Journals Information
Computer Science and Information Technology Vol. 13(1), pp. 8 - 31
DOI: 10.13189/csit.2025.130102
Reprint (PDF) (1013Kb)
Improving Network Security through Fuzzing Attack Detection: Machine Learning on the Kitsune Dataset
Yousef Abuzir *, Dima Raed Abu Khalil
Faculty of Technology and Applied Sciences, Al-Quds Open University, Palestine
ABSTRACT
The rapid growth of network traffic has made cybersecurity a critical concern for many organizations. The detection and classification of network attacks are becoming a complex and difficult task. The objective of this study was to explore and compare three machine learning techniques for detecting network intrusions. These techniques include Linear Discriminant Analysis (LDA), Logistic Regression, and hybrid deep learning models composed of Convolutional Neural Networks (CNNs), Gated Recurrent Units (GRUs), and Long Short-Term Memory networks (LSTMs). This study aimed to evaluate these models based on their classification accuracy, ability to handle class imbalance, and interpretability using Shapley Additive exPlanations (SHAP). The methodology involves training and testing the models on a network traffic dataset, followed by performance evaluation using metrics such as accuracy, precision, recall, F1-score, and AUC. Additionally, SHAP values were computed to assess feature importance and model interpretability. The results revealed that Logistic Regression offers reliable performance, achieving high accuracy and balanced precision and recall for both benign and malicious classes. The CNN-GRU-LSTM hybrid model achieved near-perfect accuracy, but with a significant computational cost and a high False Negative Rate. The LDA model performs well on benign traffic but struggles to detect malicious instances owing to class imbalance. In conclusion, although simpler models, such as Logistic Regression, provide high interpretability and robust performance, the CNN-GRU-LSTM model offers superior classification performance at the cost of increased computational complexity. This study highlights the importance of balancing the model performance with computational efficiency and interpretability. Future work should focus on addressing class imbalance, optimizing models for real-time detection, integrating external threat intelligence, and exploring transfer and continuous learning techniques to enhance model adaptability.
KEYWORDS
Network Attack Detection, Machine Learning, SHAP, Logistic Regression, CNN-GRU-LSTM, Model Interpretability
Cite This Paper in IEEE or APA Citation Styles
(a). IEEE Format:
[1] Yousef Abuzir , Dima Raed Abu Khalil , "Improving Network Security through Fuzzing Attack Detection: Machine Learning on the Kitsune Dataset," Computer Science and Information Technology, Vol. 13, No. 1, pp. 8 - 31, 2025. DOI: 10.13189/csit.2025.130102.
(b). APA Format:
Yousef Abuzir , Dima Raed Abu Khalil (2025). Improving Network Security through Fuzzing Attack Detection: Machine Learning on the Kitsune Dataset. Computer Science and Information Technology, 13(1), 8 - 31. DOI: 10.13189/csit.2025.130102.