scholarly journals A New Ensemble-Based Intrusion Detection System for Internet of Things

2021 ◽  
Author(s):  
Adeel Abbas ◽  
Muazzam A. Khan ◽  
Shahid Latif ◽  
Maria Ajaz ◽  
Awais Aziz Shah ◽  
...  
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Detection Model ◽  
Detection Systems ◽  
Proposed Model ◽  
Attack Patterns ◽  
Multi Class Classification

AbstractThe domain of Internet of Things (IoT) has witnessed immense adaptability over the last few years by drastically transforming human lives to automate their ordinary daily tasks. This is achieved by interconnecting heterogeneous physical devices with different functionalities. Consequently, the rate of cyber threats has also been raised with the expansion of IoT networks which puts data integrity and stability on stake. In order to secure data from misuse and unusual attempts, several intrusion detection systems (IDSs) have been proposed to detect the malicious activities on the basis of predefined attack patterns. The rapid increase in such kind of attacks requires improvements in the existing IDS. Machine learning has become the key solution to improve intrusion detection systems. In this study, an ensemble-based intrusion detection model has been proposed. In the proposed model, logistic regression, naive Bayes, and decision tree have been deployed with voting classifier after analyzing model’s performance with some prominent existing state-of-the-art techniques. Moreover, the effectiveness of the proposed model has been analyzed using CICIDS2017 dataset. The results illustrate significant improvement in terms of accuracy as compared to existing models in terms of both binary and multi-class classification scenarios.

Analysis of Intrusion Detection System

2011 ◽  
Vol 460-461 ◽  
pp. 451-454
Author(s):  
Yue Sheng Gu ◽  
Hong Yu Feng ◽  
Jian Ping Wang
Keyword(s):  
Information Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Future Research ◽  
Detection Model ◽  
Detection Systems ◽  
Detection Technology ◽  
Technology Concepts

Intrusion detection system is an important device of information security. This article describes intrusion detection technology concepts, classifications and universal intrusion detection model, and analysis of the intrusion detection systems weaknesses and limitations. Finally, some directions for future research are addressed.

scholarly journals A novel time efficient learning-based approach for smart intrusion detection system

2021 ◽  
Vol 8 (1) ◽  
Author(s):  
Sugandh Seth ◽  
Gurvinder Singh ◽  
Kuljit Kaur Chahal
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Gradient Boosting ◽  
Detection Systems ◽  
Network Parameters ◽  
Proposed Model ◽  
Precision Rate

Abstract Background The ever increasing sophistication of intrusion approaches has led to the dire necessity for developing Intrusion Detection Systems with optimal efficacy. However, existing Intrusion Detection Systems have been developed using outdated attack datasets, with more focus on prediction accuracy and less on prediction latency. The smart Intrusion Detection System framework evolution looks forward to designing and deploying security systems that use various parameters for analyzing current and dynamic traffic trends and are highly time-efficient in predicting intrusions. Aims This paper proposes a novel approach for a time-efficient and smart Intrusion Detection System. Method Herein, we propose a Hybrid Feature Selection approach that aims to reduce the prediction latency without affecting attack prediction performance by lowering the model's complexity. Light Gradient Boosting Machine (LightGBM), a fast gradient boosting framework, is used to build the model on the latest CIC-IDS 2018 dataset. Results The proposed feature selection reduces the prediction latency ranging from 44.52% to 2.25% and the model building time ranging from 52.68% to 17.94% in various algorithms on the CIC-IDS 2018 dataset. The proposed model with hybrid feature selection and LightGBM gives 97.73% accuracy, 96% sensitivity, 99.3% precision rate, and comparatively low prediction latency. The proposed model successfully achieved a raise of 1.5% in accuracy rate and 3% precision rate over the existing model. An in-depth analysis of network parameters is also performed, which gives a deep insight into the variation of network parameters during the benign and malicious sessions.

An Improved Intrusion Detection Model Design

2013 ◽  
Vol 710 ◽  
pp. 682-686
Author(s):  
Zong Jiang Wang ◽  
Xiao Bo Li
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Model Design ◽  
False Detection Rate ◽  
False Detection ◽  
Detection Model ◽  
Detection Systems ◽  
Mining Design

In order to improve the design of intrusion detection model, this paper according to the analysis of generic intrusion detection model and intrusion detection model based on data mining, design for intrusion detection intrusion detection systems based on improved fuzzy C-means algorithm, In the model, the design of each module, Detailed description of the various parts and the parts functions of the model, and finally the feasibility of the model were analyzed. This method is effective to solve the problem of false detection rate in intrusion detection system, so that the performance of intrusion detection systems has a greater improvement.

scholarly journals THE LOAD BALANCING OF SELF-SIMILAR TRAFFIC IN NETWORK INTRUSION DETECTION SYSTEMS

2020 ◽  
Vol 3 (7) ◽  
pp. 17-30
Author(s):  
Tamara Radivilova ◽  
Lyudmyla Kirichenko ◽  
Maksym Tawalbeh ◽  
Petro Zinchenko ◽  
Vitalii Bulakh
Keyword(s):  
Load Balancing ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Deep Packet Inspection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Load Imbalance ◽  
Packet Inspection

The problem of load balancing in intrusion detection systems is considered in this paper. The analysis of existing problems of load balancing and modern methods of their solution are carried out. Types of intrusion detection systems and their description are given. A description of the intrusion detection system, its location, and the functioning of its elements in the computer system are provided. Comparative analysis of load balancing methods based on packet inspection and service time calculation is performed. An analysis of the causes of load imbalance in the intrusion detection system elements and the effects of load imbalance is also presented. A model of a network intrusion detection system based on packet signature analysis is presented. This paper describes the multifractal properties of traffic. Based on the analysis of intrusion detection systems, multifractal traffic properties and load balancing problem, the method of balancing is proposed, which is based on the funcsioning of the intrusion detection system elements and analysis of multifractal properties of incoming traffic. The proposed method takes into account the time of deep packet inspection required to compare a packet with signatures, which is calculated based on the calculation of the information flow multifractality degree. Load balancing rules are generated by the estimated average time of deep packet inspection and traffic multifractal parameters. This paper presents the simulation results of the proposed load balancing method compared to the standard method. It is shown that the load balancing method proposed in this paper provides for a uniform load distribution at the intrusion detection system elements. This allows for high speed and accuracy of intrusion detection with high-quality multifractal load balancing.

Adaptive Ensemble Multi-Agent Based Intrusion Detection Model

2010 ◽  
pp. 36-48 ◽  
Author(s):  
Tarek Helmy
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Agent Based ◽  
Detection Model ◽  
Detection Analysis ◽  
Proposed Model ◽  
Multi Agent

The system that monitors the events occurring in a computer system or a network and analyzes the events for sign of intrusions is known as intrusion detection system. The performance of the intrusion detection system can be improved by combing anomaly and misuse analysis. This chapter proposes an ensemble multi-agent-based intrusion detection model. The proposed model combines anomaly, misuse, and host-based detection analysis. The agents in the proposed model use rules to check for intrusions, and adopt machine learning algorithms to recognize unknown actions, to update or create new rules automatically. Each agent in the proposed model encapsulates a specific classification technique, and gives its belief about any packet event in the network. These agents collaborate to determine the decision about any event, have the ability to generalize, and to detect novel attacks. Empirical results indicate that the proposed model is efficient, and outperforms other intrusion detection models.

scholarly journals Security Enrichment in Intrusion Detection System Using Classifier Ensemble

2017 ◽  
Vol 2017 ◽  
pp. 1-6 ◽  
Author(s):  
Uma R. Salunkhe ◽  
Suresh N. Mali
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Detection System ◽  
Hybrid Approach ◽  
Classifier Ensemble ◽  
Intrusion Detection Systems ◽  
Detection Rates ◽  
Detection Systems

In the era of Internet and with increasing number of people as its end users, a large number of attack categories are introduced daily. Hence, effective detection of various attacks with the help of Intrusion Detection Systems is an emerging trend in research these days. Existing studies show effectiveness of machine learning approaches in handling Intrusion Detection Systems. In this work, we aim to enhance detection rate of Intrusion Detection System by using machine learning technique. We propose a novel classifier ensemble based IDS that is constructed using hybrid approach which combines data level and feature level approach. Classifier ensembles combine the opinions of different experts and improve the intrusion detection rate. Experimental results show the improved detection rates of our system compared to reference technique.

scholarly journals Network Attacks Detection by Hierarchical Neural Network

2015 ◽  
Vol 4 (2) ◽  
pp. 119-132
Author(s):  
Mohammad Masoud Javidi
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Single Agent ◽  
Attack Detection ◽  
Intrusion Detection Systems ◽  
Training Dataset ◽  
Detection Systems ◽  
Combination Of Classifiers

Intrusion detection is an emerging area of research in the computer security and net-works with the growing usage of internet in everyday life. Most intrusion detection systems (IDSs) mostly use a single classifier algorithm to classify the network traffic data as normal behavior or anomalous. However, these single classifier systems fail to provide the best possible attack detection rate with low false alarm rate. In this paper,we propose to use a hybrid intelligent approach using a combination of classifiers in order to make the decision intelligently, so that the overall performance of the resul-tant model is enhanced. The general procedure in this is to follow the supervised or un-supervised data filtering with classifier or cluster first on the whole training dataset and then the output are applied to another classifier to classify the data. In this re- search, we applied Neural Network with Supervised and Unsupervised Learning in order to implement the intrusion detection system. Moreover, in this project, we used the method of Parallelization with real time application of the system processors to detect the systems intrusions.Using this method enhanced the speed of the intrusion detection. In order to train and test the neural network, NSLKDD database was used. Creating some different intrusion detection systems, each of which considered as a single agent, we precisely proceeded with the signature-based intrusion detection of the network.In the proposed design, the attacks have been classified into 4 groups and each group is detected by an Agent equipped with intrusion detection system (IDS).These agents act independently and report the intrusion or non-intrusion in the system; the results achieved by the agents will be studied in the Final Analyst and at last the analyst reports that whether there has been an intrusion in the system or not.Keywords: Intrusion Detection, Multi-layer Perceptron, False Positives, Signature- based intrusion detection, Decision tree, Nave Bayes Classifier

scholarly journals IDS-attention: an efficient algorithm for intrusion detection systems using attention mechanism

2021 ◽  
Vol 8 (1) ◽  
Author(s):  
FatimaEzzahra Laghrissi ◽  
Samira Douzi ◽  
Khadija Douzi ◽  
Badr Hssina
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Short Term Memory ◽  
Detection System ◽  
False Negative ◽  
False Negative Rate ◽  
Attention Mechanism ◽  
Intrusion Detection Systems ◽  
Network Attacks ◽  
Detection Systems

AbstractNetwork attacks are illegal activities on digital resources within an organizational network with the express intention of compromising systems. A cyber attack can be directed by individuals, communities, states or even from an anonymous source. Hackers commonly conduct network attacks to alter, damage, or steal private data. Intrusion detection systems (IDS) are the best and most effective techniques when it comes to tackle these threats. An IDS is a software application or hardware device that monitors traffic to search for malevolent activity or policy breaches. Moreover, IDSs are designed to be deployed in different environments, and they can either be host-based or network-based. A host-based intrusion detection system is installed on the client computer, while a network-based intrusion detection system is located on the network. IDSs based on deep learning have been used in the past few years and proved their effectiveness. However, these approaches produce a big false negative rate, which impacts the performance and potency of network security. In this paper, a detection model based on long short-term memory (LSTM) and Attention mechanism is proposed. Furthermore, we used four reduction algorithms, namely: Chi-Square, UMAP, Principal Components Analysis (PCA), and Mutual information. In addition, we evaluated the proposed approaches on the NSL-KDD dataset. The experimental results demonstrate that using Attention with all features and using PCA with 03 components had the best performance, reaching an accuracy of 99.09% and 98.49% for binary and multiclass classification, respectively.

A Hybrid Classification Technique for Enhancing the Effectiveness of Intrusion Detection Systems Using Machine Learning

2022 ◽  
Vol 12 (1) ◽  
pp. 1-18
Author(s):  
Kapil Kumar ◽  
Arvind Kumar ◽  
Vimal Kumar ◽  
Sunil Kumar
Keyword(s):  
Intrusion Detection ◽  
Autocorrelation Function ◽  
Intrusion Detection System ◽  
Detection System ◽  
Optimal Number ◽  
Intrusion Detection Systems ◽  
Series Data ◽  
Detection Systems ◽  
Hybrid Classification ◽  
Clustering Approach

The objective of this paper is to propose and develop a hybrid intrusion detection system to handle series and non-series data by applying the two different concepts that are named clustering and autocorrelation function in a single architecture. There is a need to propose and build a system that can handle both types of data whether it is series or non-series. Therefore, the authors used two concepts to generate a robust approach to craft a hybrid intrusion detection system. The authors utilize an unsupervised clustering approach that is used to categorize the data based on domain similarity to handle non-series data and another approach is based on autocorrelation function to handle series data. The approach is consumed in single architecture where it carries data as input from both host-based intrusion detection systems and network-based intrusion detection systems. The result shows that the hybrid intrusion detection system is categorizing data based on the optimal number of clusters obtained through the elbow method in clustering.

MODELLING OF AN INTRUSION DETECTION SYSTEM USING C4.5 MACHINE LEARNING ALGORITHM

2021 ◽  
Vol 4 (4) ◽  
pp. 454-459
Author(s):  
Oyenike Mary Olanrewaju ◽  
Faith Oluwatosin Echobu ◽  
Abubakar Mogaji
Keyword(s):  
Intrusion Detection ◽  
Security Policy ◽  
Learning Algorithm ◽  
Detection System ◽  
Knowledge Discovery In Databases ◽  
Protocol Violation ◽  
Detection Model ◽  
Software Applications ◽  
Detection Systems ◽  
Proposed Model

The increasing growth of wireless networking and new mobile computing devices has caused boundaries between trusted and malicious users to be blurred. The shift in security priorities from the network perimeter to information protection and user resources security is an open area for research which is concerned with the protection of user information’s confidentiality, integrity and availability. Intrusion detection systems are programs or software applications embedded in sophisticated devices to monitor the activities on networks or systems for security, policy or protocol violation or malicious activities detection. In this work, an intrusion detection model was proposed using C4.5 algorithm which was implemented with WEKA tool and RAPID MINER. The model showed good performance when trained and tested with validation techniques. Implementation of the proposed model was conducted on the Network Security Laboratory Knowledge Discovery in Databases (NSL-KDD) dataset, an improved version of KDD 99 dataset, which showed that the proposed model approach has an average detection rate of 99.62% and reduced false alarm rate of 0.38%.

Sign in / Sign up

Export Citation Format

Share Document