A classification model based on svm and fuzzy rough set for network intrusion detection

2020 ◽  
Vol 39 (5) ◽  
pp. 6801-6817
Author(s):  
Shen Kejia ◽  
Hamid Parvin ◽  
Sultan Noman Qasem ◽  
Bui Anh Tuan ◽  
Kim-Hung Pho
Keyword(s):  
Intrusion Detection ◽  
Classification Model ◽  
Support Vector ◽  
Prototype Selection ◽  
Fuzzy Rough Set ◽  
Rough Sets Theory ◽  
Detection Systems ◽  
Network Intrusion ◽  
Improved Model ◽  
Sets Theory

Intrusion Detection Systems (IDS) are designed to provide security into computer networks. Different classification models such as Support Vector Machine (SVM) has been successfully applied on the network data. Meanwhile, the extension or improvement of the current models using prototype selection simultaneous with their training phase is crucial due to the serious inefficacies during training (i.e. learning overhead). This paper introduces an improved model for prototype selection. Applying proposed prototype selection along with SVM classification model increases attack discovery rate. In this article, we use fuzzy rough sets theory (FRST) for prototype selection to enhance SVM in intrusion detection. Testing and evaluation of the proposed IDS have been mainly performed on NSL-KDD dataset as a refined version of KDD-CUP99. Experimentations indicate that the proposed IDS outperforms the basic and simple IDSs and modern IDSs in terms of precision, recall, and accuracy rate.

Network Intrusion Detection Method Based on RS-LSSVM

2014 ◽  
Vol 602-605 ◽  
pp. 1634-1637
Author(s):  
Fang Nian Wang ◽  
Shen Shen Wang ◽  
Wan Fang Che ◽  
Yun Bai
Keyword(s):  
Intrusion Detection ◽  
Detection Method ◽  
Attribute Reduction ◽  
Feature Space ◽  
Least Square ◽  
Classification Model ◽  
Network Intrusion Detection ◽  
Support Vector ◽  
Network Intrusion ◽  
Sample Data

An intrusion detection method based on RS-LSSVM is studied in this paper. Firstly, attribute reduction algorithm based on the generalized decision table is proposed to remove the interference features and reduce the dimension of input feature space. Then the classification method based on least square support vector machine (LSSVM) is analyzed. The sample data after dimension reduction is used for LSSVM training, and the LSSVM classification model is obtained, which forms the ability of detecting unknown intrusion. Simulation results show that the proposed method can effectively remove the unnecessary features and improve the performance of network intrusion detection.

scholarly journals Research on Property and Model Optimization of Multiclass SVM for NIDS

2013 ◽  
Vol 347-350 ◽  
pp. 3696-3701 ◽  
Author(s):  
Jian Hao Song ◽  
Gang Zhao ◽  
Jun Yi Song
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
High Rate ◽  
Support Vector ◽  
False Negatives ◽  
Online Data ◽  
Detection Systems ◽  
Network Intrusion ◽  
Multiclass Svm

By investigating insufficiency of typical artificial intelligence algorithms aiming at the high rate of False-Positives and False-Negatives in the Intrusion Detection Systems (IDS), this paper presents an approach that Support Vector Machine (SVM) is embedded in Network Intrusion Detection System (NIDS). At the same time, by using online data and K-fold cross-validation method, this paper proposes a method to optimize the attributes and model of SVM respectively. Experimental results show that by using this method as the detection core of the intrusion detection system, the rate of False-Negatives in IDS can be reduced significantly.

scholarly journals A System to automate the development of anomaly-based network intrusion detection model

2021 ◽  
Vol 2089 (1) ◽  
pp. 012006
Author(s):  
B Padmaja ◽  
K Sai Sravan ◽  
E Krishna Rao Patro ◽  
G Chandra Sekhar
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Real Time ◽  
Network Traffic ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Support Vector ◽  
The Internet ◽  
Detection Systems ◽  
Network Intrusion

Abstract Cyber security is the major concern in today’s world. Over the past couple of decades, the internet has grown to such an extent that almost every individual living on this planet has the access to the internet today. This can be viewed as one of the major achievements in the human race, but on the flip side of the coin, this gave rise to a lot of security issues for every individual or the company that is accessing the web through the internet. Hackers have become active and are always monitoring the networks to grab every possible opportunity to attack a system and make the best fortune out of its vulnerabilities. To safeguard people’s and organization’s privacy in this cyberspace, different network intrusion detection systems have been developed to detect the hacker’s presence in the networks. These systems fall under signature based and anomaly based intrusion detection systems. This paper deals with using anomaly based intrusion detection technique to develop an automation system to both train and test supervised machine learning models, which is developed to classify real time network traffic as to whether it is malicious or not. Currently the best models by considering both detection success rate and the false positives rate are Artificial Neural Networks(ANN) followed by Support Vector Machines(SVM). In this paper, it is verified that Artificial Neural Network (ANN) based machine learning with wrapper feature selection outperforms support vector machine (SVM) technique while classifying network traffic as harmful or harmless. Initially to evaluate the performance of the system, NSL-KDD dataset is used to train and test the SVM and ANN models and finally classify real time network traffic using these models. This system can be used to carry out model building automatically on the new datasets and also for classifying the behaviour of the provided dataset without having to code.

scholarly journals Intrusions detection using optimized support vector machine

2020 ◽  
Vol 9 (1) ◽  
pp. 62
Author(s):  
Mehdi Moukhafi ◽  
Khalid El Yassini ◽  
Bri Seddik
Keyword(s):  
Support Vector Machine ◽  
Network Security ◽  
Intrusion Detection ◽  
Computer Network ◽  
Internet Technology ◽  
Classification Model ◽  
Support Vector ◽  
Detection Systems ◽  
Network Technologies ◽  
Security Network

<p><span>Computer network technologies are evolving fast and the development of internet technology is more quickly, people more aware of the importance of the network security. Network security is main issue of computing because the number attacks are continuously increasing. For these reasons, intrusion detection systems (IDSs) have emerged as a group of methods that combats the unauthorized use of a network’s resources. Recent advances in information technology, specially in data mining, have produced a wide variety of machine learning methods, which can be integrated into an IDS. This study proposes a new method of intrusion detection that uses support vector machine optimizing optimizing by a genetic algorithm. to improve the efficiency of detecting known and unknown attacks, we used a Particle Swarm Optimization algorithm to select the most influential features for learning the classification model.</span></p>

scholarly journals A Machine Learning Approach for Improving the Performance of Network Intrusion Detection Systems

2021 ◽  
Vol 5 (5) ◽  
pp. 201-208
Author(s):  
Adnan Helmi Azizan ◽  
Salama A. Mostafa ◽  
Aida Mustapha ◽  
Cik Feresa Mohd Foozy ◽  
Mohd Helmy Abd Wahab ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Knowledge Discovery In Databases ◽  
Network Intrusion Detection ◽  
Support Vector ◽  
Average Precision ◽  
Detection Systems ◽  
Network Intrusion

Intrusion detection systems (IDS) are used in analyzing huge data and diagnose anomaly traffic such as DDoS attack; thus, an efficient traffic classification method is necessary for the IDS. The IDS models attempt to decrease false alarm and increase true alarm rates in order to improve the performance accuracy of the system. To resolve this concern, three machine learning algorithms have been tested and evaluated in this research which are decision jungle (DJ), random forest (RF) and support vector machine (SVM). The main objective is to propose a ML-based network intrusion detection system (ML-based NIDS) model that compares the performance of the three algorithms based on their accuracy and precision of anomaly traffics. The knowledge discovery in databases (KDD) methodology and intrusion detection evaluation dataset (CIC-IDS2017) are used in the testing which both are considered as a benchmark in the evaluation of IDS. The average accuracy results of the SVM is 98.18%, RF is 96.76% and DJ is 96.50% in which the highest accuracy is achieved by the SVM. The average precision results of the SVM is 98.74, RF is 97.96 and DJ is 97.82 in which the SVM got a higher average precision compared with the other two algorithms. The average recall results of the SVM is 95.63, RF is 97.62 and DJ is 95.77 in which the RF achieves the highest average of recall than SVM and DJ. In overall, the SVM algorithm is found to be the best algorithm that can be used to detect an intrusion in the system.

scholarly journals Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT

2021 ◽  
Vol 1 (2) ◽  
pp. 252-273
Author(s):  
Pavlos Papadopoulos ◽  
Oliver Thornewill von Essen ◽  
Nikolaos Pitropakis ◽  
Christos Chrysoulas ◽  
Alexios Mylonas ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Learning Models ◽  
Detection Systems ◽  
Network Intrusion ◽  
Robust Model ◽  
Significant Probability ◽  
Adversarial Examples ◽  
Attack Surface

As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defending approaches are no longer sufficient to detect both known and unknown attacks to high accuracy. Machine learning intrusion detection systems have proven their success in identifying unknown attacks with high precision. Nevertheless, machine learning models are also vulnerable to attacks. Adversarial examples can be used to evaluate the robustness of a designed model before it is deployed. Further, using adversarial examples is critical to creating a robust model designed for an adversarial environment. Our work evaluates both traditional machine learning and deep learning models’ robustness using the Bot-IoT dataset. Our methodology included two main approaches. First, label poisoning, used to cause incorrect classification by the model. Second, the fast gradient sign method, used to evade detection measures. The experiments demonstrated that an attacker could manipulate or circumvent detection with significant probability.

Sign in / Sign up

Export Citation Format

Share Document