Secure Data Sharing Framework Based on Supervised Machine Learning Detection System for Future SDN-Based Networks

2020 ◽  
pp. 355-371
Author(s):  
Anass Sebbar ◽  
Karim Zkik ◽  
Youssef Baddi ◽  
Mohammed Boulmalf ◽  
Mohamed Dafir Ech-Cherif El Kettani
Keyword(s):  
Machine Learning ◽  
Data Sharing ◽  
Detection System ◽  
Supervised Machine Learning ◽  
Secure Data

scholarly journals Attack and Anomaly Detection in IoT Networks Using Supervised Machine Learning Approaches

2021 ◽  
Vol 35 (1) ◽  
pp. 11-21
Author(s):  
Himani Tyagi ◽  
Rajendra Kumar
Keyword(s):  
Machine Learning ◽  
Performance Metrics ◽  
Detection System ◽  
Feature Reduction ◽  
Machine Learning Algorithms ◽  
Supervised Machine Learning ◽  
Testing Time ◽  
Learning Approaches ◽  
Reduction Techniques ◽  
Share Data

IoT is characterized by communication between things (devices) that constantly share data, analyze, and make decisions while connected to the internet. This interconnected architecture is attracting cyber criminals to expose the IoT system to failure. Therefore, it becomes imperative to develop a system that can accurately and automatically detect anomalies and attacks occurring in IoT networks. Therefore, in this paper, an Intrsuion Detection System (IDS) based on extracted novel feature set synthesizing BoT-IoT dataset is developed that can swiftly, accurately and automatically differentiate benign and malicious traffic. Instead of using available feature reduction techniques like PCA that can change the core meaning of variables, a unique feature set consisting of only seven lightweight features is developed that is also IoT specific and attack traffic independent. Also, the results shown in the study demonstrates the effectiveness of fabricated seven features in detecting four wide variety of attacks namely DDoS, DoS, Reconnaissance, and Information Theft. Furthermore, this study also proves the applicability and efficiency of supervised machine learning algorithms (KNN, LR, SVM, MLP, DT, RF) in IoT security. The performance of the proposed system is validated using performance Metrics like accuracy, precision, recall, F-Score and ROC. Though the accuracy of Decision Tree (99.9%) and Randon Forest (99.9%) Classifiers are same but other metrics like training and testing time shows Random Forest comparatively better.

scholarly journals Towards a Multi-Layered Phishing Detection

Sensors ◽  
2020 ◽  
Vol 20 (16) ◽  
pp. 4540
Author(s):  
Kieran Rendall ◽  
Antonia Nisioti ◽  
Alexios Mylonas
Keyword(s):  
Machine Learning ◽  
State Of The Art ◽  
Detection System ◽  
Single Layer ◽  
Supervised Machine Learning ◽  
Data Driven ◽  
Feature Sets ◽  
Phishing Attacks ◽  
Production Environments ◽  
Phishing Detection

Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches have been proposed, which mostly rely on the use of supervised machine learning under a single-layer approach. However, such approaches are resource-demanding and, thus, their deployment in production environments is infeasible. Moreover, most previous works utilise a feature set that can be easily tampered with by adversaries. In this paper, we investigate the use of a multi-layered detection framework in which a potential phishing domain is classified multiple times by models using different feature sets. In our work, an additional classification takes place only when the initial one scores below a predefined confidence level, which is set by the system owner. We demonstrate our approach by implementing a two-layered detection system, which uses supervised machine learning to identify phishing attacks. We evaluate our system with a dataset consisting of active phishing attacks and find that its performance is comparable to the state of the art.

scholarly journals MALGRA: Machine Learning and N-Gram Malware Feature Extraction and Detection System

Electronics ◽  
2020 ◽  
Vol 9 (11) ◽  
pp. 1777
Author(s):  
Muhammad Ali ◽  
Stavros Shiaeles ◽  
Gueltoum Bendiab ◽  
Bogdan Ghita
Keyword(s):  
Machine Learning ◽  
Learning Algorithm ◽  
Detection System ◽  
Malware Detection ◽  
Machine Learning Algorithms ◽  
Supervised Machine Learning ◽  
Detection Methods ◽  
Normal Operation ◽  
Analysis Technique ◽  
N Gram

Detection and mitigation of modern malware are critical for the normal operation of an organisation. Traditional defence mechanisms are becoming increasingly ineffective due to the techniques used by attackers such as code obfuscation, metamorphism, and polymorphism, which strengthen the resilience of malware. In this context, the development of adaptive, more effective malware detection methods has been identified as an urgent requirement for protecting the IT infrastructure against such threats, and for ensuring security. In this paper, we investigate an alternative method for malware detection that is based on N-grams and machine learning. We use a dynamic analysis technique to extract an Indicator of Compromise (IOC) for malicious files, which are represented using N-grams. The paper also proposes TF-IDF as a novel alternative used to identify the most significant N-grams features for training a machine learning algorithm. Finally, the paper evaluates the proposed technique using various supervised machine-learning algorithms. The results show that Logistic Regression, with a score of 98.4%, provides the best classification accuracy when compared to the other classifiers used.

scholarly journals Effective and efficient network anomaly detection system using machine learning algorithm

2019 ◽  
Vol 8 (1) ◽  
pp. 46-51 ◽  
Author(s):  
Mukrimah Nawir ◽  
Amiza Amir ◽  
Naimah Yaakob ◽  
Ong Bi Lynn
Keyword(s):  
Machine Learning ◽  
Anomaly Detection ◽  
Processing Time ◽  
Learning Algorithm ◽  
Detection System ◽  
Malicious Code ◽  
Supervised Machine Learning ◽  
Machine Learning Algorithm ◽  
Network Anomaly Detection ◽  
Anomaly Detection System

Network anomaly detection system enables to monitor computer network that behaves differently from the network protocol and it is many implemented in various domains. Yet, the problem arises where different application domains have different defining anomalies in their environment. These make a difficulty to choose the best algorithms that suit and fulfill the requirements of certain domains and it is not straightforward. Additionally, the issue of centralization that cause fatal destruction of network system when powerful malicious code injects in the system. Therefore, in this paper we want to conduct experiment using supervised Machine Learning (ML) for network anomaly detection system that low communication cost and network bandwidth minimized by using UNSW-NB15 dataset to compare their performance in term of their accuracy (effective) and processing time (efficient) for a classifier to build a model. Supervised machine learning taking account the important features by labelling it from the datasets. The best machine learning algorithm for network dataset is AODE with a comparable accuracy is 97.26% and time taken approximately 7 seconds. Also, distributed algorithm solves the issue of centralization with the accuracy and processing time still a considerable compared to a centralized algorithm even though a little drop of the accuracy and a bit longer time needed.

scholarly journals Optimized machine learning algorithm for intrusion detection

2021 ◽  
Vol 24 (1) ◽  
pp. 590
Author(s):  
Royida A. Ibrahem Alhayali ◽  
Mohammad Aljanabi ◽  
Ahmed Hussein Ali ◽  
Mostafa Abdulghfoor Mohammed ◽  
Tole Sutikno
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Learning Algorithm ◽  
Detection System ◽  
Optimization Algorithms ◽  
Feature Subset Selection ◽  
Supervised Machine Learning ◽  
Support Vector ◽  
Feature Subset ◽  
Training Time

Intrusion detection is mainly achieved by using optimization algorithms. The need for optimization algorithms for intrusion detection is necessitated by the increasing number of features in audit data, as well as the performance failure of the human-based smart intrusion detection system (IDS) in terms of their prolonged training time and classification accuracy. This article presents an improved intrusion detection technique for binary classification. The proposal is a combination of different optimizers, including Rao optimization algorithm, extreme learning machine (ELM), support vector machine (SVM), and logistic regression (LR) (for feature selection & weighting), as well as a hybrid Rao-SVM algorithm with supervised machine learning (ML) techniques for feature subset selection (FSS). The process of selecting the least number of features without sacrificing the FSS accuracy was considered a multi-objective optimization problem. The algorithm-specific, parameter-less concept of the proposed Rao-SVM was also explored in this study. The KDDCup 99 and CICIDS 2017 were used as the intrusion dataset for the experiments, where significant improvements were noted with the new Rao-SVM compared to the other algorithms. Rao-SVM presented better results than many existing works by reaching 100% accuracy for KDDCup 99 dataset and 97% for CICIDS dataset.

scholarly journals Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Muhammad Ahmad ◽  
Qaiser Riaz ◽  
Muhammad Zeeshan ◽  
Hasan Tahir ◽  
Syed Ali Haider ◽  
...  
Keyword(s):  
Machine Learning ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Detection System ◽  
Transport Layer ◽  
Supervised Machine Learning ◽  
Support Vector ◽  
Data Set ◽  
Network Intrusion ◽  
Iot Devices

AbstractInternet of Things (IoT) devices are well-connected; they generate and consume data which involves transmission of data back and forth among various devices. Ensuring security of the data is a critical challenge as far as IoT is concerned. Since IoT devices are inherently low-power and do not require a lot of compute power, a Network Intrusion Detection System is typically employed to detect and remove malicious packets from entering the network. In the same context, we propose feature clusters in terms of Flow, Message Queuing Telemetry Transport (MQTT) and Transmission Control Protocol (TCP) by using features in UNSW-NB15 data-set. We eliminate problems like over-fitting, curse of dimensionality and imbalance in the data-set. We apply supervised Machine Learning (ML) algorithms, i.e., Random Forest (RF), Support Vector Machine and Artificial Neural Networks on the clusters. Using RF, we, respectively, achieve 98.67% and 97.37% of accuracy in binary and multi-class classification. In clusters based techniques, we achieved 96.96%, 91.4% and 97.54% of classification accuracy by using RF on Flow & MQTT features, TCP features and top features from both clusters. Moreover, we show that the proposed feature clusters provide higher accuracy and requires lesser training time as compared to other state-of-the-art supervised ML-based approaches.

Sign in / Sign up

Export Citation Format

Share Document