scholarly journals Data Reduction for Optimizing Feature Selection in Modeling Intrusion Detection System

2020 ◽  
Vol 13 (6) ◽  
pp. 199-207
Author(s):  
Alif Iman ◽  
◽  
Tohari Ahmad ◽  
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Outlier Detection ◽  
Data Reduction ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Positive Impact ◽  
Detection System ◽  
Detection Techniques

With the development and ease of access to internet networks, the potential for attacks and intrusions have increased. The intrusion detection system (IDS), an approach to overcome this problem, is grouped into two models: signature-based and anomaly-based. An anomaly-based IDS can be implemented by machine learning; one of the schemes in machine learning is data reduction. IDS datasets are usually obtained through a real-time process that has undefined proportional data. The purpose of data reduction is to speed up and optimize the process, improving accuracy, precision, and specifications. There are several methods to perform data reduction, one of which uses outlier detection techniques. Proper outlier detection has a positive impact on improving the classification results of machine learning. In this research, the outlier detection is done by a circle generated from the k -means clustering of all selected features. Two scenarios are designed for the evaluation: a circle generated from two points of the minimum and maximum cluster and median of all clusters. The formation of clusters conducted by k -means clustering determines the size and direction of the outlier circle so that it dynamically adjusts the distribution of data from the feature selection results. By employing the previous feature selection algorithms, the comparison is performed to evaluate the proposed method's performance. Our empirical results show that the second scenario can significantly improve the classification results in terms of accuracy, detection rate, and precision. The first and second experiments can increase the accuracy by 0.02%, and the third experiment is by 0.1%. The detection rate in the first, second, and third experiments increases by 0.01%, 0.02%, and 0.07. At the same time, precision increases by 0.04%, 0.02%, and 0.01%, correspondingly.

An intelligent flow-based and signature-based IDS for SDNs using ensemble feature selection and a multi-layer machine learning-based classifier

2020 ◽  
pp. 1-20
Author(s):  
K. Muthamil Sudar ◽  
P. Deepalakshmi
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Architecture ◽  
Detection System ◽  
Software Defined Networking ◽  
Control Plane ◽  
Control Logic ◽  
Data Plane

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

scholarly journals A feature selection algorithm combining information gain and multi-objective genetic search for intrusion detection system

2021 ◽  
Vol 336 ◽  
pp. 08008
Author(s):  
Tao Xie
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Information Gain ◽  
Detection System ◽  
Selection Algorithm ◽  
Feature Selection Algorithm ◽  
Genetic Search ◽  
Multi Objective

In order to improve the detection rate and speed of intrusion detection system, this paper proposes a feature selection algorithm. The algorithm uses information gain to rank the features in descending order, and then uses a multi-objective genetic algorithm to gradually search the ranking features to find the optimal feature combination. We classified the Kddcup98 dataset into five classes, DOS, PROBE, R2L, and U2R, and conducted numerous experiments on each class. Experimental results show that for each class of attack, the proposed algorithm can not only speed up the feature selection, but also significantly improve the detection rate of the algorithm.

scholarly journals Security Enrichment in Intrusion Detection System Using Classifier Ensemble

2017 ◽  
Vol 2017 ◽  
pp. 1-6 ◽  
Author(s):  
Uma R. Salunkhe ◽  
Suresh N. Mali
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Detection System ◽  
Hybrid Approach ◽  
Classifier Ensemble ◽  
Intrusion Detection Systems ◽  
Detection Rates ◽  
Detection Systems

In the era of Internet and with increasing number of people as its end users, a large number of attack categories are introduced daily. Hence, effective detection of various attacks with the help of Intrusion Detection Systems is an emerging trend in research these days. Existing studies show effectiveness of machine learning approaches in handling Intrusion Detection Systems. In this work, we aim to enhance detection rate of Intrusion Detection System by using machine learning technique. We propose a novel classifier ensemble based IDS that is constructed using hybrid approach which combines data level and feature level approach. Classifier ensembles combine the opinions of different experts and improve the intrusion detection rate. Experimental results show the improved detection rates of our system compared to reference technique.

scholarly journals Effects of Machine Learning Approach in Flow-Based Anomaly Detection on Software-Defined Networking

Symmetry ◽  
2019 ◽  
Vol 12 (1) ◽  
pp. 7 ◽  
Author(s):  
Samrat Kumar Dey ◽  
Md. Mahbubur Rahman
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Anomaly Detection ◽  
Intrusion Detection System ◽  
Learning Algorithm ◽  
Detection System ◽  
Single Point ◽  
Software Defined Networking ◽  
Recursive Feature Elimination

Recent advancements in software-defined networking (SDN) make it possible to overcome the management challenges of traditional networks by logically centralizing the control plane and decoupling it from the forwarding plane. Through a symmetric and centralized controller, SDN can prevent security breaches, but it can also bring in new threats and vulnerabilities. The central controller can be a single point of failure. Hence, flow-based anomaly detection system in OpenFlow Controller can secure SDN to a great extent. In this research, we investigated two different approaches of flow-based intrusion detection system in OpenFlow Controller. The first of which is based on machine-learning algorithm where NSL-KDD dataset with feature selection ensures the accuracy of 82% with random forest classifier using the gain ratio feature selection evaluator. In the later phase, the second approach is combined with a deep neural network (DNN)-based intrusion detection system based on gated recurrent unit-long short-term memory (GRU-LSTM) where we used a suitable ANOVA F-Test and recursive feature elimination selection method to boost classifier output and achieve an accuracy of 88%. Substantial experiments with comparative analysis clearly show that, deep learning would be a better choice for intrusion detection in OpenFlow Controller.

scholarly journals A Hybrid Genetic-Neuro Algorithm for Cloud Intrusion Detection System

2020 ◽  
Vol 1 (2) ◽  
pp. 15-25
Author(s):  
Suresh Adithya Nallamuthu ◽  
Keyword(s):  
Machine Learning ◽  
Genetic Algorithm ◽  
Performance Analysis ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Detection System ◽  
Attack Detection ◽  
Network Systems

The security for cloud network systems is essential and significant to secure the data source from intruders and attacks. Implementing an intrusion detection system (IDS) for securing from those intruders and attacks is the best option. Many IDS models are presently based on different techniques and algorithms like machine learning and deep learning. In this research, IDS for the cloud computing environment is proposed. Here in this model, the genetic algorithm (GA) and back propagation neural network (BPNN) is used for attack detection and classification. The Canadian Institute for Cyber-security CIC-IDS 2017 dataset is used for the evaluation of performance analysis. Initially, from the dataset, the data are preprocessed, and by using the genetic algorithm, the attack was detected. The detected attacks are classified using the BPNN classifier for identifying the types of attacks. The performance analysis was executed, and the results are obtained and compared with the existing machine learning-based classifiers like FC-ANN, NB-RF, KDBN, and FCM-SVM techniques. The proposed GA-BPNN model outperforms all these classifying techniques in every performance metric, like accuracy, precision, recall, and detection rate. Overall, from the performance analysis, the best classification accuracy is achieved for Web attack detection with 97.90%, and the best detection rate is achieved for Brute force attack detection with 97.89%.

Sign in / Sign up

Export Citation Format

Share Document