Improving the accuracy of intrusion detection systems by using the combination of machine learning approaches

2010 ◽  
Author(s):  
Hadi Sarvari ◽  
Mohammad Mehdi Keikha
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Learning Approaches ◽  
Detection Systems

scholarly journals ANOMALY DETECTION USING MACHINE LEARNING APPROACHES

2020 ◽  
Vol 3 (2) ◽  
pp. 196-206
Author(s):  
Mausumi Das Nath ◽  
◽  
Tapalina Bhattasali
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Vital Role ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Abnormal Behavior ◽  
Support Vector ◽  
Learning Approaches ◽  
Detection Systems ◽  
Internet Users

Due to the enormous usage of the Internet, users share resources and exchange voluminous amounts of data. This increases the high risk of data theft and other types of attacks. Network security plays a vital role in protecting the electronic exchange of data and attempts to avoid disruption concerning finances or disrupted services due to the unknown proliferations in the network. Many Intrusion Detection Systems (IDS) are commonly used to detect such unknown attacks and unauthorized access in a network. Many approaches have been put forward by the researchers which showed satisfactory results in intrusion detection systems significantly which ranged from various traditional approaches to Artificial Intelligence (AI) based approaches.AI based techniques have gained an edge over other statistical techniques in the research community due to its enormous benefits. Procedures can be designed to display behavior learned from previous experiences. Machine learning algorithms are used to analyze the abnormal instances in a particular network. Supervised learning is essential in terms of training and analyzing the abnormal behavior in a network. In this paper, we propose a model of Naïve Bayes and SVM (Support Vector Machine) to detect anomalies and an ensemble approach to solve the weaknesses and to remove the poor detection results

scholarly journals Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches

2020 ◽  
Vol 10 (5) ◽  
pp. 1775 ◽  
Author(s):  
Roberto Magán-Carrión ◽  
Daniel Urda ◽  
Ignacio Díaz-Cano ◽  
Bernabé Dorronsoro
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Attack Detection ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Learning Approaches ◽  
Network Attack ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems

Presently, we are living in a hyper-connected world where millions of heterogeneous devices are continuously sharing information in different application contexts for wellness, improving communications, digital businesses, etc. However, the bigger the number of devices and connections are, the higher the risk of security threats in this scenario. To counteract against malicious behaviours and preserve essential security services, Network Intrusion Detection Systems (NIDSs) are the most widely used defence line in communications networks. Nevertheless, there is no standard methodology to evaluate and fairly compare NIDSs. Most of the proposals elude mentioning crucial steps regarding NIDSs validation that make their comparison hard or even impossible. This work firstly includes a comprehensive study of recent NIDSs based on machine learning approaches, concluding that almost all of them do not accomplish with what authors of this paper consider mandatory steps for a reliable comparison and evaluation of NIDSs. Secondly, a structured methodology is proposed and assessed on the UGR’16 dataset to test its suitability for addressing network attack detection problems. The guideline and steps recommended will definitively help the research community to fairly assess NIDSs, although the definitive framework is not a trivial task and, therefore, some extra effort should still be made to improve its understandability and usability further.

scholarly journals A Review on Machine Learning Approaches for Network Malicious Behavior Detection in Emerging Technologies

Entropy ◽  
2021 ◽  
Vol 23 (5) ◽  
pp. 529
Author(s):  
Mahdi Rabbani ◽  
Yongli Wang ◽  
Reza Khoshkangini ◽  
Hamed Jelodar ◽  
Ruxin Zhao ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Learning Approaches ◽  
Behavior Detection ◽  
Detection Systems ◽  
Malicious Behavior ◽  
Network Intrusion ◽  
Learning Techniques ◽  
Detection And Recognition

Network anomaly detection systems (NADSs) play a significant role in every network defense system as they detect and prevent malicious activities. Therefore, this paper offers an exhaustive overview of different aspects of anomaly-based network intrusion detection systems (NIDSs). Additionally, contemporary malicious activities in network systems and the important properties of intrusion detection systems are discussed as well. The present survey explains important phases of NADSs, such as pre-processing, feature extraction and malicious behavior detection and recognition. In addition, with regard to the detection and recognition phase, recent machine learning approaches including supervised, unsupervised, new deep and ensemble learning techniques have been comprehensively discussed; moreover, some details about currently available benchmark datasets for training and evaluating machine learning techniques are provided by the researchers. In the end, potential challenges together with some future directions for machine learning-based NADSs are specified.

An Artificial Intelligence-based Intrusion Detection System

2021 ◽  
Vol 07 (02) ◽  
pp. 95-111
Author(s):  
Thani Almuhairi ◽  
◽  
Ahmad Almarri ◽  
Khalid Hokal ◽  
Keyword(s):  
Artificial Intelligence ◽  
Machine Learning ◽  
Intrusion Detection ◽  
Network Traffic ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Learning Approaches ◽  
Malicious Attacks ◽  
Medical Systems ◽  
Detection Systems

Intrusion detection systems have been used in many systems to avoid malicious attacks. Traditionally, these intrusion detection systems use signature-based classification to detect predefined attacks and monitor the network's overall traffic. These intrusion detection systems often fail when an unseen attack occurs, which does not match with predefined attack signatures, leaving the system hopeless and vulnerable. In addition, as new attacks emerge, we need to update the database of attack signatures, which contains the attack information. This raises concerns because it is almost impossible to define every attack in the database and make the process costly also. Recently, research in conjunction with artificial intelligence and network security has evolved. As a result, it created many possibilities to enable machine learning approaches to detect the new attacks in network traffic. Machine learning has already shown successful results in the domain of recommendation systems, speech recognition, and medical systems. So, in this paper, we utilize machine learning approaches to detect attacks and classify them. This paper uses the CSE-CIC-IDS dataset, which contains normal and malicious attacks samples. Multiple steps are performed to train the network traffic classifier. Finally, the model is deployed for testing on sample data.

scholarly journals Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT

2021 ◽  
Vol 1 (2) ◽  
pp. 252-273
Author(s):  
Pavlos Papadopoulos ◽  
Oliver Thornewill von Essen ◽  
Nikolaos Pitropakis ◽  
Christos Chrysoulas ◽  
Alexios Mylonas ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Learning Models ◽  
Detection Systems ◽  
Network Intrusion ◽  
Robust Model ◽  
Significant Probability ◽  
Adversarial Examples ◽  
Attack Surface

As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defending approaches are no longer sufficient to detect both known and unknown attacks to high accuracy. Machine learning intrusion detection systems have proven their success in identifying unknown attacks with high precision. Nevertheless, machine learning models are also vulnerable to attacks. Adversarial examples can be used to evaluate the robustness of a designed model before it is deployed. Further, using adversarial examples is critical to creating a robust model designed for an adversarial environment. Our work evaluates both traditional machine learning and deep learning models’ robustness using the Bot-IoT dataset. Our methodology included two main approaches. First, label poisoning, used to cause incorrect classification by the model. Second, the fast gradient sign method, used to evade detection measures. The experiments demonstrated that an attacker could manipulate or circumvent detection with significant probability.

Sign in / Sign up

Export Citation Format

Share Document