An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset

2019 ◽  
Vol 23 (2) ◽  
pp. 1397-1418 ◽  
Author(s):  
Vikash Kumar ◽  
Ditipriya Sinha ◽  
Ayan Kumar Das ◽  
Subhash Chandra Pandey ◽  
Radha Tamal Goswami
Keyword(s):  
Intrusion Detection ◽  
Real Time ◽  
Intrusion Detection System ◽  
System Analysis ◽  
Detection System ◽  
Data Set ◽  
Rule Based ◽  
The Real

scholarly journals A Fusion of Multiagent Functionalities for Effective Intrusion Detection System

2017 ◽  
Vol 2017 ◽  
pp. 1-15 ◽  
Author(s):  
Dhanalakshmi Krishnan Sadhasivan ◽  
Kannapiran Balasubramanian
Keyword(s):  
Intrusion Detection ◽  
Real Time ◽  
Intrusion Detection System ◽  
Detection System ◽  
Detection Accuracy ◽  
The Real ◽  
Common Path ◽  
Research Areas ◽  
Water Pipeline ◽  
Active Research

Provision of high security is one of the active research areas in the network applications. The failure in the centralized system based on the attacks provides less protection. Besides, the lack of update of new attacks arrival leads to the minimum accuracy of detection. The major focus of this paper is to improve the detection performance through the adaptive update of attacking information to the database. We propose an Adaptive Rule-Based Multiagent Intrusion Detection System (ARMA-IDS) to detect the anomalies in the real-time datasets such as KDD and SCADA. Besides, the feedback loop provides the necessary update of attacks in the database that leads to the improvement in the detection accuracy. The combination of the rules and responsibilities for multiagents effectively detects the anomaly behavior, misuse of response, or relay reports of gas/water pipeline data in KDD and SCADA, respectively. The comparative analysis of the proposed ARMA-IDS with the various existing path mining methods, namely, random forest, JRip, a combination of AdaBoost/JRip, and common path mining on the SCADA dataset conveys that the effectiveness of the proposed ARMA-IDS in the real-time fault monitoring. Moreover, the proposed ARMA-IDS offers the higher detection rate in the SCADA and KDD cup 1999 datasets.

scholarly journals Anomaly Intrusion Detection System in Real Time Environment using Ensemble Learning Model

2019 ◽  
Vol 8 (4) ◽  
pp. 4908-4917
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Real Time ◽  
Network Traffic ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Negative ◽  
Ensemble Classification ◽  
Data Set ◽  
Rule Set

System security is of essential part now days for huge organizations. The Intrusion Detection System (IDS) are getting to be irreplaceable for successful assurance against intrusions that are continually changing in size and intricacy. With information honesty, privacy and accessibility, they must be solid, simple to oversee and with low upkeep cost. Different adjustments are being connected to IDS consistently to recognize new intrusions and handle them. This paper proposes model based on combination of ensemble classification for network traffic anomaly detection. Intrusion detection system is try to perform in real time, but they cannot improved due to the network connections. This research paper is trying to implement intrusion detection system (IDS) using ensemble method for misuse as well anomaly detection for HIDS and NIDS based also. This system used various individual classification methods and its ensemble model on KDD99 and NSL-KDD data set to check the performance of model. It also check the performance on creating real time network traffic using own attack creator and send this to the remote machine which has our proposed IDS system. This system used training rule set as a background knowledge which are generated by genetic algorithm. Ensemble approach contains three algorithms as Naive Bayes, Artificial Neural Network and J48. Ensemble classifiers apply on network packets mapping with GA rule set and generate the result. Finally our proposed model produces highest detection rate and lower false negative ratio compare to others. Also find the accuracy of each attack types.

scholarly journals Intrusion Detection Framework Using Efficient Spectral Clustering Technique

2020 ◽  
Author(s):  
K. Vengatesan ◽  
Abhishek Kumar ◽  
K. Harish Eknath ◽  
Sayyad Samee ◽  
Rajiv Vincent ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Cyber Security ◽  
Intrusion Detection System ◽  
Spectral Clustering ◽  
Detection System ◽  
Security Threats ◽  
Data Set ◽  
Rule Based ◽  
Clustering Technique ◽  
Irregular Data

Developing cyber-security threats are an industrious test for system managers and security specialists as new malware is persistently cleared. Attackers may search for vulnerabilities in commercial items or execute advanced surveillance crusades to comprehend an objective’s network and assemble data on security items like firewalls and intrusion detection/avoidance systems (network or host-based). Numerous new assaults will in general be changes of existing ones. In such a situation, rule-based systems neglect to detect the assault, despite the fact that there are minor contrasts in conditions/credits between rules to distinguish the new and existing assault. To detect these distinctions the IDS must have the option to disconnect the subset of conditions that are valid and foresee the feasible conditions (not the same as the first) that must be watched. We have given various techniques to detect intrusions (or anomalies) which are dissipated consistently and structure little clusters of irregular data. To improve the clustering results, the dissipated anomalies are detected and expelled before agent clusters are framed utilizing SC (spectral clustering). For assessment, a manufactured and genuine data set are utilized and our outcomes show that the utilization of SC (spectral clustering) is a promising way to deal with the advancement of an Intrusion Detection System.

scholarly journals DCNN-IDS : Deep Convolutional Neural Network based Intrusion Detection System

2020 ◽  
Author(s):  
Sriram Srinivasan ◽  
Shashank A ◽  
vinayakumar R ◽  
Soman KP
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Convolutional Neural Network ◽  
Intrusion Detection System ◽  
Input Data ◽  
Detection System ◽  
Deep Convolutional Neural Network ◽  
Traffic Data ◽  
Data Set ◽  
Research Problems

In the present era, cyberspace is growing tremendously and the intrusion detection system (IDS) plays a key role in it to ensure information security. The IDS, which works in network and host level, should be capable of identifying various malicious attacks. The job of network-based IDS is to differentiate between normal and malicious traffic data and raise an alert in case of an attack. Apart from the traditional signature and anomaly-based approaches, many researchers have employed various deep learning (DL) techniques for detecting intrusion as DL models are capable of extracting salient features automatically from the input data. The application of deep convolutional neural network (DCNN), which is utilized quite often for solving research problems in image processing and vision fields, is not explored much for IDS. In this paper, a DCNN architecture for IDS which is trained on KDDCUP 99 data set is proposed. This work also shows that the DCNN-IDS model performs superior when compared with other existing works.

The Study of the Ontology and Context Verification Based Intrusion Detection Model

2014 ◽  
Vol 644-650 ◽  
pp. 3338-3341 ◽  
Author(s):  
Guang Feng Guo
Keyword(s):  
Intrusion Detection ◽  
Knowledge Base ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
False Positives ◽  
The Real ◽  
Detection Model ◽  
Positive Rate

During the 30-year development of the Intrusion Detection System, the problems such as the high false-positive rate have always plagued the users. Therefore, the ontology and context verification based intrusion detection model (OCVIDM) was put forward to connect the description of attack’s signatures and context effectively. The OCVIDM established the knowledge base of the intrusion detection ontology that was regarded as the center of efficient filtering platform of the false alerts to realize the automatic validation of the alarm and self-acting judgment of the real attacks, so as to achieve the goal of filtering the non-relevant positives alerts and reduce false positives.

Sign in / Sign up

Export Citation Format

Share Document