Application of Deep Learning Technique in an Intrusion Detection System

2020 ◽  
Vol 19 (02) ◽  
pp. 2050016
Author(s):  
Shideh Saraeian ◽  
Mahya Mohammadi Golchi
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Visual Analysis ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Hybrid Network ◽  
Machine Learning Techniques ◽  
Learning Technique

Comprehensive development of computer networks causes the increment of Distributed Denial of Service (DDoS) attacks. These types of attacks can easily restrict communication and computing. Among all the previous researches, the accuracy of the attack detection has not been properly addressed. In this study, deep learning technique is used in a hybrid network-based Intrusion Detection System (IDS) to detect intrusion on network. The performance of the proposed technique is evaluated on the NSL-KDD and ISCXIDS 2012 datasets. We performed traffic visual analysis using Wireshark tool and did some experimentations to prove the superiority of the proposed method. The results have shown that our proposed method achieved higher accuracy in comparison with other useful machine learning techniques.

scholarly journals Deep Learning Based Attack Detection in IIoT using Two-Level Intrusion Detection System

2021 ◽  
Author(s):  
Kathiroli Raja ◽  
Krithika Karthikeyan ◽  
Abilash B ◽  
Kapal Dev ◽  
Gunasekaran Raja
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Production Management ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Sensitive Information ◽  
Smart Meters ◽  
Network Intrusion

Abstract The Industrial Internet of Things (IIoT), also known as Industry 4.0, has brought a revolution in the production and manufacturing sectors as it assists in the automation of production management and reduces the manual effort needed in auditing and managing the pieces of machinery. IoT-enabled industries, in general, use sensors, smart meters, and actuators. Most of the time, the data held by these devices is surpassingly sensitive and private. This information might be modified,
1
stolen, or even the devices may be subjected to a Denial of Service (DoS) attack. As a consequence, the product quality may deteriorate or sensitive information may be leaked. An Intrusion Detection System (IDS), implemented in the network layer of IIoT, can detect attacks, thereby protecting the data and devices. Despite substantial advancements in attack detection in IIoT, existing works fail to detect certain attacks obfuscated from detectors resulting in a low detection performance. To address the aforementioned issue, we propose a Deep Learning-based Two Level Network Intrusion Detection System (DLTL-NIDS) for IIoT environment, emphasizing challenging attacks. The attacks that attain low accuracy or low precision in level-1 detection are marked as challenging attacks. Experimental results show that the proposed model, when tested against TON IoT, figures out the challenging attacks well and achieves an accuracy of 99.97%, precision of 95.62%, recall of 99.5%, and F1-score of 99.65%. The proposed DL-TLNIDS, when compared with state-of-art models, achieves a decrease in false alarm rate to 2.34% (flagging normal traffic as an attack) in IIoT.

scholarly journals Machine Learning-Based Distributed Denial of Service Attack Detection on Intrusion Detection System Regarding to Feature Selection

2020 ◽  
Vol 4 (1) ◽  
Author(s):  
Ahmad Azhari ◽  
Arif Wirawan Muhammad ◽  
Cik Feresa Mohd Foozy
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Policy Development ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Machine Learning Techniques ◽  
Ddos Attacks ◽  
Detection Techniques

Distributed Service Denial (DDoS) is a type of network attack, which each year increases in volume and intensity.  DDoS attacks also form part of the major types of cyber security threats so far. Early detection plays a key role in avoiding the catastrophic effects on server infrastructure from DDoS attacks. Detection techniques in the traditional Intrusion Detection System (IDS) are far from perfect compared to a number of modern techniques and tools used by attackers, because the traditional IDS only uses signature-based detection or anomaly-based detection models and causes a lot of false positive flags, since the flow of computer network data packets has complex properties in terms of both size and source. Based on the  deficiency in the ordinary IDS, this study aims to detect DDoS attacks by using machine learning techniques to enhance IDS policy development.  According to the experiment the selection of features plays an important role in the precision of the detection results and in the performance of machine learning in classification problems. The combination of seven key selected dataset features used as an input neural network classifier in this study provides the highest accuracy value at 97.76%.

scholarly journals Design Of Intrusion Detection System For Dos Attack In 6lowpan And RPL Based IoT Network

2019 ◽  
Vol 8 (11) ◽  
pp. 3840-3844
Keyword(s):  
Intrusion Detection ◽  
Low Power ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Area Network ◽  
Dos Attack ◽  
Resource Constrained ◽  
Ipv6 Protocol

Internet of Things (IoT) is a network spread globally and accommodates maximum things under it. All these things are connected globally using IPv6 protocol which satisfies the need of connecting maximum devices by supporting 2^128 addresses. Because of heavy-weight nature of IPv6 protocol, a compressed version of it known as IPv6 Low Power Personal Area Network (6LoWPAN) protocol is used for a resource-constrained network that communicates over low power and lossy links. In IoT, devices are resource-constrained in terms of low battery power, less processing power, less transceiver power, etc. Also these devices are directly connected to insecure internet hence it is very challenging to maintain security in IoT network. In this paper, we have discussed various attacks on 6LoWPAN and RPL network along with countermeasures to reduce the attacks. DoS attack is one of the severe attacks in IoT which has various patterns of execution. Out of various attacks we have designed Intrusion Detection System (IDS) for Denial of Service (DOS) attack detection using Contiki OS and Cooja simulator.

scholarly journals Intrusion Detection System using Hybrid SVM-RF and SVM-DT in Wireless Sensor Networks

2019 ◽  
Vol 8 (2S8) ◽  
pp. 1926-1931
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Hybrid Algorithm ◽  
Detection Rate ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Support Vector ◽  
Second Stage ◽  
Network Intrusion

Intrusion detection system (IDS) is one of the essential security mechanisms against attacks in WSN. Network intrusion detection system (NIDS) generally uses the classification techniques in order to obtain the best possible accuracy and attack detection rate. In this paper, Intrusion Detection System is designed which uses two-stage hybrid classification method. In the first stage it uses Support Vector Machine (SVM) as anomaly detection, and in the second stage it uses Random Forest (RF)/Decision Tree (DT) as misuse. The abnormal activities are detected in the first stage. These abnormal activities are further analyzed and the known attacks are identified in the second stage and are classified as Denial of Service (DoS) attack, Probe attack, Remote to Local (R2L) attack and User to Root (U2R) attack. Simulation results reveal that the proposed hybrid algorithm obtains better accuracy and detection rate than the single classifier namely, SVM, RF and DT algorithm. The experimental results also shows that hybrid algorithm can detect anomaly activity in a reliable way. Proposed technique uses the standard NSL KDD dataset to evaluate/calculate the performance of the proposed approach. Here the results show that the proposed Hybrid SVM-RF/DT IDS technique performs better in terms of detection rate, accuracy and recall than the existing SVM, RF and DT approaches.

scholarly journals Analisis Perbandingan Kinerja Snort Dan Suricata Sebagai Intrusion Detection System Dalam Mendeteksi Serangan Syn Flood Pada Web Server Apache

Respati ◽  
2020 ◽  
Vol 15 (2) ◽  
pp. 6
Author(s):  
Lukman Lukman ◽  
Melati Suci
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Web Server ◽  
Attack Detection ◽  
Web Servers ◽  
Server Software ◽  
The Web

INTISARIKeamanan jaringan pada web server merupakan bagian yang paling penting untuk menjamin integritas dan layanan bagi pengguna. Web server sering kali menjadi target serangan yang mengakibatkan kerusakan data. Salah satunya serangan SYN Flood merupakan jenis serangan Denial of Service (DOS) yang memberikan permintaan SYN secara besar-besaran kepada web server.Untuk memperkuat keamanan jaringan web server penerapan Intrusion Detection System (IDS) digunakan untuk mendeteksi serangan, memantau dan menganalisa serangan pada web server. Software IDS yang sering digunakan yaitu IDS Snort dan IDS Suricata yang memiliki kelebihan dan kekurangannya masing-masing. Tujuan penelitian kali ini untuk membandingkan kedua IDS menggunakan sistem operasi linux dengan pengujian serangan menggunakan SYN Flood yang akan menyerang web server kemudian IDS Snort dan Suricata yang telah terpasang pada web server akan memberikan peringatan jika terjadi serangan. Dalam menentukan hasil perbandingan, digunakan parameter-parameter yang akan menjadi acuan yaitu jumlah serangan yang terdeteksi dan efektivitas deteksi serangan dari kedua IDS tersebut.Kata kunci: Keamanan jaringan, Web Server, IDS, SYN Flood, Snort, Suricata. ABSTRACTNetwork security on the web server is the most important part to guarantee the integrity and service for users. Web servers are often the target of attacks that result in data damage. One of them is the SYN Flood attack which is a type of Denial of Service (DOS) attack that gives a massive SYN request to the web server.To strengthen web server network security, the application of Intrusion Detection System (IDS) is used to detect attacks, monitor and analyze attacks on web servers. IDS software that is often used is IDS Snort and IDS Suricata which have their respective advantages and disadvantages.The purpose of this study is to compare the two IDS using the Linux operating system with testing the attack using SYN Flood which will attack the web server then IDS Snort and Suricata that have been installed on the web server will give a warning if an attack occurs. In determining the results of the comparison, the parameters used will be the reference, namely the number of attacks detected and the effectiveness of attack detection from the two IDS.Keywords: Network Security, Web Server, IDS, SYN Flood, Snort, Suricata.

An intrusion detection system for health-care system using machine and deep learning

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Sagar Pande ◽  
Aditya Khamparia ◽  
Deepak Gupta
Keyword(s):  
Machine Learning ◽  
Health Care ◽  
Deep Learning ◽  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Content Type ◽  
Learning Techniques

Purpose One of the important key components of health care–based system is a reliable intrusion detection system. Traditional techniques are not adequate to handle complex data. Also, the diversified intrusion techniques cannot meet current network requirements. Not only the data is getting increased but also the attacks are increasing very rapidly. Deep learning and machine learning techniques are very trending in the area of research in the area of network security. A lot of work has been done in this area by still evolutionary algorithms along with machine learning is very rarely explored. The purpose of this study is to provide novel deep learning framework for the detection of attacks. Design/methodology/approach In this paper, novel deep learning is the framework is proposed for the detection of attacks. Also, a comparison of machine learning and deep learning algorithms is provided. Findings The obtained results are more than 99% for both the data sets. Research limitations/implications The diversified intrusion techniques cannot meet current network requirements. Practical implications The data is getting increased but also the attacks are increasing very rapidly. Social implications Deep learning and machine learning techniques are very trending in the area of research in the area of network security. Originality/value Novel deep learning is the framework is proposed for the detection of attacks.

scholarly journals A Survey on Intrusion Detection System using Machine Learning and Deep Learning

2019 ◽  
pp. 264-270
Author(s):  
Er. Hemavati ◽  
Aparna R
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Performance Metrics ◽  
Detection System ◽  
Attack Detection ◽  
Machine Learning Techniques ◽  
Network Applications ◽  
Important Challenge ◽  
Iot Devices

As we know internet of Things (IoT) is one of the fastest growing paradigm which is composed of Internet and different physical devices with different domains or the smart applications like home automation, business automation applications, health and environmental monitoring applications. The dependency on IOT devices is increasing day by day with our daily activities, which leads to most important challenge for security. Since having a better monitoring system for better security is a need. From more than two decades the concept or the frame work called IDS (Intrusion detection system) is playing important role for detecting the attacks in the network. Since the network attacks are not fixed in nature, a new type of attacks are happening on the network applications. There are many traditional IDS techniques are available but they are complex to apply. Since machine learning is one of the important area which is achieving good results in many applications. In this paper we study about the different machine learning techniques used till now and the methodology for the attack detection and the validation strategy. We will also discuss about the performance metrics.

scholarly journals A technical review and comparative analysis of machine learning techniques for intrusion detection systems in MANET

2020 ◽  
Vol 10 (3) ◽  
pp. 2701
Author(s):  
Safaa Laqtib ◽  
Khalid El Yassini ◽  
Moulay Lahcen Hasnaoui
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
Learning Methods ◽  
Detection Systems ◽  
Learning Techniques

Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network Inception-CNN, Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning methods in MANET.

Sign in / Sign up

Export Citation Format

Share Document