scholarly journals A Survey on the Network Intrusion Detection System Using Data Mining Techniques

2020 ◽  
pp. 31-36
Author(s):  
Saumya Saraswat ◽  
Rahul Yadav ◽  
Phalguni Pathak
Keyword(s):  
Intrusion Detection ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Safety Hazards ◽  
Small Organizations ◽  
Security Breaches ◽  
Detection Systems ◽  
Network Intrusion ◽  
Using Data ◽  
Intrusion Detection And Prevention

The idea of making everything available easily and universally has led to a revolution in the field of networking. Despite the tremendous growth of technologies in the field of networks and information technology, we still cannot avoid the theft / attack of our resources. This may not apply to small organizations, but it is a serious problem regarding industry / business or national security. Organizations face an increasing number of threats every day in the form of viruses, intrusions, etc. Since organizations have opted for many different mechanisms in the form of intrusion detection and prevention systems to protect themselves from this type of attack, there are many breach security systems that go undetected. To understand safety hazards and intrusion detection and prevention (IDPS) systems, we will first analyze common security breaches and then discuss what the different opportunities and challenges are in this particular field. In this document, we conducted a survey on the overall progress of intrusion detection systems. We analyze the existing types, techniques and architectures of intrusion detection systems in the literature. Finally, the future scope is mentioned.

scholarly journals THE LOAD BALANCING OF SELF-SIMILAR TRAFFIC IN NETWORK INTRUSION DETECTION SYSTEMS

2020 ◽  
Vol 3 (7) ◽  
pp. 17-30
Author(s):  
Tamara Radivilova ◽  
Lyudmyla Kirichenko ◽  
Maksym Tawalbeh ◽  
Petro Zinchenko ◽  
Vitalii Bulakh
Keyword(s):  
Load Balancing ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Deep Packet Inspection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Load Imbalance ◽  
Packet Inspection

The problem of load balancing in intrusion detection systems is considered in this paper. The analysis of existing problems of load balancing and modern methods of their solution are carried out. Types of intrusion detection systems and their description are given. A description of the intrusion detection system, its location, and the functioning of its elements in the computer system are provided. Comparative analysis of load balancing methods based on packet inspection and service time calculation is performed. An analysis of the causes of load imbalance in the intrusion detection system elements and the effects of load imbalance is also presented. A model of a network intrusion detection system based on packet signature analysis is presented. This paper describes the multifractal properties of traffic. Based on the analysis of intrusion detection systems, multifractal traffic properties and load balancing problem, the method of balancing is proposed, which is based on the funcsioning of the intrusion detection system elements and analysis of multifractal properties of incoming traffic. The proposed method takes into account the time of deep packet inspection required to compare a packet with signatures, which is calculated based on the calculation of the information flow multifractality degree. Load balancing rules are generated by the estimated average time of deep packet inspection and traffic multifractal parameters. This paper presents the simulation results of the proposed load balancing method compared to the standard method. It is shown that the load balancing method proposed in this paper provides for a uniform load distribution at the intrusion detection system elements. This allows for high speed and accuracy of intrusion detection with high-quality multifractal load balancing.

scholarly journals An Ensemble of a Prediction and Learning Mechanism for Improving Accuracy of Anomaly Detection in Network Intrusion Environments

2021 ◽  
Vol 13 (18) ◽  
pp. 10057
Author(s):  
Imran ◽  
Faisal Jamil ◽  
Dohyeun Kim
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
The Internet ◽  
Detection Accuracy ◽  
Learning Mechanism ◽  
Detection Systems ◽  
Network Applications ◽  
Network Intrusion

The connectivity of our surrounding objects to the internet plays a tremendous role in our daily lives. Many network applications have been developed in every domain of life, including business, healthcare, smart homes, and smart cities, to name a few. As these network applications provide a wide range of services for large user groups, the network intruders are prone to developing intrusion skills for attack and malicious compliance. Therefore, safeguarding network applications and things connected to the internet has always been a point of interest for researchers. Many studies propose solutions for intrusion detection systems and intrusion prevention systems. Network communities have produced benchmark datasets available for researchers to improve the accuracy of intrusion detection systems. The scientific community has presented data mining and machine learning-based mechanisms to detect intrusion with high classification accuracy. This paper presents an intrusion detection system based on the ensemble of prediction and learning mechanisms to improve anomaly detection accuracy in a network intrusion environment. The learning mechanism is based on automated machine learning, and the prediction model is based on the Kalman filter. Performance analysis of the proposed intrusion detection system is evaluated using publicly available intrusion datasets UNSW-NB15 and CICIDS2017. The proposed model-based intrusion detection accuracy for the UNSW-NB15 dataset is 98.801 percent, and the CICIDS2017 dataset is 97.02 percent. The performance comparison results show that the proposed ensemble model-based intrusion detection significantly improves the intrusion detection accuracy.

scholarly journals Feature Selection Strategy for Network Intrusion Detection System (NIDS) Using Meerkat Clan Algorithm

2021 ◽  
Vol 15 (16) ◽  
pp. 158
Author(s):  
Atheer R. Muhsen ◽  
Ghazwh G. Jumaa ◽  
Nadia F. AL Bakri ◽  
Ahmed T. Sadiq
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Selection Strategy ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems ◽  
Experimental Findings

<p>The task of network security is to keep services available at all times by dealing with hacker attacks. One of the mechanisms obtainable is the Intrusion Detection System (IDS) which is used to sense and classify any abnormal actions. Therefore, the IDS system should always be up-to-date with the latest hacker attack signatures to keep services confidential, safe, and available. IDS speed is a very important issue in addition to learning new attacks. A modified selection strategy based on features was proposed in this paper one of the important swarm intelligent algorithms is the Meerkat Clan Algorithm (MCA). Meerkat Clan Algorithm has good diversity solutions through its neighboring generation conduct and it was used to solve several problems. The proposed strategy benefitted from mutual information to increase the performance and decrease the consumed time. Two datasets (NSL-KDD &amp; UNSW-NB15) for Network Intrusion Detection Systems (NIDS) have been used to verify the performance of the proposed algorithm. The experimental findings indicate that, compared to other approaches, the proposed algorithm produces good results in a minimum of time.</p><p><strong> </strong></p>

Hybrid Intrusion Detection System Security Enrichment Using Classifier Ensemble

2020 ◽  
Vol 17 (1) ◽  
pp. 434-438
Author(s):  
D. Karthikeyan ◽  
V. Mohanraj ◽  
Y. Suresh ◽  
J. Senthilkumar
Keyword(s):  
Data Mining ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Detection System ◽  
Classifier Ensemble ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Malicious Activity ◽  
Using Data

Intrusion Detection Systems (IDS) is a software or device used to monitor a system or network for malicious activity. Thus, effective intrusion detection of different attacks. Existing methods of studies prove value of data mining methods in Intrusion Detection Systems (IDS). We focus on improving intrusion detection rate of IDS using Data Mining techniques. We implements a new classifier ensemble based intrusion detection systems (CEBIDS) using hybird detection approaches. CEBIDS combines feature level and data level techniques in WEKA tool with KDD cup’99 dataset enhances detection rate in significant manner.

scholarly journals Network Intrusion Detection Systems Design: A Machine Learning Approach

2019 ◽  
Author(s):  
Manuel Gonçalves da Silva Neto ◽  
Danielo G. Gomes
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Learning Algorithm ◽  
Detection System ◽  
Systems Design ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
Detection Systems ◽  
Network Intrusion

With the increasing popularization of computer network-based technologies, security has become a daily concern, and intrusion detection systems (IDS) play an essential role in the supervision of computer networks. An employed approach to combat network intrusions is the development of intrusion detection systems via machine learning techniques. The intrusion detection performance of these systems depends highly on the quality of the IDS dataset used in their design and the decision making for the most suitable machine learning algorithm becomes a difficult task. The proposed paper focuses on evaluate and accurate the model of intrusion detection system of different machine learning algorithms on two resampling techniques using the new CICIDS2017 dataset where Decision Trees, MLPs, and Random Forests on Stratified 10-Fold gives high stability in results with Precision, Recall, and F1-Scores of 98% and 99% with low execution times.

scholarly journals A Multi-Fusion Pattern Matching Algorithm for Signature-Based Network Intrusion Detection System

2016 ◽  
Author(s):  
Manohar Naik S ◽  
Geethanjali N
Keyword(s):  
Intrusion Detection ◽  
Pattern Matching ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Matching Algorithm ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems ◽  
Pattern Matching Algorithm

Security has become a critical issue in today&rsquo;s highly distributed and networked systems. Network intrusion detection systems (NIDSs), especially signature-based NIDSs, are being widely deployed in a distributed network environment with the purpose of defending against a variety of network attacks. Most of the commercially available NIDSs are software based and rely on pattern matching to extract the threat from network traffic. The increase in network speed and traffic may make existing algorithms to become a performance bottleneck. Therefore it is very necessary to develop faster and more efficient pattern matching algorithm in order to overcome the troubles on performance of NIDSs. Therefore, we propose a multi fusion pattern matching algorithm for Network Intrusion Detection Systems. The results obtained in percentages from the proposed fusion algorithm given better values in terms processing time in milliseconds than the existing algorithms when data English text are applied to evaluate the fusion performances.

Agents in Security

2009 ◽  
pp. 325-340
Author(s):  
Theodor Richardson
Keyword(s):  
Intrusion Detection ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Network System ◽  
Network Systems ◽  
Agent Based ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems

Network Intrusion Detection Systems (NIDS) are designed to differentiate malicious traffic, from normal traf- fic, on a network system to detect the presence of an attack. Traditionally, the approach around which these systems are designed is based upon an assumption made by Dorothy Denning in 1987, stating that malicious traffic should be statistically differentiable from normal traffic. However, this statement was made regarding host systems and was not meant to be extended without adjustment to network systems. It is therefore necessary to change the granularity of this approach to find statistical anomalies per host as well as on the network as a whole. This approach lends itself well to the use of emergent monitoring agents per host, that have a central aggregation point with a visualization of the network as a whole. This chapter will discuss the structure, training, and deployment of such an agent-based intrusion detection system and analyze its viability in comparison to the more traditional anomaly-based approach to intrusion detection.

Sign in / Sign up

Export Citation Format

Share Document