scholarly journals Support Based Graph Framework for Effective Intrusion Detection and Classification

2021 ◽  
Author(s):  
Rahul B Adhao ◽  
Vinod K Pachghare
Keyword(s):  
Intrusion Detection ◽  
False Positive ◽  
Detection System ◽  
False Positive Rate ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Krill Herd ◽  
Positive Rate ◽  
Time Accuracy

Abstract Intrusion Detection System is one of the worthwhile areas for researchers for a long. Numbers of researchers have worked for increasing the efficiency of Intrusion Detection Systems. But still, many challenges are present in modern Intrusion Detection Systems. One of the major challenges is controlling the false positive rate. In this paper, we have presented an efficient soft computing framework for the classification of intrusion detection dataset to diminish a false positive rate. The proposed processing steps are described as; the input data is at first pre-processed by the normalization process. Afterward, optimal features are chosen for the dimensionality decrease utilizing krill herd optimization. Here, the effective feature assortment is utilized to enhance classification accuracy. Support value is then estimated from ideally chosen features and lastly, a support value-based graph is created for the powerful classification of data into intrusion or normal. The exploratory outcomes demonstrate that the presented technique outperforms the existing techniques regarding different performance examinations like execution time, accuracy, false-positive rate, and their intrusion detection model increases the detection rate and decreases the false rate.

scholarly journals A Reliable Intrusion Detection System in Wide Area Networks against the assault of DDOS

2019 ◽  
Vol 8 (10) ◽  
pp. 1810-1817
Keyword(s):  
Intrusion Detection ◽  
False Positive ◽  
Detection System ◽  
False Positive Rate ◽  
Denial Of Service ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Positive Rate ◽  
Enormous Number ◽  
Real Test

The real test with the present Web Intrusion Detection Systems is an enormous number of alarms are produced by the customary instruments and strategies where the greater part of them are false positive and less huge. It is hard for the web organize executive or approved client to audit each alarm that is produced by customary IDS apparatus on a bustling constant LAN or WAN condition. Thus, numerous MIM assaults might be undetected, which can make serious harm the system frameworks. Fundamentally, customary location models create countless interruption designs which produce high false positive rate. Because of countless interruption designs, a great deal of time is required for discovery of interruptions on correspondence arrange which antagonistically influences the productivity of the Intrusion Detection Systems. In this paper we proposed a half breed approaches for distinguishing different DDoS (Distributed Denial of Service) assaults in WAN. We directed an inexhaustible study on this works, from which we finished up how we move further on our work.

Usefulness of Sensor Fusion for Security Incident Analysis

2012 ◽  
pp. 165-180
Author(s):  
Ciza Thomas ◽  
N. Balakrishnan
Keyword(s):  
Intrusion Detection ◽  
Sensor Fusion ◽  
Detection System ◽  
False Positive Rate ◽  
Intrusion Detection Systems ◽  
Security Incident ◽  
Network Defense ◽  
Detection Systems ◽  
Positive Rate ◽  
The Individual

Intrusion Detection Systems form an important component of network defense. Because of the heterogeneity of the attacks, it has not been possible to make a single Intrusion Detection System that is capable of detecting all types of attacks with acceptable levels of accuracy. In this chapter, the distinct advantage of sensor fusion over individual IDSs is proved. The detection rate and the false positive rate quantify the performance benefit obtained through the fixing of threshold bounds. Also, the more independent and distinct the attack space is for the individual IDSs, the better the fusion of Intrusion Detection Systems performs. A simple theoretical model is initially illustrated and later supplemented with experimental evaluation. The chapter demonstrates that the proposed fusion technique is more flexible and also outperforms other existing fusion techniques such as OR, AND, SVM, and ANN, using the real-world network traffic embedded with attacks.

The Study of the Ontology and Context Verification Based Intrusion Detection Model

2014 ◽  
Vol 644-650 ◽  
pp. 3338-3341 ◽  
Author(s):  
Guang Feng Guo
Keyword(s):  
Intrusion Detection ◽  
Knowledge Base ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
False Positives ◽  
The Real ◽  
Detection Model ◽  
Positive Rate

During the 30-year development of the Intrusion Detection System, the problems such as the high false-positive rate have always plagued the users. Therefore, the ontology and context verification based intrusion detection model (OCVIDM) was put forward to connect the description of attack’s signatures and context effectively. The OCVIDM established the knowledge base of the intrusion detection ontology that was regarded as the center of efficient filtering platform of the false alerts to realize the automatic validation of the alarm and self-acting judgment of the real attacks, so as to achieve the goal of filtering the non-relevant positives alerts and reduce false positives.

Fuzzy Rule-Based Layered Classifier and Entropy-Based Feature Selection for Intrusion Detection System

2021 ◽  
pp. 289-309
Author(s):  
Devaraju Sellappan ◽  
Ramakrishnan Srinivasan
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Fuzzy Rule ◽  
Intrusion Detection Systems ◽  
Rule Based ◽  
Detection Systems ◽  
Positive Rate ◽  
Rule Based Classifier

Intrusion detection systems must detect the vulnerability consistently in a network and also perform efficiently with the huge amount of traffic. Intrusion detection systems must be capable of detecting emerging and proactive threats in the networks. Various classifiers are used to classify the threats as normal or intrusive by supervising the system activity. In this chapter, layered fuzzy rule-based classifier is proposed to detect the various intrusions, and fuzzy entropy-based feature selection is proposed to identify the relevant features. Layered fuzzy rule-based classifier is proposed to improve the performance of the intrusion detection system. KDD dataset contains various attacks; these attacks are grouped into four classes, namely Denial-of-Service (DoS), Probe, Remote-to-Local (R2L), and User-to-Root (U2R). Real-time dataset is also considered in this research. Experimental result shows that the proposed method provides good detection rate, minimizes the false positive rate, and less computational time.

scholarly journals Evaluation Of Efficiency For Intrusion Detection System Using Gini Index C5 Algorithm

2019 ◽  
Vol 8 (6) ◽  
pp. 2196-2200 ◽  
Keyword(s):  
Intrusion Detection ◽  
False Positive ◽  
Intrusion Detection System ◽  
Gini Index ◽  
Detection System ◽  
False Positive Rate ◽  
Principal Component ◽  
Statistical Technique ◽  
Data Mining Technique ◽  
Positive Rate

Security is the critical part in the computers and the networks which connect the computers each other’s through network for communication or exchange the data. It is a wide complex to secure the data while transmitting the data between the system/networks. The intrusion detection is a mechanism to protect the data. There are various existing mechanisms for intrusion detection namely neural network, data mining technique, fuzzy logic, statistical technique etc. In this paper, Principal Component Analysis is applied to reduce the features and Gini index C5 algorithm is used to investigate and evaluate the efficiency and false positive rate. The benchmark KDD dataset is used to evaluate the efficiency and minimize the false positive rate using Gini index C5 algorithm and compare with other algorithm which shows significant improvement and to experiment the KDD Dataset to improve the efficiency and minimize the false positive rate using MATLAB software and demonstrated with the KDD dataset

PAIRWISE CLUSTERS OPTIMIZATION AND CLUSTER MOST SIGNIFICANT FEATURE METHODS FOR ANOMALY-BASED NETWORK INTRUSION DETECTION SYSTEM (POC2MSF)

2018 ◽  
Vol 3 (2) ◽  
pp. 93
Author(s):  
Gervais Hatungimana
Keyword(s):  
Intrusion Detection ◽  
Network Traffic ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Significant Feature ◽  
Features Selection ◽  
Number Of Clusters ◽  
Network Intrusion

 Anomaly-based Intrusion Detection System (IDS) uses known baseline to detect patterns which have deviated from normal behavior. If the baseline is faulty, the IDS performance degrades. Most of researches in IDS which use k-centroids-based clustering methods like K-means, K-medoids, Fuzzy, Hierarchical and agglomerative algorithms to baseline network traffic suffer from high false positive rate compared to signature-based IDS, simply because the nature of these algorithms risk to force some network traffic into wrong profiles depending on K number of clusters needed. In this paper we propose alternate method which instead of defining K number of clusters, defines t distance threshold. The unrecognizable IDS; IDS which is neither HIDS nor NIDS is the consequence of using statistical methods for features selection. The speed, memory and accuracy of IDS are affected by inappropriate features reduction method or ignorance of irrelevant features. In this paper we use two-step features selection and Quality Threshold with Optimization methods to design anomaly-based HIDS and NIDS separately. The performance of our system is 0% ,99.9974%, 1,1 false positive rates, accuracy , precision and recall respectively for NIDS and  0%,99.61%, 0.991,0.978 false positive rates, accuracy, precision and recall respectively for HIDS.

Sign in / Sign up

Export Citation Format

Share Document