An evolutionary computation-based machine learning for network attack detection in big data traffic.

Big data scenarios are characterized by multiple devices, massive traffic, and high data dimensionality. In the process of attack identification, the selection of features from massive data directly affects the attack detection effect and has become a key issue that constrains attack identification. Therefore, this paper proposes an evolutionary computation-based machine learning approach for detecting network attacks in big data traffic. First, the RandomSample-SMOTE (Synthetic Minority Over-sampling Technique) method is designed to perform class imbalance processing on network attack traffic collected from big data traffic; second, the feature importance of the attack traffic in different classification layers is calculated and ranked separately using the LightGBM (Light Gradient Boosting Machine) model, and the optimal feature values are selected through retraining; finally, the obtained feature values are used for model training and the most optimal model is obtained by optimizing the hyperparameters with TuneGridSearchCV (Tune's Grid Search Cross Validation). The results of simulation experiments show that the method in this paper can effectively extract features from big data traffic. It can effectively reduce feature dimensionality, significantly improve detection accuracy and save about 40% of computation time compared with existing methods. • A machine learning method based on evolutionary computation is proposed to detect network attacks in big data traffic. • A data pre-processing method is proposed to balance the data set. • A hierarchical feature selection method is proposed to extract features and reduce dimensions. • A hierarchical attack identification model is proposed with high detection accuracy and efficiency. [ABSTRACT FROM AUTHOR]