scholarly journals Research on Alarm Reduction of Intrusion Detection System Based on Clustering and Whale Optimization Algorithm

2021 ◽  
Vol 11 (23) ◽  
pp. 11200
Author(s):  
Leiting Wang ◽  
Lize Gu ◽  
Yifan Tang
Keyword(s):  
Intrusion Detection ◽  
Hierarchical Clustering ◽  
Optimization Algorithm ◽  
Intrusion Detection System ◽  
Detection System ◽  
Whale Optimization Algorithm ◽  
Cluster Center ◽  
Data Set ◽  
Network Intrusion ◽  
Whale Optimization

With the frequent occurrence of network security events, the intrusion detection system will generate alarm and log records when monitoring the network environment in which a large number of log and alarm records are redundant, which brings great burden to the server storage and security personnel. How to reduce the redundant alarm records in network intrusion detection has always been the focus of researchers. In this paper, we propose a method using the whale optimization algorithm to deal with massive redundant alarms. Based on the alarm hierarchical clustering, we integrate the whale optimization algorithm into the process of generating alarm hierarchical clustering and optimizing the cluster center and put forward two versions of local hierarchical clustering and global hierarchical clustering, respectively. To verify the feasibility of the algorithm, we conducted experiments on the UNSW-NB15 data set; compared with the previous alarm clustering algorithms, the alarm clustering algorithm based on the whale optimization algorithm can generate higher quality clustering in a shorter time. The results show that the proposed algorithm can effectively reduce redundant alarms and reduce the load of IDS and staff.

Enhance Network Intrusion Detection System by Exploiting BR Algorithm as an Optimal Feature Selection

2015 ◽  
pp. 17-32 ◽  
Author(s):  
Soukaena Hassan Hashem
Keyword(s):  
Intrusion Detection ◽  
Wireless Network ◽  
Intrusion Detection System ◽  
Missing Values ◽  
Detection System ◽  
Network Intrusion Detection ◽  
Wireless Data ◽  
Data Set ◽  
Network Intrusion ◽  
Network Intrusion Detection System

This chapter aims to build a proposed Wire/Wireless Network Intrusion Detection System (WWNIDS) to detect intrusions and consider many of modern attacks which are not taken in account previously. The proposal WWNIDS treat intrusion detection with just intrinsic features but not all of them. The dataset of WWNIDS will consist of two parts; first part will be wire network dataset which has been constructed from KDD'99 that has 41 features with some modifications to produce the proposed dataset that called modern KDD and to be reliable in detecting intrusion by suggesting three additional features. The second part will be building wireless network dataset by collecting thousands of sessions (normal and intrusion); this proposed dataset is called Constructed Wireless Data Set (CWDS). The preprocessing process will be done on the two datasets (KDD & CWDS) to eliminate some problems that affect the detection of intrusion such as noise, missing values and duplication.

scholarly journals Deep Stacking Network for Intrusion Detection

Sensors ◽  
2021 ◽  
Vol 22 (1) ◽  
pp. 25
Author(s):  
Yifan Tang ◽  
Lize Gu ◽  
Leiting Wang
Keyword(s):  
Intrusion Detection ◽  
Decision Tree ◽  
Classification Accuracy ◽  
Intrusion Detection System ◽  
Detection System ◽  
Detection Performance ◽  
Network Intrusion Detection ◽  
Fusion Model ◽  
Data Set ◽  
Network Intrusion

Preventing network intrusion is the essential requirement of network security. In recent years, people have conducted a lot of research on network intrusion detection systems. However, with the increasing number of advanced threat attacks, traditional intrusion detection mechanisms have defects and it is still indispensable to design a powerful intrusion detection system. This paper researches the NSL-KDD data set and analyzes the latest developments and existing problems in the field of intrusion detection technology. For unbalanced distribution and feature redundancy of the data set used for training, some training samples are under-sampling and feature selection processing. To improve the detection effect, a Deep Stacking Network model is proposed, which combines the classification results of multiple basic classifiers to improve the classification accuracy. In the experiment, we screened and compared the performance of various mainstream classifiers and found that the four models of the decision tree, k-nearest neighbors, deep neural network and random forests have outstanding detection performance and meet the needs of different classification effects. Among them, the classification accuracy of the decision tree reaches 86.1%. The classification effect of the Deeping Stacking Network, a fusion model composed of four classifiers, has been further improved and the accuracy reaches 86.8%. Compared with the intrusion detection system of other research papers, the proposed model effectively improves the detection performance and has made significant improvements in network intrusion detection.

Hacker Intrusion Detection System Based on Artificial Neural Network

2012 ◽  
Vol 263-266 ◽  
pp. 2924-2928
Author(s):  
Jing Huang ◽  
Hai Bin Chen ◽  
Jiang Zhang ◽  
Han Bo Zhang
Keyword(s):  
Neural Network ◽  
Artificial Neural Network ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
System Model ◽  
Data Set ◽  
Advantages And Disadvantages ◽  
Network Intrusion ◽  
Artificial Neural

In this paper, some scholars’ idea of applying neural network technology in the design of hacker intrusion detection system model and making a hacker intrusion detection system model based on artificial neural network is adopted. This study selects KDDCup’99 for network intrusion detection data set to learn the characteristics of the intrusion accurately; completes the normalization of all characteristics to achieve rapid convergence of the artificial neural network; analyses the advantages and disadvantages of different neural network training functions; achieves a high accuracy rate for intrusion detection successfully.

Proposed Hybrid Classifier to Improve Network Intrusion Detection System using Data Mining Techniques

2020 ◽  
Vol 38 (1B) ◽  
pp. 6-14
Author(s):  
ٍٍSarah M. Shareef ◽  
Soukaena H. Hashim
Keyword(s):  
Intrusion Detection ◽  
False Alarm ◽  
Intrusion Detection System ◽  
Detection System ◽  
Multinomial Logistic Regression ◽  
Network Intrusion Detection ◽  
Limiting Factor ◽  
Network Intrusion ◽  
Network Intrusion Detection System ◽  
Normal Behavior

Network intrusion detection system (NIDS) is a software system which plays an important role to protect network system and can be used to monitor network activities to detect different kinds of attacks from normal behavior in network traffics. A false alarm is one of the most identified problems in relation to the intrusion detection system which can be a limiting factor for the performance and accuracy of the intrusion detection system. The proposed system involves mining techniques at two sequential levels, which are: at the first level Naïve Bayes algorithm is used to detect abnormal activity from normal behavior. The second level is the multinomial logistic regression algorithm of which is used to classify abnormal activity into main four attack types in addition to a normal class. To evaluate the proposed system, the KDDCUP99 dataset of the intrusion detection system was used and K-fold cross-validation was performed. The experimental results show that the performance of the proposed system is improved with less false alarm rate.

Sign in / Sign up

Export Citation Format

Share Document