DNA Encoding for Misuse Intrusion Detection System based on UNSW-NB15 Data Set

Detection System ◽

Attack Detection ◽

High Rate ◽

Dna Encoding ◽

Data Set ◽

Detection Rates ◽

Detection Systems ◽

Threat Environment

Recent researches showed that DNA encoding and pattern matching can be used for the intrusion-detection system (IDS), with results of high rate of attack detection. The evaluation of these intrusion detection systems is based on datasets that are generated decades ago. However, numerous studies outlined that these datasets neither inclusively reflect the network traffic, nor the modern low footprint attacks, and do not cover the current network threat environment. In this paper, a new DNA encoding for misuse IDS based on UNSW-NB15 dataset is proposed. The proposed system is performed by building a DNA encoding for all values of 49 attributes. Then attack keys (based on attack signatures) are extracted and, finally, Raita algorithm is applied to classify records, either attacks or normal, based on the extracted keys. The results of the current experiment showed that the proposed system achieved good detection rates for all of attacks, which included the Analysis, Backdoor, DoS, Exploits, Fuzzers, Generic, Reconnaissance, Shellcode, and Worms, with values of 82.56%, 92.68%, 75.59%, 75.42%, 67%, 99.28%, 81.02%, 73.6%, 85%, and 90.91%, respectively. The values of false alarm rate and accuracy were equal to 24% and 89.05%, respectively. Also, the execution time for the proposed system was found to be short, where the values of the encoding time and matching time for one record were 0.45 and 0.002 second, respectively.

Security Enrichment in Intrusion Detection System Using Classifier Ensemble

Journal of Electrical and Computer Engineering ◽

10.1155/2017/1794849 ◽

2017 ◽

Vol 2017 ◽

pp. 1-6 ◽

Cited By ~ 5

Author(s):

Uma R. Salunkhe ◽

Suresh N. Mali

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

Detection Rate ◽

Detection System ◽

Hybrid Approach ◽

Classifier Ensemble ◽

Detection Rates ◽

Detection Systems

In the era of Internet and with increasing number of people as its end users, a large number of attack categories are introduced daily. Hence, effective detection of various attacks with the help of Intrusion Detection Systems is an emerging trend in research these days. Existing studies show effectiveness of machine learning approaches in handling Intrusion Detection Systems. In this work, we aim to enhance detection rate of Intrusion Detection System by using machine learning technique. We propose a novel classifier ensemble based IDS that is constructed using hybrid approach which combines data level and feature level approach. Classifier ensembles combine the opinions of different experts and improve the intrusion detection rate. Experimental results show the improved detection rates of our system compared to reference technique.

Building attack detection system base on machine learning

Global Journal of Engineering and Technology Advances ◽

10.30574/gjeta.2021.6.2.0010 ◽

2021 ◽

Vol 6 (2) ◽

pp. 018-032

Author(s):

Rasha Thamer Shawe ◽

Kawther Thabt Saleh ◽

Farah Neamah Abbas

Keyword(s):

Data Mining ◽

Support Vector Machine ◽

Network Security ◽

Intrusion Detection ◽

Detection System ◽

Attack Detection ◽

Support Vector ◽

Data Set ◽

Kdd Cup 99

These days, security threats detection, generally discussed to as intrusion, has befitted actual significant and serious problem in network, information and data security. Thus, an intrusion detection system (IDS) has befitted actual important element in computer or network security. Avoidance of such intrusions wholly bases on detection ability of Intrusion Detection System (IDS) which productions necessary job in network security such it identifies different kinds of attacks in network. Moreover, the data mining has been playing an important job in the different disciplines of technologies and sciences. For computer security, data mining are presented for serving intrusion detection System (IDS) to detect intruders accurately. One of the vital techniques of data mining is characteristic, so we suggest Intrusion Detection System utilizing data mining approach: SVM (Support Vector Machine). In suggest system, the classification will be through by employing SVM and realization concerning the suggested system efficiency will be accomplish by executing a number of experiments employing KDD Cup’99 dataset. SVM (Support Vector Machine) is one of the best distinguished classification techniques in the data mining region. KDD Cup’99 data set is utilized to execute several investigates in our suggested system. The experimental results illustration that we can decrease wide time is taken to construct SVM model by accomplishment suitable data set pre-processing. False Positive Rate (FPR) is decrease and Attack detection rate of SVM is increased .applied with classification algorithm gives the accuracy highest result. Implementation Environment Intrusion detection system is implemented using Mat lab 2015 programming language, and the examinations have been implemented in the environment of Windows-7 operating system mat lab R2015a, the processor: Core i7- Duo CPU 2670, 2.5 GHz, and (8GB) RAM.

Network Attacks Detection by Hierarchical Neural Network

Computer Engineering and Applications Journal ◽

10.18495/comengapp.v4i2.108 ◽

2015 ◽

Vol 4 (2) ◽

pp. 119-132

Author(s):

Mohammad Masoud Javidi

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Detection System ◽

Single Agent ◽

Attack Detection ◽

Training Dataset ◽

Detection Systems ◽

Combination Of Classifiers

Intrusion detection is an emerging area of research in the computer security and net-works with the growing usage of internet in everyday life. Most intrusion detection systems (IDSs) mostly use a single classifier algorithm to classify the network traffic data as normal behavior or anomalous. However, these single classifier systems fail to provide the best possible attack detection rate with low false alarm rate. In this paper,we propose to use a hybrid intelligent approach using a combination of classifiers in order to make the decision intelligently, so that the overall performance of the resul-tant model is enhanced. The general procedure in this is to follow the supervised or un-supervised data filtering with classifier or cluster first on the whole training dataset and then the output are applied to another classifier to classify the data. In this re- search, we applied Neural Network with Supervised and Unsupervised Learning in order to implement the intrusion detection system. Moreover, in this project, we used the method of Parallelization with real time application of the system processors to detect the systems intrusions.Using this method enhanced the speed of the intrusion detection. In order to train and test the neural network, NSLKDD database was used. Creating some different intrusion detection systems, each of which considered as a single agent, we precisely proceeded with the signature-based intrusion detection of the network.In the proposed design, the attacks have been classified into 4 groups and each group is detected by an Agent equipped with intrusion detection system (IDS).These agents act independently and report the intrusion or non-intrusion in the system; the results achieved by the agents will be studied in the Final Analyst and at last the analyst reports that whether there has been an intrusion in the system or not.Keywords: Intrusion Detection, Multi-layer Perceptron, False Positives, Signature- based intrusion detection, Decision tree, Nave Bayes Classifier

Research on Property and Model Optimization of Multiclass SVM for NIDS

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.347-350.3696 ◽

2013 ◽

Vol 347-350 ◽

pp. 3696-3701 ◽

Cited By ~ 1

Author(s):

Jian Hao Song ◽

Gang Zhao ◽

Jun Yi Song

Keyword(s):

Intrusion Detection ◽

Detection System ◽

High Rate ◽

Support Vector ◽

False Negatives ◽

Online Data ◽

Detection Systems ◽

Network Intrusion ◽

Multiclass Svm

By investigating insufficiency of typical artificial intelligence algorithms aiming at the high rate of False-Positives and False-Negatives in the Intrusion Detection Systems (IDS), this paper presents an approach that Support Vector Machine (SVM) is embedded in Network Intrusion Detection System (NIDS). At the same time, by using online data and K-fold cross-validation method, this paper proposes a method to optimize the attributes and model of SVM respectively. Experimental results show that by using this method as the detection core of the intrusion detection system, the rate of False-Negatives in IDS can be reduced significantly.

Intrusion Detection Systems

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1540.0982s1119 ◽

2019 ◽

Vol 8 (2S11) ◽

pp. 3976-3983

Keyword(s):

Intrusion Detection ◽

Detection System ◽

Detection Rates ◽

Detailed Review ◽

Detection Techniques ◽

Detection Systems ◽

Research Gap ◽

Detection Schemes

Intrusion Detection System is competent to detect the intrusions and alerting the administrator of system about the signs of possible intrusions. This paper presents a detailed review of the intrusion detection techniques used in WSNs. More specifically, the existing methods for blackhole and sinkhole attacks detection are reviewed. However, it is noted that most intrusion detection schemes proposed in the literature are either inefficient or have low detection rates/high false positive rates. This survey also highlights the research gap in this domain and provides better scope for the advanced work.

Intrusion Detection Systems: A Review

Restaurant Business ◽

10.26643/rb.v118i6.7239 ◽

2019 ◽

Vol 118 (6) ◽

pp. 60-79

Author(s):

Ashwini V. Jatti ◽

V. J. K. Kishor Sonti

Keyword(s):

Intrusion Detection ◽

Detection System ◽

Detection Rates ◽

Detailed Review ◽

Detection Techniques ◽

Detection Systems ◽

Research Gap ◽

Detection Schemes

Intrusion Detection Systems: A Review

Restaurant Business ◽

10.26643/rb.v118i7.7246 ◽

2019 ◽

Vol 118 (7) ◽

pp. 50-58

Author(s):

Ashwini V. Jatti ◽

V. J. K. Kishor Sonti

Keyword(s):

Intrusion Detection ◽

Detection System ◽

Detection Rates ◽

Detailed Review ◽

Detection Techniques ◽

Detection Systems ◽

Research Gap ◽

Detection Schemes

Structural Design of Intrusion Detection System

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.530-531.705 ◽

2014 ◽

Vol 530-531 ◽

pp. 705-708

Author(s):

Yao Meng

Keyword(s):

Intrusion Detection ◽

Structural Design ◽

Detection System ◽

Algorithm Design ◽

Detection Algorithm ◽

Attack Detection ◽

Detection Algorithms ◽

Defense Systems ◽

Ddos Attack Detection

This paper first engine starting defense from Intrusion Detection, Intrusion detection engine analyzes the hardware platform, the overall structure of the technology and the design of the overall structure of the plug, which on the whole structure from intrusion defense systems were designed; then described in detail improved DDOS attack detection algorithm design thesis, and the design of anomaly detection algorithms.

HCRNNIDS: Hybrid Convolutional Recurrent Neural Network-Based Network Intrusion Detection System

Processes ◽

10.3390/pr9050834 ◽

2021 ◽

Vol 9 (5) ◽

pp. 834

Author(s):

Muhammad Ashfaq Khan

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Recurrent Neural Network ◽

Network Intrusion Detection System

Detection System ◽

Attack Detection ◽

Network Intrusion Detection ◽

Complex Nature ◽

Network Intrusion ◽

Nowadays, network attacks are the most crucial problem of modern society. All networks, from small to large, are vulnerable to network threats. An intrusion detection (ID) system is critical for mitigating and identifying malicious threats in networks. Currently, deep learning (DL) and machine learning (ML) are being applied in different domains, especially information security, for developing effective ID systems. These ID systems are capable of detecting malicious threats automatically and on time. However, malicious threats are occurring and changing continuously, so the network requires a very advanced security solution. Thus, creating an effective and smart ID system is a massive research problem. Various ID datasets are publicly available for ID research. Due to the complex nature of malicious attacks with a constantly changing attack detection mechanism, publicly existing ID datasets must be modified systematically on a regular basis. So, in this paper, a convolutional recurrent neural network (CRNN) is used to create a DL-based hybrid ID framework that predicts and classifies malicious cyberattacks in the network. In the HCRNNIDS, the convolutional neural network (CNN) performs convolution to capture local features, and the recurrent neural network (RNN) captures temporal features to improve the ID system’s performance and prediction. To assess the efficacy of the hybrid convolutional recurrent neural network intrusion detection system (HCRNNIDS), experiments were done on publicly available ID data, specifically the modern and realistic CSE-CIC-DS2018 data. The simulation outcomes prove that the proposed HCRNNIDS substantially outperforms current ID methodologies, attaining a high malicious attack detection rate accuracy of up to 97.75% for CSE-CIC-IDS2018 data with 10-fold cross-validation.

An Intrusion Detection System for Smart Grid Neighborhood Area Network

10.32920/ryerson.14656977.v1 ◽

2021 ◽

Author(s):

Nasim Beigi Mohammadi

Keyword(s):

Intrusion Detection ◽

Smart Grid ◽

Detection System ◽

Area Network ◽

Wormhole Attack ◽

Detection Systems ◽

Wireless Mesh ◽

First Time ◽

Neighborhood Area Network

Smart grid is expected to improve the efficiency, reliability and economics of current energy systems. Using two-way flow of electricity and information, smart grid builds an automated, highly distributed energy delivery network. In this thesis, we present the requirements for intrusion detection systems in smart grid, neighborhood area network (NAN) in particular. We propose an intrusion detection system (IDS) that considers the constraints and requirements of the NAN. It captures the communication and computation overhead constraints as well as the lack of a central point to install the IDS. The IDS is distributed on some nodes which are powerful in terms of memory, computation and the degree of connectivity. Our IDS uses an analytical approach for detecting Wormhole attack. We simulate wireless mesh NANs in OPNET Modeler and for the first time, we integrate our analytical model in Maple from MapleSoft with our OPNET simulation model.