Artificial intelligence for classification and regression tree based feature selection method for network intrusion detection system in various telecommunication technologies

Author(s):  
Neeraj Kumar ◽  
Upendra Kumar
2018 ◽  
Vol 7 (2.20) ◽  
pp. 86
Author(s):  
CH Ramaiah ◽  
D Adithya Charan ◽  
R Syam Akhil

Secure automated threat detection and prevention is the more effective procedure to reduce the workload of analyst by scanning the network, server functions& then informs the analyst if any suspicious activity is detected in the network. It monitors the system continuously and responds according to the threat environment. This response action varies from phase to phase. Here suspicious activities are detected by the help of an artificial intelligence which acts as a virtual analyst concurrently with network intrusion detection system to defend from the threat environment and taking appropriate measures with the permission of the analyst. In its final phase where packet analysis is carried out to surf for attack vectors and then categorize supervised and unsupervised data.  Where the unsupervised data will be decoded or converted to supervised data with help of analyst feedback and then auto-update the algorithm (virtual analyst). So that it evolves the algorithm (with active learning mechanism) itself by time and become more efficient, strong. So, it can able to defend form similar or same kind of attacks.  


Network intrusions detection is a continuous vigilant task and to efficiently analyze the traffic in the corporate network to detect network intrusions. The efficiency of the Network Intrusion Detection System (NIDS) performance can be improved by adopting feature selection or reduction process to suit the present day high speed real time networks. This work is focused on identifying the key features of the audit dataset used to build an efficient light-weight NIDS. The NSL KDD dataset is used in this work titled Attribute Richness Based Feature Selection (ARFS) in order to analyze its performance.The obtained results are compared with the Correlation-based Feature Selection (CFS) and Information Gain (IG) feature selection methods. The proposed feature selection method produced better detection rate comparatively.


2017 ◽  
Vol 5 (1) ◽  
pp. 8-15
Author(s):  
Sergii Hilgurt ◽  

The multi-pattern matching is a fundamental technique found in applications like a network intrusion detection system, anti-virus, anti-worms and other signature- based information security tools. Due to rising traffic rates, increasing number and sophistication of attacks and the collapse of Moore’s law, traditional software solutions can no longer keep up. Therefore, hardware approaches are frequently being used by developers to accelerate pattern matching. Reconfigurable FPGA-based devices, providing the flexibility of software and the near-ASIC performance, have become increasingly popular for this purpose. Hence, increasing the efficiency of reconfigurable information security tools is a scientific issue now. Many different approaches to constructing hardware matching circuits on FPGAs are known. The most widely used of them are based on discrete comparators, hash-functions and finite automata. Each approach possesses its own pros and cons. None of them still became the leading one. In this paper, a method to combine several different approaches to enforce their advantages has been developed. An analytical technique to quickly advance estimate the resource costs of each matching scheme without need to compile FPGA project has been proposed. It allows to apply optimization procedures to near-optimally split the set of pattern between different approaches in acceptable time.


2020 ◽  
Vol 38 (1B) ◽  
pp. 6-14
Author(s):  
ٍٍSarah M. Shareef ◽  
Soukaena H. Hashim

Network intrusion detection system (NIDS) is a software system which plays an important role to protect network system and can be used to monitor network activities to detect different kinds of attacks from normal behavior in network traffics. A false alarm is one of the most identified problems in relation to the intrusion detection system which can be a limiting factor for the performance and accuracy of the intrusion detection system. The proposed system involves mining techniques at two sequential levels, which are: at the first level Naïve Bayes algorithm is used to detect abnormal activity from normal behavior. The second level is the multinomial logistic regression algorithm of which is used to classify abnormal activity into main four attack types in addition to a normal class. To evaluate the proposed system, the KDDCUP99 dataset of the intrusion detection system was used and K-fold cross-validation was performed. The experimental results show that the performance of the proposed system is improved with less false alarm rate.


Sign in / Sign up

Export Citation Format

Share Document