Intrusion Detection System for NSL-KDD Dataset Based on Deep Learning and Recursive Feature Elimination

Intrusion detection system is responsible for monitoring the systems and detect attacks, whether on (host or on a network) and identifying attacks that could come to the system and cause damage to them, that’s mean an IDS prevents unauthorized access to systems by giving an alert to the administrator before causing any serious harm. As a reasonable supplement of the firewall, intrusion detection technology can assist systems to deal with offensive, the Intrusions Detection Systems (IDSs) suffers from high false positive which leads to highly bad accuracy rate. So this work is suggested to implement (IDS) by using a Recursive Feature Elimination to select features and use Deep Neural Network (DNN) and Recurrent Neural Network (RNN) for classification, the suggested model gives good results with high accuracy rate reaching 94%, DNN was used in the binary classification to classify either attack or Normal, while RNN was used in the classifications for the five classes (Normal, Dos, Probe, R2L, U2R). The system was implemented by using (NSL-KDD) dataset, which was very efficient for offline analyses systems for IDS.

Download Full-text

Network Attacks Detection by Hierarchical Neural Network

Computer Engineering and Applications Journal ◽

10.18495/comengapp.v4i2.108 ◽

2015 ◽

Vol 4 (2) ◽

pp. 119-132

Author(s):

Mohammad Masoud Javidi

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Single Agent ◽

Attack Detection ◽

Intrusion Detection Systems ◽

Training Dataset ◽

Detection Systems ◽

Combination Of Classifiers

Intrusion detection is an emerging area of research in the computer security and net-works with the growing usage of internet in everyday life. Most intrusion detection systems (IDSs) mostly use a single classifier algorithm to classify the network traffic data as normal behavior or anomalous. However, these single classifier systems fail to provide the best possible attack detection rate with low false alarm rate. In this paper,we propose to use a hybrid intelligent approach using a combination of classifiers in order to make the decision intelligently, so that the overall performance of the resul-tant model is enhanced. The general procedure in this is to follow the supervised or un-supervised data filtering with classifier or cluster first on the whole training dataset and then the output are applied to another classifier to classify the data. In this re- search, we applied Neural Network with Supervised and Unsupervised Learning in order to implement the intrusion detection system. Moreover, in this project, we used the method of Parallelization with real time application of the system processors to detect the systems intrusions.Using this method enhanced the speed of the intrusion detection. In order to train and test the neural network, NSLKDD database was used. Creating some different intrusion detection systems, each of which considered as a single agent, we precisely proceeded with the signature-based intrusion detection of the network.In the proposed design, the attacks have been classified into 4 groups and each group is detected by an Agent equipped with intrusion detection system (IDS).These agents act independently and report the intrusion or non-intrusion in the system; the results achieved by the agents will be studied in the Final Analyst and at last the analyst reports that whether there has been an intrusion in the system or not.Keywords: Intrusion Detection, Multi-layer Perceptron, False Positives, Signature- based intrusion detection, Decision tree, Nave Bayes Classifier

Download Full-text

Intrusion Detection System Using Grey Theory Combined with Neural Network

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.427-429.864 ◽

2013 ◽

Vol 427-429 ◽

pp. 864-867

Author(s):

Liang Sun

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Feedforward Neural Network ◽

Rapid Expansion ◽

Grey Model ◽

Grey Theory ◽

Modern Computer ◽

Detection Technology

In past few years, with the rapid expansion of computer networks, security has become an important issue for modern computer systems. Intrusion detection technology is an effective way to detect illegitimate use to ensure network security. In this paper, we proposes an intrusion detection system based on a feedforward neural network-aided grey model (FNNAGPM), by integrating a first-order single variable grey model (GM(1,1)) and a feedforward neural network. There are three phases in the system process, including initialization phase, GM(1,1) prediction phase and FNNAGPM prediction phase.

Download Full-text

Analysis of Intrusion Detection System

Key Engineering Materials ◽

10.4028/www.scientific.net/kem.460-461.451 ◽

2011 ◽

Vol 460-461 ◽

pp. 451-454

Author(s):

Yue Sheng Gu ◽

Hong Yu Feng ◽

Jian Ping Wang

Keyword(s):

Information Security ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Intrusion Detection Systems ◽

Future Research ◽

Detection Model ◽

Detection Systems ◽

Detection Technology ◽

Technology Concepts

Intrusion detection system is an important device of information security. This article describes intrusion detection technology concepts, classifications and universal intrusion detection model, and analysis of the intrusion detection systems weaknesses and limitations. Finally, some directions for future research are addressed.

Download Full-text

ANNIDS: Artificial Neural Network based Intrusion Detection System for Internet of Things

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.k1875.0981119 ◽

2019 ◽

Vol 8 (11) ◽

pp. 2583-2588 ◽

Cited By ~ 1

Keyword(s):

Neural Network ◽

Artificial Neural Network ◽

Internet Of Things ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Machine Learning Techniques ◽

Detection Systems ◽

Artificial Neural ◽

Artificial Neural Network Ann

Internet of Things (IoT) makes everything in the real world to get connected. The resource constrained characteristics and the different types of technology and protocols tend to the IoT be more vulnerable than the conventional networks. Intrusion Detection System (IDS) is a tool which monitors analyzes and detects the abnormalities in the network activities. Machine Learning techniques are implemented with the Intrusion detection systems to enhance the performance of IDS. Various studies on IoT reveals that Artificial Neural Network (ANN) provides better accuracy and detection rate than other approaches. In this paper, an Artificial Neural Network based IDS (ANNIDS) technique based on Multilayer Perceptron (MLP) is proposed to detect the attacks initiated by the Destination Oriented Direct Acyclic Graph Information Solicitation (DIS) attack and Version attack in IoT environment. Contiki O.S/Cooja Simulator 3.0 is used for the IoT simulation.

Download Full-text

Intrusion Detection System using Genetic Algorithm and Data Mining: An Overview

International Journal of Computer Science and Informatics ◽

10.47893/ijcsi.2012.1076 ◽

2012 ◽

pp. 118-122

Author(s):

V.P. Kshirsagar ◽

Sonali M. Tidke ◽

S.S. Vishnu

Keyword(s):

Data Mining ◽

Genetic Algorithm ◽

Network Security ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Intrusion Detection Systems ◽

Maintenance Cost ◽

Detection Systems ◽

Detection Technology

Network security is of primary concerned now days for large organizations. Various types of Intrusion Detection Systems (IDS) are available in the market like Host based, Network based or Hybrid depending upon the detection technology used by them. Modern IDS have complex requirements. With data integrity, confidentiality and availability, they must be reliable, easy to manage and with low maintenance cost. Various modifications are being applied to IDS regularly to detect new attacks and handle them. In this paper, we are focusing on genetic algorithm (GA) and data mining based Intrusion Detection System.

Download Full-text

Flow-based anomaly intrusion detection system using two neural network stages

Computer Science and Information Systems ◽

10.2298/csis130415035a ◽

2014 ◽

Vol 11 (2) ◽

pp. 601-622 ◽

Cited By ~ 15

Author(s):

Yousef Abuadlla ◽

Goran Kvascev ◽

Slavko Gajin ◽

Zoran Jovanovic

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Network Traffic ◽

Intrusion Detection System ◽

High Speed ◽

Detection System ◽

Intrusion Detection Systems ◽

Computational Time ◽

False Alarms ◽

Detection Systems

Computer systems and networks suffer due to rapid increase of attacks, and in order to keep them safe from malicious activities or policy violations, there is need for effective security monitoring systems, such as Intrusion Detection Systems (IDS). Many researchers concentrate their efforts on this area using different approaches to build reliable intrusion detection systems. Flow-based intrusion detection systems are one of these approaches that rely on aggregated flow statistics of network traffic. Their main advantages are host independence and usability on high speed networks, since the metrics may be collected by network device hardware or standalone probes. In this paper, an intrusion detection system using two neural network stages based on flow-data is proposed for detecting and classifying attacks in network traffic. The first stage detects significant changes in the traffic that could be a potential attack, while the second stage defines if there is a known attack and in that case classifies the type of attack. The first stage is crucial for selecting time windows where attacks, known or unknown, are more probable. Two different neural network structures have been used, multilayer and radial basis function networks, with the objective to compare performance, memory consumption and the time required for network training. The experimental results demonstrate that the designed models are promising in terms of accuracy and computational time, with low probability of false alarms.

Download Full-text

HCRNNIDS: Hybrid Convolutional Recurrent Neural Network-Based Network Intrusion Detection System

Processes ◽

10.3390/pr9050834 ◽

2021 ◽

Vol 9 (5) ◽

pp. 834

Author(s):

Muhammad Ashfaq Khan

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Recurrent Neural Network ◽

Intrusion Detection System ◽

Detection System ◽

Attack Detection ◽

Network Intrusion Detection ◽

Complex Nature ◽

Network Intrusion ◽

Network Intrusion Detection System

Nowadays, network attacks are the most crucial problem of modern society. All networks, from small to large, are vulnerable to network threats. An intrusion detection (ID) system is critical for mitigating and identifying malicious threats in networks. Currently, deep learning (DL) and machine learning (ML) are being applied in different domains, especially information security, for developing effective ID systems. These ID systems are capable of detecting malicious threats automatically and on time. However, malicious threats are occurring and changing continuously, so the network requires a very advanced security solution. Thus, creating an effective and smart ID system is a massive research problem. Various ID datasets are publicly available for ID research. Due to the complex nature of malicious attacks with a constantly changing attack detection mechanism, publicly existing ID datasets must be modified systematically on a regular basis. So, in this paper, a convolutional recurrent neural network (CRNN) is used to create a DL-based hybrid ID framework that predicts and classifies malicious cyberattacks in the network. In the HCRNNIDS, the convolutional neural network (CNN) performs convolution to capture local features, and the recurrent neural network (RNN) captures temporal features to improve the ID system’s performance and prediction. To assess the efficacy of the hybrid convolutional recurrent neural network intrusion detection system (HCRNNIDS), experiments were done on publicly available ID data, specifically the modern and realistic CSE-CIC-DS2018 data. The simulation outcomes prove that the proposed HCRNNIDS substantially outperforms current ID methodologies, attaining a high malicious attack detection rate accuracy of up to 97.75% for CSE-CIC-IDS2018 data with 10-fold cross-validation.

Download Full-text