scholarly journals An Analysis of the KDD99 and UNSW-NB15 Datasets for the Intrusion Detection System

Symmetry ◽  
2020 ◽  
Vol 12 (10) ◽  
pp. 1666
Author(s):  
Muataz Salam Al-Daweri ◽  
Khairul Akram Zainol Ariffin ◽  
Salwani Abdullah ◽  
Mohamad Firham Efendy Md. Senan
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Rough Set Theory ◽  
Technology Development ◽  
Detection System ◽  
Selection Process ◽  
Back Propagation ◽  
Back Propagation Neural Network ◽  
Selection Of

The significant increase in technology development over the internet makes network security a crucial issue. An intrusion detection system (IDS) shall be introduced to protect the networks from various attacks. Even with the increased amount of works in the IDS research, there is a lack of studies that analyze the available IDS datasets. Therefore, this study presents a comprehensive analysis of the relevance of the features in the KDD99 and UNSW-NB15 datasets. Three methods were employed: a rough-set theory (RST), a back-propagation neural network (BPNN), and a discrete variant of the cuttlefish algorithm (D-CFA). First, the dependency ratio between the features and the classes was calculated, using the RST. Second, each feature in the datasets became an input for the BPNN, to measure their ability for a classification task concerning each class. Third, a feature-selection process was carried out over multiple runs, to indicate the frequency of the selection of each feature. From the result, it indicated that some features in the KDD99 dataset could be used to achieve a classification accuracy above 84%. Moreover, a few features in both datasets were found to give a high contribution to increasing the classification’s performance. These features were present in a combination of features that resulted in high accuracy; the features were also frequently selected during the feature selection process. The findings of this study are anticipated to help the cybersecurity academics in creating a lightweight and accurate IDS model with a smaller number of features for the developing technologies.

Intrusion Detection Using Back Propagation Neural Network and Quick Reduct Algorithms

2018 ◽  
pp. 317-325
Author(s):  
S. Vijaya Rani ◽  
G. N. K Suresh Babu
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Back Propagation ◽  
Back Propagation Neural Network ◽  
Data Sets ◽  
Effective Technique ◽  
Data Set ◽  
Quick Reduct

It is a big challenge to safeguard a network and data due to various network threats and attacks in a network system. Intrusion detection system is an effective technique to negotiate the issues of network security by utilizing various network classifiers. It detects malicious attacks. The data sets available in the study of intrusion detection system were DARPA, KDD 1999 cup, NSL_KDD, DEFCON, ISCX-UNB, KDD 1999 cup data set is the best and old data set for research purpose on intrusion detection. The data is preprocessed, normalized and trained by BPN algorithm. Further the normalized data is discretized using Entropy discretization and feature selection carried out by quick reduct methods. After feature selection, the concerned feature from normalized data is processed through BPN for better accuracy and efficiency of the system.

scholarly journals FEATURE SELECTION AND CLASSIFICATION OF INTRUSION DETECTION SYSTEM USING ROUGH SET

2013 ◽  
pp. 48-51
Author(s):  
NIKITA GUPTA ◽  
NARENDER SINGH ◽  
VIJAY SHARMA ◽  
TARUN SHARMA ◽  
AMAN SINGH BHANDARI
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Rough Set ◽  
Intrusion Detection System ◽  
Rough Set Theory ◽  
Computer Network ◽  
Detection System ◽  
Classification Rules ◽  
Training Set

With the expansion of computer network there is a challenge to compete with the intruders who can easily break into the system. So it becomes a necessity to device systems or algorithms that can not only detect intrusion but can also improve the detection rate. In this paper we propose an intrusion detection system that uses rough set theory for feature selection, which is extraction of relevant attributes from the entire set of attributes describing a data packet and used the same theory to classify the packet if it is normal or an attack. After the simplification of the discernibility matrix we were to select or reduce the features. We have used Rosetta tool to obtain the reducts and classification rules. NSL KDD dataset is used as training set and is provided to Rosetta to obtain the classification rules.

scholarly journals A Novel Hybrid Intrusion Detection System (IDS) for the Detection of Internet of Things (IoT) Network Attacks

2020 ◽  
Vol 4 (5) ◽  
pp. 61-74
Author(s):  
Rabie A. Ramadan ◽  
Kusum Yadav
Keyword(s):  
Neural Network ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Selection Process ◽  
Detection Accuracy ◽  
Iot Security ◽  
Shuffled Frog Leaping

Nowadays, IoT has been widely used in different applications to improve the quality of life. However, the IoT becomes increasingly an ideal target for unauthorized attacks due to its large number of objects, openness, and distributed nature. Therefore, to maintain the security of IoT systems, there is a need for an efficient Intrusion Detection System (IDS). IDS implements detectors that continuously monitor the network traffic. There are various IDs methods proposed in the literature for IoT security. However, the existing methods had the disadvantages in terms of detection accuracy and time overhead. To enhance the IDS detection accuracy and reduces the required time, this paper proposes a hybrid IDS system where a pre-processing phase is utilized to reduce the required time and feature selection as well as the classification is done in a separate stage. The feature selection process is done by using the Enhanced Shuffled Frog Leaping (ESFL) algorithm and the selected features are classified using Light Convolutional Neural Network with Gated Recurrent Neural Network (LCNN-GRNN) algorithm. This two-stage method is compared to up-to-date methods used for intrusion detection and it over performs them in terms of accuracy and running time due to the light processing required by the proposed method.

An intelligent flow-based and signature-based IDS for SDNs using ensemble feature selection and a multi-layer machine learning-based classifier

2020 ◽  
pp. 1-20
Author(s):  
K. Muthamil Sudar ◽  
P. Deepalakshmi
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Architecture ◽  
Detection System ◽  
Software Defined Networking ◽  
Control Plane ◽  
Control Logic ◽  
Data Plane

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

Sign in / Sign up

Export Citation Format

Share Document