scholarly journals A Novel Hybrid Intrusion Detection System (IDS) for the Detection of Internet of Things (IoT) Network Attacks

2020 ◽  
Vol 4 (5) ◽  
pp. 61-74
Author(s):  
Rabie A. Ramadan ◽  
Kusum Yadav
Keyword(s):  
Neural Network ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Selection Process ◽  
Detection Accuracy ◽  
Iot Security ◽  
Shuffled Frog Leaping

Nowadays, IoT has been widely used in different applications to improve the quality of life. However, the IoT becomes increasingly an ideal target for unauthorized attacks due to its large number of objects, openness, and distributed nature. Therefore, to maintain the security of IoT systems, there is a need for an efficient Intrusion Detection System (IDS). IDS implements detectors that continuously monitor the network traffic. There are various IDs methods proposed in the literature for IoT security. However, the existing methods had the disadvantages in terms of detection accuracy and time overhead. To enhance the IDS detection accuracy and reduces the required time, this paper proposes a hybrid IDS system where a pre-processing phase is utilized to reduce the required time and feature selection as well as the classification is done in a separate stage. The feature selection process is done by using the Enhanced Shuffled Frog Leaping (ESFL) algorithm and the selected features are classified using Light Convolutional Neural Network with Gated Recurrent Neural Network (LCNN-GRNN) algorithm. This two-stage method is compared to up-to-date methods used for intrusion detection and it over performs them in terms of accuracy and running time due to the light processing required by the proposed method.

scholarly journals Feature Selection Models Based on Hybrid Firefly Algorithm with Mutation Operator for Network Intrusion Detection

2021 ◽  
Vol 14 (1) ◽  
pp. 192-202
Author(s):  
Karrar Alwan ◽  
◽  
Ahmed AbuEl-Atta ◽  
Hala Zayed ◽  
◽  
...  
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Firefly Algorithm ◽  
Detection System ◽  
Binary Classification ◽  
Feature Reduction ◽  
Detection Accuracy ◽  
Multi Classification ◽  
Modified Firefly Algorithm

Accurate intrusion detection is necessary to preserve network security. However, developing efficient intrusion detection system is a complex problem due to the nonlinear nature of the intrusion attempts, the unpredictable behaviour of network traffic, and the large number features in the problem space. Hence, selecting the most effective and discriminating feature is highly important. Additionally, eliminating irrelevant features can improve the detection accuracy as well as reduce the learning time of machine learning algorithms. However, feature reduction is an NPhard problem. Therefore, several metaheuristics have been employed to determine the most effective feature subset within reasonable time. In this paper, two intrusion detection models are built based on a modified version of the firefly algorithm to achieve the feature selection task. The first and, the second models have been used for binary and multiclass classification, respectively. The modified firefly algorithm employed a mutation operation to avoid trapping into local optima through enhancing the exploration capabilities of the original firefly. The significance of the selected features is evaluated using a Naïve Bayes classifier over a benchmark standard dataset, which contains different types of attacks. The obtained results revealed the superiority of the modified firefly algorithm against the original firefly algorithm in terms of the classification accuracy and the number of selected features under different scenarios. Additionally, the results assured the superiority of the proposed intrusion detection system against other recently proposed systems in both binary classification and multi-classification scenarios. The proposed system has 96.51% and 96.942% detection accuracy in binary classification and multi-classification, respectively. Moreover, the proposed system reduced the number of attributes from 41 to 9 for binary classification and to 10 for multi-classification.

scholarly journals An Analysis of the KDD99 and UNSW-NB15 Datasets for the Intrusion Detection System

Symmetry ◽  
2020 ◽  
Vol 12 (10) ◽  
pp. 1666
Author(s):  
Muataz Salam Al-Daweri ◽  
Khairul Akram Zainol Ariffin ◽  
Salwani Abdullah ◽  
Mohamad Firham Efendy Md. Senan
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Rough Set Theory ◽  
Technology Development ◽  
Detection System ◽  
Selection Process ◽  
Back Propagation ◽  
Back Propagation Neural Network ◽  
Selection Of

The significant increase in technology development over the internet makes network security a crucial issue. An intrusion detection system (IDS) shall be introduced to protect the networks from various attacks. Even with the increased amount of works in the IDS research, there is a lack of studies that analyze the available IDS datasets. Therefore, this study presents a comprehensive analysis of the relevance of the features in the KDD99 and UNSW-NB15 datasets. Three methods were employed: a rough-set theory (RST), a back-propagation neural network (BPNN), and a discrete variant of the cuttlefish algorithm (D-CFA). First, the dependency ratio between the features and the classes was calculated, using the RST. Second, each feature in the datasets became an input for the BPNN, to measure their ability for a classification task concerning each class. Third, a feature-selection process was carried out over multiple runs, to indicate the frequency of the selection of each feature. From the result, it indicated that some features in the KDD99 dataset could be used to achieve a classification accuracy above 84%. Moreover, a few features in both datasets were found to give a high contribution to increasing the classification’s performance. These features were present in a combination of features that resulted in high accuracy; the features were also frequently selected during the feature selection process. The findings of this study are anticipated to help the cybersecurity academics in creating a lightweight and accurate IDS model with a smaller number of features for the developing technologies.

Binary Grasshopper Optimization Based Feature Selection For Intrusion Detection System Using Feed Forward Neural Network Classifier

2020 ◽  
Vol 13 ◽  
Author(s):  
M. Jeyakarthic ◽  
A. Thirumalairaj
Keyword(s):  
Neural Network ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Superior Performance ◽  
Feed Forward Neural Network ◽  
Feed Forward ◽  
Grasshopper Optimization Algorithm ◽  
Grasshopper Optimization

Background: Due to the advanced improvement in internet and network technologies, significant number of intrusions and attacks takes place. An intrusion detection system (IDS) is employed to prevent distinct attacks. Several machine learning approaches has been presented for the classification of IDS. But, IDS suffer from the curse of dimensionality that results to increased complexity and decreased resource exploitation. Consequently, it becomes necessary that significant features of data must be investigated by the use of IDS for reducing the dimensionality. Aim: In this article, a new feature selection (FS) based classification system is presented which carries out the FS and classification processes. Methods: Here, the binary variants of the Grasshopper Optimization Algorithm called BGOA is applied as a FS model. The significant features are integrated using an effective model to extract the useful ones and discard the useless features. The chosen features are given to the feed forward neural network (FFNN) model to train and test the KDD99 dataset. Results: The validation of the presented model takes place using a benchmark KDD Cup 1999 dataset. By the inclusion of FS process, the classifier results gets increased by attaining FPR of 0.43, FNR of 0.45, sensitivity of 99.55, specificity of 99.57, accuracy of 99.56, Fscore of 99.59 and kappa value of 99.11. Conclusion: The experimental outcome ensured the superior performance of the presented model compared to diverse models under several aspects and is found to be an appropriate tool for detecting intrusions.

scholarly journals IoT-based intrusion detection system using convolution neural networks

2021 ◽  
Vol 7 ◽  
pp. e721
Author(s):  
Abdullah Aljumah
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Convolution Neural Network ◽  
Data Repository ◽  
Detection Accuracy ◽  
Data Traffic

In the Information and Communication Technology age, connected objects generate massive amounts of data traffic, which enables data analysis to uncover previously hidden trends and detect unusual network-load. We identify five core design principles to consider when designing a deep learning-empowered intrusion detection system (IDS). We proposed the Temporal Convolution Neural Network (TCNN), an intelligent model for IoT-IDS that aggregates convolution neural network (CNN) and generic convolution, based on these concepts. To handle unbalanced datasets, TCNN is accumulated with synthetic minority oversampling technique with nominal continuity. It is also used in conjunction with effective feature engineering techniques like attribute transformation and reduction. The presented model is compared to two traditional machine learning algorithms, random forest (RF) and logistic regression (LR), as well as LSTM and CNN deep learning techniques, using the Bot-IoT data repository. The outcomes of the experiments depicts that TCNN maintains a strong balance of efficacy and performance. It is better as compared to other deep learning IDSs, with a multi-class traffic detection accuracy of 99.9986 percent and a training period that is very close to CNN.

A Novel Cloud Intrusion Detection System Using Feature Selection and Classification

2015 ◽  
Vol 11 (4) ◽  
pp. 1-15 ◽  
Author(s):  
Anand Kannan ◽  
Karthik Gururajan Venkatesan ◽  
Alexandra Stagkopoulou ◽  
Sheng Li ◽  
Sathyavakeeswaran Krishnan ◽  
...  
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Decision Tree ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Detection Accuracy ◽  
Selection Algorithm ◽  
Feature Selection Algorithm ◽  
Positive Rate

This paper proposes a new cloud intrusion detection system for detecting the intruders in a traditional hybrid virtualized, cloud environment. The paper introduces an effective feature selection algorithm called Temporal Constraint based on Feature Selection algorithm and also proposes a classification algorithm called hybrid decision tree. This hybrid decision tree has been developed by extending the Enhanced C4.5 algorithm an existing decision tree based classifier. Furthermore, the experiments conducted on the sample Cloud Intrusion Detection Datasets (CIDD) show that the proposed cloud intrusion detection system provides better detection accuracy than the existing work and reduces the false positive rate.

scholarly journals Anomaly-Based Intrusion Detection System using Supervised Learning Algorithm Artificial Neural Network and Ant Colony Optimization with Feature Selection

2020 ◽  
Vol 9 (3) ◽  
pp. 2475-2481
Keyword(s):  
Neural Network ◽  
Artificial Neural Network ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Ant Colony Optimization ◽  
Supervised Learning ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Learning Algorithm ◽  
Detection System

In the advent of the cyber world, all know that cyber security is randomly used research area for researchers to secure host, network, and data because of increasingly complex attacks. In the advent of anomaly-based intrusion detection system, various techniques are applied to detect intrusion on system or network. This approach attains an extreme detection rate and accuracy but there may be overhead acquired to build and training them. The objective of this paper is to detect the intrusion of a system by proposing a Data mining technique which is based on supervised learning algorithm for training dataset. Artificial neural network (ANN) and Ant Colony Optimization (ACO) with feature selection are the basics of the proposed scheme. ACO work on a population-based algorithm and is motivated by the pheromone trail laying behavior of real ants, in which NSL-KDD Cup99 Dataset is used. Empirical Results clearly explain that the proposed system can attain an overall detection rate of 88% and time complexity of 0.343 sec, which is satisfactory when compared to other anomaly-based schemes.

An intelligent flow-based and signature-based IDS for SDNs using ensemble feature selection and a multi-layer machine learning-based classifier

2020 ◽  
pp. 1-20
Author(s):  
K. Muthamil Sudar ◽  
P. Deepalakshmi
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Architecture ◽  
Detection System ◽  
Software Defined Networking ◽  
Control Plane ◽  
Control Logic ◽  
Data Plane

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

Sign in / Sign up

Export Citation Format

Share Document