngadiman; Witcha Chimphlee; Surat Srinoy; S. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Rd, Thailand; email: siriporn_chi@dusit.ac.th
    Web usage mining is a new subfield of data mining research. It aims at discovery of trends and regularities in web users' access patterns. In the past few years, web usage mining techniques have grown rapidly together with the explosive growth of the web, both in the research and commercial areas. A challenge in web classification is how to deal with the high dimensionality of the feature space. This paper applies the concept of rough fuzzy approach for classification in web usage mining tasks after we present Independent Component Analysis (ICA) for feature. Clustering is an important part of web mining that involves finding natural groupings of web resources or web users.
  • Default Image
    Item
    To detect misuse and anomaly attacks through rule induction analysis and fuzzy methods
    (2006) Witcha Chimphlee; Abdul Hanan Abdullah; Mohd Noor Md. Sap; Siriporn Chimphlee; Surat Srinoy; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Road, Thailand; email: witcha_chi@dusit.ac.th
    To protect networks, intrusion detection systems aim to identify attacks with a high detection rate and a low false alarm rate. In this paper we propose an intrusion detection method that combines rule induction analysis for misuse detection and Fuzzy c-means for anomaly detection. Rule induction is used to generate patterns from data and finding a set of rules that satisfy some predefined criteria. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Our method is an accurate model for handle complex attack patterns in large networks. Empirical studies using the network security data set from the DARPA 1998 offline intrusion detection project (KDD 1999 Cup) show the feasibility of misuse and anomaly detection results.
  • Default Image
    Item
    To identify suspicious activity in anomaly detection based on soft computing
    (2006) Witcha Chimphlee; Mohd Noor Md Sap; Abdul Hanan Abdullah; Siriporn Chimphlee; Surat Srinoy; W. Chimphlee; Faculty of Science and Technology, Suan Dusit Rajabhat University, Dusit, Bangkok, 295 Rajasrima Road, Thailand; email: witcha_chi@dusit.ac.th
    The Traditional intrusion detection systems (IDS) look for unusual or suspicious activity, such as patterns of network traffic that are likely indicators of unauthorized activity. However, normal operation often produces traffic that matches likely "attack signature", resulting in false alarms. In this paper we propose an intrusion detection method that proposes rough set based feature selection heuristics and using fuzzy c-means for clustering data. Rough set has to decrease the amount of data and get rid of redundancy. Fuzzy Clustering methods allow objects to belong to several clusters simultaneously, with different degrees of membership. Our approach allows us to recognize not only known attacks but also to increase accuracy detection rate for suspicious activity and signature detection. Empirical studies using the network security data set from the DARPA 1998 offline intrusion detection project (KDD 1999 Cup) show the feasibility of misuse and anomaly detection results.
  • Default Image
    Item
    Using association rules and Markov model for predict next access on Web usage mining
    (2006) Siriporn Chimphlee; Naomie Salim; Mohd Salihin Bin Ngadiman; Witcha Chimphlee
    Predicting the next request of a user as visits Web pages has gained importance as Web-based activity increases. A large amount of research has been done on trying to predict correctly the pages a user will request. This task requires the development of models that can predicts a user's next request to a web server. In this paper, we propose a method for constructing first-order and second-order Markov models of Web site access prediction based on past visitor behavior and compare it association rules technique. In these approaches, sequences of user requests are collected by the session identification technique, which distinguishes the requests for the same web page in different browses. We report experimental studies using real server log for comparison between methods and show that degree of precision. © 2006 Springer.