scholarly journals A novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks

Electronics ◽  
2019 ◽  
Vol 8 (11) ◽  
pp. 1210 ◽  
Author(s):  
Khraisat ◽  
Gondal ◽  
Vamplew ◽  
Kamruzzaman ◽  
Alazab
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Support Vector ◽  
Detection Accuracy ◽  
Lower False Positive Rate ◽  
Positive Rate ◽  
Iot Devices

The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques.

A Novel Cloud Intrusion Detection System Using Feature Selection and Classification

2015 ◽  
Vol 11 (4) ◽  
pp. 1-15 ◽  
Author(s):  
Anand Kannan ◽  
Karthik Gururajan Venkatesan ◽  
Alexandra Stagkopoulou ◽  
Sheng Li ◽  
Sathyavakeeswaran Krishnan ◽  
...  
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Decision Tree ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Detection Accuracy ◽  
Selection Algorithm ◽  
Feature Selection Algorithm ◽  
Positive Rate

This paper proposes a new cloud intrusion detection system for detecting the intruders in a traditional hybrid virtualized, cloud environment. The paper introduces an effective feature selection algorithm called Temporal Constraint based on Feature Selection algorithm and also proposes a classification algorithm called hybrid decision tree. This hybrid decision tree has been developed by extending the Enhanced C4.5 algorithm an existing decision tree based classifier. Furthermore, the experiments conducted on the sample Cloud Intrusion Detection Datasets (CIDD) show that the proposed cloud intrusion detection system provides better detection accuracy than the existing work and reduces the false positive rate.

The Study of the Ontology and Context Verification Based Intrusion Detection Model

2014 ◽  
Vol 644-650 ◽  
pp. 3338-3341 ◽  
Author(s):  
Guang Feng Guo
Keyword(s):  
Intrusion Detection ◽  
Knowledge Base ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
False Positives ◽  
The Real ◽  
Detection Model ◽  
Positive Rate

During the 30-year development of the Intrusion Detection System, the problems such as the high false-positive rate have always plagued the users. Therefore, the ontology and context verification based intrusion detection model (OCVIDM) was put forward to connect the description of attack’s signatures and context effectively. The OCVIDM established the knowledge base of the intrusion detection ontology that was regarded as the center of efficient filtering platform of the false alerts to realize the automatic validation of the alarm and self-acting judgment of the real attacks, so as to achieve the goal of filtering the non-relevant positives alerts and reduce false positives.

Association Rule-Mining-Based Intrusion Detection System With Entropy-Based Feature Selection

2020 ◽  
pp. 1-24
Author(s):  
Devaraju Sellappan ◽  
Ramakrishnan Srinivasan
Keyword(s):  
Intrusion Detection ◽  
Association Rule ◽  
Intrusion Detection System ◽  
Association Rule Mining ◽  
Detection System ◽  
False Positive Rate ◽  
Rule Mining ◽  
Detection Rates ◽  
Mining Algorithm ◽  
Positive Rate

Intrusion detection system (IDSs) are important to industries and organizations to solve the problems of networks, and various classifiers are used to classify the activity as malicious or normal. Today, the security has become a decisive part of any industrial and organizational information system. This chapter demonstrates an association rule-mining algorithm for detecting various network intrusions. The KDD dataset is used for experimentation. There are three input features classified as basic features, content features, and traffic features. There are several attacks are present in the dataset which are classified into Denial of Service (DoS), Probe, Remote to Local (R2L), and User to Root (U2R). The proposed method gives significant improvement in the detection rates compared with other methods. Association rule mining algorithm is proposed to evaluate the KDD dataset and dynamic data to improve the efficiency, reduce the false positive rate (FPR) and provides less time for processing.

A Novel Hybrid LE and SVM with CV in Intrusion Detection

2014 ◽  
Vol 644-650 ◽  
pp. 2572-2576
Author(s):  
Qing Liu ◽  
Yun Kai Zhang ◽  
Qing Ru Li
Keyword(s):  
Intrusion Detection ◽  
False Positive Rate ◽  
Likelihood Estimation ◽  
Support Vector ◽  
Training Time ◽  
Detection Algorithms ◽  
Lower False Positive Rate ◽  
Proposed Model ◽  
Positive Rate ◽  
Rbf Kernel

A support vector machine (SVM) model combined Laplacian Eigenmaps (LE) with Cross Validation (CV) is proposed for intrusion detection. In the proposed model, a classifier is adopted to estimate whether an action is an attack or not. Maximum Likelihood Estimation (MLE) is used to estimate the intrinsic dimensions, and LE is used as a preprocessor of SVM to reduce the dimensions of feature vectors then training time is shortened. In order to improve the performance of SVM, CV is used to optimize the parameters of SVM in RBF kernel function. Compared with other detection algorithms, the experimental results show that the proposed model has the advantages: shorter training time, higher accuracy rate and lower false positive rate.

scholarly journals IDSFS: A Signature Based Intrusion Detection System with High Pertinent Feature Selection Method

2019 ◽  
Vol 8 (2) ◽  
pp. 25-31
Author(s):  
S. Latha ◽  
Sinthu Janita Prakash
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Feature Selection Method ◽  
Selection Method ◽  
Positive Rate ◽  
Frame Work ◽  
Pertinent Feature

Securing a network from the attackers is a challenging task at present as many users involve in variety of computer networks. To protect any individual host in a network or the entire network, some security system must be implemented. In this case, the Intrusion Detection System (IDS) is essential to protect the network from the intruders. The IDS have to deal with a lot of network packets with different characteristics. A signature-based IDS is a potential tool to understand former attacks and to define suitable method to conquest it in variety of applications. This research article elucidates the objective of IDS with a mechanism which combines the network and host-based IDS. The benchmark dataset for DARPA is considered to generate the IDS mechanism. In this paper, a frame work IDSFS – a signature-based IDS with high pertinent feature selection method is framed. This frame work consists of earlier proposed Feature Selection method (HPFSM), Artificial Neural Network for classification of nodes or packets in the network, then the signatures or attack rules are configured by implementing Association Rule mining algorithm and finally the rules are restructured using a pattern matching algorithm-Aho-Corasick to ease the rule checking. The metrics like number of features, classification accuracy, False Positive Rate (FPR), Precision, Number of rules, Running Time and Memory consumption are checked and proved the proposed frame work’s efficiency.

Association Rule-Mining-Based Intrusion Detection System With Entropy-Based Feature Selection

2021 ◽  
pp. 183-206
Author(s):  
Devaraju Sellappan ◽  
Ramakrishnan Srinivasan
Keyword(s):  
Intrusion Detection ◽  
Association Rule ◽  
Intrusion Detection System ◽  
Association Rule Mining ◽  
Detection System ◽  
False Positive Rate ◽  
Rule Mining ◽  
Detection Rates ◽  
Mining Algorithm ◽  
Positive Rate

Intrusion detection system (IDSs) are important to industries and organizations to solve the problems of networks, and various classifiers are used to classify the activity as malicious or normal. Today, the security has become a decisive part of any industrial and organizational information system. This chapter demonstrates an association rule-mining algorithm for detecting various network intrusions. The KDD dataset is used for experimentation. There are three input features classified as basic features, content features, and traffic features. There are several attacks are present in the dataset which are classified into Denial of Service (DoS), Probe, Remote to Local (R2L), and User to Root (U2R). The proposed method gives significant improvement in the detection rates compared with other methods. Association rule mining algorithm is proposed to evaluate the KDD dataset and dynamic data to improve the efficiency, reduce the false positive rate (FPR) and provides less time for processing.

scholarly journals Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Muhammad Ahmad ◽  
Qaiser Riaz ◽  
Muhammad Zeeshan ◽  
Hasan Tahir ◽  
Syed Ali Haider ◽  
...  
Keyword(s):  
Machine Learning ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Detection System ◽  
Transport Layer ◽  
Supervised Machine Learning ◽  
Support Vector ◽  
Data Set ◽  
Network Intrusion ◽  
Iot Devices

AbstractInternet of Things (IoT) devices are well-connected; they generate and consume data which involves transmission of data back and forth among various devices. Ensuring security of the data is a critical challenge as far as IoT is concerned. Since IoT devices are inherently low-power and do not require a lot of compute power, a Network Intrusion Detection System is typically employed to detect and remove malicious packets from entering the network. In the same context, we propose feature clusters in terms of Flow, Message Queuing Telemetry Transport (MQTT) and Transmission Control Protocol (TCP) by using features in UNSW-NB15 data-set. We eliminate problems like over-fitting, curse of dimensionality and imbalance in the data-set. We apply supervised Machine Learning (ML) algorithms, i.e., Random Forest (RF), Support Vector Machine and Artificial Neural Networks on the clusters. Using RF, we, respectively, achieve 98.67% and 97.37% of accuracy in binary and multi-class classification. In clusters based techniques, we achieved 96.96%, 91.4% and 97.54% of classification accuracy by using RF on Flow & MQTT features, TCP features and top features from both clusters. Moreover, we show that the proposed feature clusters provide higher accuracy and requires lesser training time as compared to other state-of-the-art supervised ML-based approaches.

scholarly journals Intrusion detection system based on machine learning techniques

2021 ◽  
Vol 23 (2) ◽  
pp. 953
Author(s):  
Musaab Riyadh ◽  
Dina Riadh Alshibani
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Special Kind ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Detection Accuracy ◽  
K Nearest Neighbor ◽  
Data Set ◽  
Malicious Activity

Recently, the data flow over the internet has exponentially increased due to the massive growth of computer networks connected to it. Some of these data can be classified as a malicious activity which cannot be captured by firewalls and anti-malwares. Due to this, the intrusion detection systems are urgent need in order to recognize malicious activity to keep data integrity and availability. In this study, an intrusion detection system based on cluster feature concepts and KNN classifier has been suggested to handle the various challenges issues in data such as in complete data, mixed-type and noise data. To streng then the proposed system a special kind of patterns similarity measures are supported to deal with these types of challenges. The experimental results show that the classification accuracy of the suggested system is better than K-nearest neighbor (KNN) and support vector machine classifiers when processing incomplete data set, inspite of droping down the overall detection accuracy.

Sign in / Sign up

Export Citation Format

Share Document