scholarly journals A Universal High-Performance Correlation Analysis Detection Model and Algorithm for Network Intrusion Detection System

2017 ◽  
Vol 2017 ◽  
pp. 1-9 ◽  
Author(s):  
Hongliang Zhu ◽  
Wenhan Liu ◽  
Maohua Sun ◽  
Yang Xin
Keyword(s):  
Intrusion Detection ◽  
Correlation Analysis ◽  
Intrusion Detection System ◽  
High Performance ◽  
Detection System ◽  
Transition Diagram ◽  
Detection Rates ◽  
Detection Techniques ◽  
Detection Model ◽  
Network Intrusion

In big data era, the single detection techniques have already not met the demand of complex network attacks and advanced persistent threats, but there is no uniform standard to make different correlation analysis detection be performed efficiently and accurately. In this paper, we put forward a universal correlation analysis detection model and algorithm by introducing state transition diagram. Based on analyzing and comparing the current correlation detection modes, we formalize the correlation patterns and propose a framework according to data packet timing and behavior qualities and then design a new universal algorithm to implement the method. Finally, experiment, which sets up a lightweight intrusion detection system using KDD1999 dataset, shows that the correlation detection model and algorithm can improve the performance and guarantee high detection rates.

scholarly journals Intrusion Detection Based on Big Data Fuzzy Analytics

2021 ◽  
Author(s):  
Farah Jemili ◽  
Hajer Bouras
Keyword(s):  
Big Data ◽  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
High Performance ◽  
Detection System ◽  
Training Dataset ◽  
False Alarms ◽  
Massive Datasets ◽  
Detection Rates

In today’s world, Intrusion Detection System (IDS) is one of the significant tools used to the improvement of network security, by detecting attacks or abnormal data accesses. Most of existing IDS have many disadvantages such as high false alarm rates and low detection rates. For the IDS, dealing with distributed and massive data constitutes a challenge. Besides, dealing with imprecise data is another challenge. This paper proposes an Intrusion Detection System based on big data fuzzy analytics; Fuzzy C-Means (FCM) method is used to cluster and classify the pre-processed training dataset. The CTU-13 and the UNSW-NB15 are used as distributed and massive datasets to prove the feasibility of the method. The proposed system shows high performance in terms of accuracy, precision, detection rates, and false alarms.

scholarly journals An Autoencoder-Based Network Intrusion Detection System for the SCADA System

2021 ◽  
pp. 210-216
Author(s):  
Mustafa Altaha ◽  
◽  
Jae-Myeong Lee ◽  
Muhammad Aslam ◽  
Sugwon Hong
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Communication Protocol ◽  
Detection System ◽  
Main Tool ◽  
Detection Model ◽  
Scada System ◽  
Network Intrusion ◽  
Power Substation

The intrusion detection system (IDS) is the main tool to do security monitoring that is one of the security strategies for the supervisory control and data acquisition (SCADA) system. In this paper, we develop an IDS based on the autoencoder deep learning model (AE-IDS) for the SCADA system. The target SCADA communication protocol of the detection model is the Distributed Network Protocol 3 (DNP3), which is currently the most commonly utilized communication protocol in the power substation. Cyberattacks that we consider are data injection or modification attacks, which are the most critical attacks in the SCADA systems. In this paper, we extracted 17 data features from DNP3 communication, and use them to train the autoencoder network. We measure accuracy and loss of detection and compare them with different supervised deep learning algorithms. The unsupervised AE-IDS model shows better performance than the other deep learning IDS models.

scholarly journals A Detailed Analysis of Benchmark Datasets for Network Intrusion Detection System

2021 ◽  
pp. 14-33
Author(s):  
Mossa Ghurab ◽  
Ghaleb Gaphari ◽  
Faisal Alshami ◽  
Reem Alshamy ◽  
Suad Othman
Keyword(s):  
Intrusion Detection ◽  
Detailed Analysis ◽  
Intrusion Detection System ◽  
Network Flow ◽  
Detection System ◽  
Attack Detection ◽  
Network Intrusion Detection ◽  
Detection Techniques ◽  
Network Intrusion ◽  
Network Intrusion Detection System

The enormous increase in the use of the Internet in daily life has provided an opportunity for the intruder attempt to compromise the security principles of availability, confidentiality, and integrity. As a result, organizations are working to increase the level of security by using attack detection techniques such as Network Intrusion Detection System (NIDS), which monitors and analyzes network flow and attacks detection. There are a lot of researches proposed to develop the NIDS and depend on the dataset for the evaluation. Datasets allow evaluating the ability in detecting intrusion behavior. This paper introduces a detailed analysis of benchmark and recent datasets for NIDS. Specifically, we describe eight well-known datasets that include: KDD99, NSL-KDD, KYOTO 2006+, ISCX2012, UNSW-NB 15, CIDDS-001, CICIDS2017, and CSE-CIC-IDS2018. For each dataset, we provide a detailed analysis of its instances, features, classes, and the nature of the features. The main objective of this paper is to offer overviews of the datasets are available for the NIDS and what each dataset is comprised of. Furthermore, some recommendations were made to use network-based datasets.

scholarly journals High Performance Network Intrusion Detection System

2019 ◽  
Vol 9 (2) ◽  
pp. 3749-3753
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
High Performance ◽  
Detection System ◽  
Network Intrusion Detection ◽  
Single Issue ◽  
Multiple Resources ◽  
Malicious Activity ◽  
Network Intrusion ◽  
Aes Encryption Algorithm

In this paper, we present intrusion detection system for finding the variant types of attacks in the network. It is the way to enhance the functionality in the network by reducing the chances of risks. ICMP protocol and AES encryption algorithm are used to report the error messages and manage the information being sent from source to destination. If there is any malicious activity occurred in the network, the user will be alerted of it by specifying them the type of malicious activity. As a result it reduces the chances of intrusions and contacting multiple resources for resolving single issue.

scholarly journals Intrusion Detection Systems

2019 ◽  
Vol 8 (2S11) ◽  
pp. 3976-3983
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Detection Rates ◽  
Detailed Review ◽  
Detection Techniques ◽  
Detection Systems ◽  
Research Gap ◽  
Detection Schemes

Intrusion Detection System is competent to detect the intrusions and alerting the administrator of system about the signs of possible intrusions. This paper presents a detailed review of the intrusion detection techniques used in WSNs. More specifically, the existing methods for blackhole and sinkhole attacks detection are reviewed. However, it is noted that most intrusion detection schemes proposed in the literature are either inefficient or have low detection rates/high false positive rates. This survey also highlights the research gap in this domain and provides better scope for the advanced work.

Intrusion Detection Systems: A Review

2019 ◽  
Vol 118 (6) ◽  
pp. 60-79
Author(s):  
Ashwini V. Jatti ◽  
V. J. K. Kishor Sonti
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Detection Rates ◽  
Detailed Review ◽  
Detection Techniques ◽  
Detection Systems ◽  
Research Gap ◽  
Detection Schemes

Intrusion Detection System is competent to detect the intrusions and alerting the administrator of system about the signs of possible intrusions. This paper presents a detailed review of the intrusion detection techniques used in WSNs. More specifically, the existing methods for blackhole and sinkhole attacks detection are reviewed. However, it is noted that most intrusion detection schemes proposed in the literature are either inefficient or have low detection rates/high false positive rates. This survey also highlights the research gap in this domain and provides better scope for the advanced work.

scholarly journals AE-CGAN Model based High Performance Network Intrusion Detection System

2019 ◽  
Vol 9 (20) ◽  
pp. 4221 ◽  
Author(s):  
JooHwa Lee ◽  
KeeHyun Park
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
High Performance ◽  
Detection System ◽  
Classification Algorithm ◽  
Network Intrusion Detection ◽  
Data Imbalance ◽  
Network Intrusion ◽  
Network Intrusion Detection System

In this paper, a high-performance network intrusion detection system based on deep learning is proposed for situations in which there are significant imbalances between normal and abnormal traffic. Based on the unsupervised learning models autoencoder (AE) and the generative adversarial networks (GAN) model during deep learning, the study aim is to solve the imbalance of data and intrusion detection of high performance. The AE-CGAN (autoencoder-conditional GAN) model is proposed to improve the performance of intrusion detection. This model oversamples rare classes based on the GAN model in order to solve the performance degradation caused by data imbalance after processing the characteristics of the data to a lower level using the autoencoder model. To measure the performance of the AE-CGAN model, data is classified using random forest (RF), a typical machine learning classification algorithm. In this experiment, we used the canadian institute for cybersecurity intrusion detection system (CICIDS)2017 dataset, the latest public dataset of network intrusion detection system (NIDS), and compared the three models to confirm efficacy of the proposed model. We compared the performance of three types of models. These included single-RF, a classification model using only a classification algorithm, AE-RF which is processed by classifying data features, and the AE-CGAN model which is classified after solving the data feature processing and data imbalance. Experimental results showed that the performance of the AE-CGAN model proposed in this paper was the highest. In particular, when the data were unbalanced, the performances of recall and F1 score, which are more accurate performance indicators, were 93.29% and 95.38%, respectively. The AE-CGAN model showed much better performance.

Sign in / Sign up

Export Citation Format

Share Document