1 Introduction
2 Related work
3 Adversarial realism
3.1 Data constraints
3.2 Analysis methodology
4 Experimental evaluation
4.1 Scenarios and datasets
Dataset | Selected captures | Total samples | Class samples | Class label |
---|---|---|---|---|
IoT-23 | 1–1 34–1 | 1,031,893 | 539,587 | POAHPS |
471,198 | Benign | |||
14,394 | DDoS | |||
6714 | C&C | |||
Bot-IoT | Full5pc-4 | 668,522 | 576,884 | DDoS |
91,082 | Recon | |||
477 | Benign | |||
79 | Theft |
4.2 Adversarial method
4.3 Models and fine-tuning
Parameter | Value |
---|---|
Criterion | Gini impurity |
No. of estimators | 100 |
Max. depth of a tree | 16 |
Max. features |
\(\sqrt{\text{No. of features}}\)
|
Min. samples in a leaf | 2 to 4 |
Parameter | Value |
---|---|
Method | Histogram |
Loss function (objective) | Cross-entropy |
No. of estimators | 80 to 120 |
Learning rate | 0.01 to 0.2 |
Max. depth of a tree | 8 |
Min. loss reduction (gamma) | 0.01 |
Feature subsample | 0.7 to 0.8 |
Parameter | Value |
---|---|
Method | GOSS |
Loss function (objective) | Cross-entropy |
No. of estimators | 80 to 120 |
Learning rate | 0.01 to 0.2 |
Max. depth of a tree | 16 |
Max. leaves in a tree | 32 |
Min. loss reduction (gamma) | 0.01 |
Min. samples in a leaf | 16 |
Feature subsample | 0.7 to 0.8 |
Parameter | Value |
---|---|
No. of estimators | 100 |
Contamination | 0.4 to 0.5 |
Max. features | 0.9 |
Max. samples | 256 |