scholarly journals Multilevel Intrusion Detection System with Affinity Clustering and Ensemble SVM

2020 ◽  
pp. 522-529
Author(s):  
Sadhana Patidar ◽  
Priyanka Parihar ◽  
Chetan Agrawal
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Model Performance ◽  
Feature Reduction ◽  
Support Vector ◽  
Learning Tools ◽  
Security Issues ◽  
Proposed Model

Now-a-days with growing applications over internet increases the security issues over network. Many security applications are designed to cope with such security concerns but still it required more attention to improve speed as well accuracy. With advancement of technologies there is also evolution of new threats or attacks in network. So, it is required to design such detection system that can handle new threats in network. One of the network security tools is intrusion detection system which is used to detect malicious data packets. Machine learning tool is also used to improve efficiency of network-based intrusion detection system. In this paper, an intrusion detection system is proposed with an application of machine learning tools. The proposed model integrates feature reduction, affinity clustering and multilevel Ensemble Support Vector Machine. The proposed model performance is analyzed over two datasets i.e. NSL-KDD and UNSW-NB 15 dataset and achieved approx. 12% of efficiency over other existing work.

scholarly journals Effective Intrusion Detection System to Secure Data in Cloud Using Machine Learning

Symmetry ◽  
2021 ◽  
Vol 13 (12) ◽  
pp. 2306
Author(s):  
Ammar Aldallal ◽  
Faisal Alisa
Keyword(s):  
Machine Learning ◽  
Cloud Computing ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Fitness Function ◽  
Support Vector ◽  
Network Intrusion ◽  
Proposed Model ◽  
High Level

When adopting cloud computing, cybersecurity needs to be applied to detect and protect against malicious intruders to improve the organization’s capability against cyberattacks. Having network intrusion detection with zero false alarm is a challenge. This is due to the asymmetry between informative features and irrelevant and redundant features of the dataset. In this work, a novel machine learning based hybrid intrusion detection system is proposed. It combined support vector machine (SVM) and genetic algorithm (GA) methodologies with an innovative fitness function developed to evaluate system accuracy. This system was examined using the CICIDS2017 dataset, which contains normal and most up-to-date common attacks. Both algorithms, GA and SVM, were executed in parallel to achieve two optimal objectives simultaneously: obtaining the best subset of features with maximum accuracy. In this scenario, an SVM was employed using different values of hyperparameters of the kernel function, gamma, and degree. The results were benchmarked with KDD CUP 99 and NSL-KDD. The results showed that the proposed model remarkably outperformed these benchmarks by up to 5.74%. This system will be effective in cloud computing, as it is expected to provide a high level of symmetry between information security and detection of attacks and malicious intrusion.

scholarly journals IntruDTree: A Machine Learning-Based Cyber Security Intrusion Detection Model

2020 ◽  
Author(s):  
Iqbal H. Sarker ◽  
Yoosef B. Abushark ◽  
Fawaz Alsolami ◽  
Asif Irshad Khan
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Security Model ◽  
K Nearest Neighbor ◽  
Detection Model

Cyber security has recently received enormous attention in today’s security concerns, due to the popularity of the Internet-of-Things (IoT), the tremendous growth of computer networks, and the huge number of relevant applications. Thus, detecting various cyber-attacks or anomalies in a network and building an effective intrusion detection system that performs an essential role in today’s security is becoming more important. Artificial intelligence, particularly machine learning techniques, can be used for building such a data-driven intelligent intrusion detection system. In order to achieve this goal, in this paper, we present an Intrusion Detection Tree (“IntruDTree”) machine-learning-based security model that first takes into account the ranking of security features according to their importance and then build a tree-based generalized intrusion detection model based on the selected important features. This model is not only effective in terms of prediction accuracy for unseen test cases but also minimizes the computational complexity of the model by reducing the feature dimensions. Finally, the effectiveness of our IntruDTree model was examined by conducting experiments on cybersecurity datasets and computing the precision, recall, fscore, accuracy, and ROC values to evaluate. We also compare the outcome results of IntruDTree model with several traditional popular machine learning methods such as the naive Bayes classifier, logistic regression, support vector machines, and k-nearest neighbor, to analyze the effectiveness of the resulting security model.

Adaptive Ensemble Multi-Agent Based Intrusion Detection Model

2010 ◽  
pp. 36-48 ◽  
Author(s):  
Tarek Helmy
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Agent Based ◽  
Detection Model ◽  
Detection Analysis ◽  
Proposed Model ◽  
Multi Agent

The system that monitors the events occurring in a computer system or a network and analyzes the events for sign of intrusions is known as intrusion detection system. The performance of the intrusion detection system can be improved by combing anomaly and misuse analysis. This chapter proposes an ensemble multi-agent-based intrusion detection model. The proposed model combines anomaly, misuse, and host-based detection analysis. The agents in the proposed model use rules to check for intrusions, and adopt machine learning algorithms to recognize unknown actions, to update or create new rules automatically. Each agent in the proposed model encapsulates a specific classification technique, and gives its belief about any packet event in the network. These agents collaborate to determine the decision about any event, have the ability to generalize, and to detect novel attacks. Empirical results indicate that the proposed model is efficient, and outperforms other intrusion detection models.

An Intelligent Network Intrusion Detection System Based on Multi-Modal Support Vector Machines

2013 ◽  
Vol 7 (4) ◽  
pp. 37-52
Author(s):  
Srinivasa K G
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Intelligent Network ◽  
Statistical Machine Learning ◽  
High Detection Rate ◽  
Network Intrusion

Increase in the number of network based transactions for both personal and professional use has made network security gain a significant and indispensable status. The possible attacks that an Intrusion Detection System (IDS) has to tackle can be of an existing type or of an entirely new type. The challenge for researchers is to develop an intelligent IDS which can detect new attacks as efficiently as they detect known ones. Intrusion Detection Systems are rendered intelligent by employing machine learning techniques. In this paper we present a statistical machine learning approach to the IDS using the Support Vector Machine (SVM). Unike conventional SVMs this paper describes a milti model approach which makes use of an extra layer over the existing SVM. The network traffic is modeled into connections based on protocols at various network layers. These connection statistics are given as input to SVM which in turn plots each input vector. The new attacks are identified by plotting them with respect to the trained system. The experimental results demonstrate the lower execution time of the proposed system with high detection rate and low false positive number. The 1999 DARPA IDS dataset is used as the evaluation dataset for both training and testing. The proposed system, SVM NIDS is bench marked with SNORT (Roesch, M. 1999), an open source IDS.

scholarly journals Highly accurate and efficient two phase-intrusion detection system (TP-IDS) using distributed processing of HADOOP and machine learning techniques

2021 ◽  
Vol 8 (1) ◽  
Author(s):  
Abhijit Dnyaneshwar Jadhav ◽  
Vidyullatha Pellakuri
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Phase Ii ◽  
Intrusion Detection System ◽  
Detection System ◽  
Research Work ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Network Connections ◽  
Learning Techniques

AbstractNetwork security and data security are the biggest concerns now a days. Every organization decides their future business process based on the past and day to day transactional data. This data may consist of consumer’s confidential data, which needs to be kept secure. Also, the network connections when established with the external communication devices or entities, a care should be taken to authenticate these and block the unwanted access. This consists of identification of the malicious connection nodes and identification of normal connection nodes. For that, we use a continuous monitoring of the network input traffic to recognize the malicious connection request called as intrusion and this type of monitoring system is called as an Intrusion detection system (IDS). IDS helps us to protect our network and data from insecure and malicious network connections. Many such systems exists in the real time scenario, but they have critical issues of performance like accuracy and efficiency. These issues are addressed as a part of this research work of IDS using machine learning techniques and HDFS. The TP-IDS is designed in two phases for increasing accuracy. In phase I of TP-IDS, Support Vector Machine (SVM) and k Nearest Neighbor (kNN) are used. In phase II of TP-IDS, Decision Tree (DT) and Naïve Bayes (NB) are used, where phase II is the validation phase of the system for increasing accuracy. Also, both the phases are having Hadoop distributed file system underlying data storage and processing architecture, which allows parallel processing to increase the speed of the system and hence achieve the efficiency in TP-IDS.

scholarly journals Improving Intrusion Detection System using an Extreme Learning Machine Algorithm

2019 ◽  
Vol 8 (2S4) ◽  
pp. 234-239
Keyword(s):  
Machine Learning ◽  
Neural Networks ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Back Propagation ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Extreme Learning Machines ◽  
Learning Machines

An Intrusion Detection System (IDS) is a system, that checks the network or data for abnormal actions and when such activity is discovered it issues an alert. Numerous IDS techniques are in use these days but one major problem with all of them is their performance. Various works have been done on this issue using support vector machine and multilayer perceptron. Supervised learning models such as support vector machines with related learning algorithms are used to analyze the data which is used for regression analysis and also classification. The IDS is used in analyzing big data as there is huge traffic which has to be analyzed to check for suspicious activities, and also be successful in doing so. Hence, an efficient and fast classification algorithm is required. Machine learning techniques such as neural networks and extreme machine learning are used. Both of these techniques are highly regarded and are considered one of the best techniques. Extreme learning machines are feed forward neural networks which have one hidden layer and no back propagation used for classification. Once the intrusion is detected using IDS through ELM then we are also going to detect the type of intrusion using the Random Forest Technique (Multi class classification) efficiently with a higher rate of accuracy and precision. The NSL_KDD dataset which is very well-known used for the training as well as testing of these IDS algorithms. This work determines that compared to artificial neural network and logistic regression extreme learning machines provide a much better rate of intrusion detection, which is 93.96% and is also proven to be more efficient in terms of execution time of 38 seconds

Adaptive Ensemble Multi-Agent Based Intrusion Detection Model

2012 ◽  
pp. 647-659
Author(s):  
Tarek Helmy
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Agent Based ◽  
Detection Model ◽  
Detection Analysis ◽  
Proposed Model ◽  
Multi Agent

The system that monitors the events occurring in a computer system or a network and analyzes the events for sign of intrusions is known as intrusion detection system. The performance of the intrusion detection system can be improved by combing anomaly and misuse analysis. This chapter proposes an ensemble multi-agent-based intrusion detection model. The proposed model combines anomaly, misuse, and host-based detection analysis. The agents in the proposed model use rules to check for intrusions, and adopt machine learning algorithms to recognize unknown actions, to update or create new rules automatically. Each agent in the proposed model encapsulates a specific classification technique, and gives its belief about any packet event in the network. These agents collaborate to determine the decision about any event, have the ability to generalize, and to detect novel attacks. Empirical results indicate that the proposed model is efficient, and outperforms other intrusion detection models.

scholarly journals Intelligent Intrusion Detection System Through Combined and Optimized Machine Learning

2018 ◽  
Vol 17 (02) ◽  
pp. 1850007 ◽  
Author(s):  
Syed Ali Raza Shah ◽  
Biju Issac ◽  
Seibu Mary Jacob
Keyword(s):  
Machine Learning ◽  
Support Vector Machine ◽  
Fuzzy Logic ◽  
Intrusion Detection ◽  
Open Source Software ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Support Vector ◽  
Rule Based

In this paper, an existing rule-based intrusion detection system (IDS) is made more intelligent through the application of machine learning. Snort was chosen as it is an open source software and though it was performing well, it showed false positives (FPs). To find the best performing machine learning algorithms (MLAs) to use with Snort so as to improve its detection, we tested some algorithms on three available datasets. Support vector machine (SVM) was chosen along with fuzzy logic and decision tree based on their accuracy. Combined versions of algorithms through ensemble SVM along with other variants were tried on the generated traffic of normal and malicious packets at 10[Formula: see text]Gbps. Optimized versions of the SVM along with firefly and ant colony optimization (ACO) were also tried, and the accuracy improved remarkably. Thus, the application of combined and optimized MLAs to Snort at 10[Formula: see text]Gbps worked quite well.

scholarly journals Towards Intelligent Machine Learning Models for Intrusion Detection System

2021 ◽  
Vol 12 (5) ◽  
pp. 643-655
Author(s):  
Pullagura Indira priyadarsini, P V R N S S V Sai Leela, Bankapalli Jyothi
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Hybrid Algorithm ◽  
Detection System ◽  
Feature Selection Method ◽  
Weighted Averaging ◽  
Support Vector ◽  
Imbalanced Learning ◽  
Data Set

The Internet has become an important resource for mankind. Explicitly information security is an interminable domain to the present world. Hence a more potent Intrusion Detection System (IDS) should be built. Machine Learning techniques are used in developing proficient models for IDS. Imbalanced Learning is a crucial task for many classification processes. Resampling training data towards a more balanced distribution is an effective way to combat this issue. There are most prevalent techniques like under sampling and oversampling.In this paper, the issues of imbalanced data distribution and high dimensionality are addressed using a novel oversampling technique and an innovative feature selection method respectively. Our work suggests a novel hybrid algorithm, HOK-SMOTE which considers an ordered weighted averaging (OWA) approach for choosing the best features from the KDD cup 99 data set and K-Means SMOTE for imbalanced learning. Here an ensemble model is compared against the hybrid algorithm. This ensemble integrates Support Vector Machine (SVM), K Nearest Neighbor (KNN), Gaussian Naïve Bayes (GNB) and Decision Tree (DT). Then weighted average voting is applied for prediction of outputs. In this work, much Experimentationwas conducted on various oversampling techniques and traditional classifiers. The results indicate that the proposed work is the most accurate one among other ML techniques. The precision, recall, F-measure, and ROC curve show notable outcomes. Hence K-Means SMOTE in parallel with ensemble learning has given satisfactory results and a precise solution to the imbalanced learning in IDS. It is ascertained whether ensemble modeling or oversampling techniques are dominating for Intrusion data set.

scholarly journals Intelligent and Effective Intrusion Detection System using Machine Learning Algorithm

2020 ◽  
Vol 9 (6) ◽  
pp. 237-240
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Learning Algorithm ◽  
Detection System ◽  
Support Vector ◽  
Machine Learning Algorithm ◽  
Data Set ◽  
Training Time

Intrusion Detection System observes the network traffic and identifies the attack and also inform the admin to corrective action. Powerful Intrusion Detection system is required for detection to various modern attack. There is need of efficient Intrusion Detection system .The focus of IDS research is the application of machine Learning and Deep Learning techniques. Projected work is combination of Deep Learning Technique in which Non Symmetric Deep Auto Encoder and Machine Learning Algorithm, Support Vector Machine Classifier is used to develop the Model. Stack power of the Non symmetric Deep Auto Encoder and Quickness with exactness of the SVM makes the Model very efficient. This Model not only improves the accuracy value but also improve recall and precision. It also cause the reduction of training time .To evaluate the performance of the Model and do the analysis the special Data set which are used are KDD CUP and NSL KDD Dataset.

Sign in / Sign up

Export Citation Format

Share Document