scholarly journals Design of Optimal Acceptance Sampling Plan for Network Intrusion Detection

2019 ◽  
Vol 9 (1) ◽  
pp. 4379-4383
Keyword(s):  
Intrusion Detection ◽  
Network Flow ◽  
Network Flows ◽  
Monitoring Network ◽  
Computational Effort ◽  
Network Intrusion Detection ◽  
Acceptance Sampling ◽  
Network Intrusion ◽  
Acceptance Sampling Plan ◽  
The Cost

Network Intrusion Detection Systems (NIDS) protects networks connected to the internet from malicious attacks by monitoring network flows predominantly at fragment level in network layer. Inspecting every fragment of a network flow is computationally prohibitive. The Acceptance Sampling for Network Intrusion Detection (ASNID) method avoids hundred percent inspections of fragments to detect anomalous flows. This study proposes a model to determine optimal acceptance sample size. Further, this study also proposes a model for estimating the cost of computational effort.

scholarly journals A Detailed Analysis of Benchmark Datasets for Network Intrusion Detection System

2021 ◽  
pp. 14-33
Author(s):  
Mossa Ghurab ◽  
Ghaleb Gaphari ◽  
Faisal Alshami ◽  
Reem Alshamy ◽  
Suad Othman
Keyword(s):  
Intrusion Detection ◽  
Detailed Analysis ◽  
Intrusion Detection System ◽  
Network Flow ◽  
Detection System ◽  
Attack Detection ◽  
Network Intrusion Detection ◽  
Detection Techniques ◽  
Network Intrusion ◽  
Network Intrusion Detection System

The enormous increase in the use of the Internet in daily life has provided an opportunity for the intruder attempt to compromise the security principles of availability, confidentiality, and integrity. As a result, organizations are working to increase the level of security by using attack detection techniques such as Network Intrusion Detection System (NIDS), which monitors and analyzes network flow and attacks detection. There are a lot of researches proposed to develop the NIDS and depend on the dataset for the evaluation. Datasets allow evaluating the ability in detecting intrusion behavior. This paper introduces a detailed analysis of benchmark and recent datasets for NIDS. Specifically, we describe eight well-known datasets that include: KDD99, NSL-KDD, KYOTO 2006+, ISCX2012, UNSW-NB 15, CIDDS-001, CICIDS2017, and CSE-CIC-IDS2018. For each dataset, we provide a detailed analysis of its instances, features, classes, and the nature of the features. The main objective of this paper is to offer overviews of the datasets are available for the NIDS and what each dataset is comprised of. Furthermore, some recommendations were made to use network-based datasets.

scholarly journals LITNET-2020: An Annotated Real-World Network Flow Dataset for Network Intrusion Detection

Electronics ◽  
2020 ◽  
Vol 9 (5) ◽  
pp. 800 ◽  
Author(s):  
Robertas Damasevicius ◽  
Algimantas Venckauskas ◽  
Sarunas Grigaliunas ◽  
Jevgenijus Toldinas ◽  
Nerijus Morkevicius ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Real World ◽  
Network Traffic ◽  
Network Flow ◽  
Detection Methods ◽  
Network Intrusion Detection ◽  
Clustering Methods ◽  
Modern Computer ◽  
Network Intrusion ◽  
Flow Features

Network intrusion detection is one of the main problems in ensuring the security of modern computer networks, Wireless Sensor Networks (WSN), and the Internet-of-Things (IoT). In order to develop efficient network-intrusion-detection methods, realistic and up-to-date network flow datasets are required. Despite several recent efforts, there is still a lack of real-world network-based datasets which can capture modern network traffic cases and provide examples of many different types of network attacks and intrusions. To alleviate this need, we present LITNET-2020, a new annotated network benchmark dataset obtained from the real-world academic network. The dataset presents real-world examples of normal and under-attack network traffic. We describe and analyze 85 network flow features of the dataset and 12 attack types. We present the analysis of the dataset features by using statistical analysis and clustering methods. Our results show that the proposed feature set can be effectively used to identify different attack classes in the dataset. The presented network dataset is made freely available for research purposes.

Proposed Hybrid Classifier to Improve Network Intrusion Detection System using Data Mining Techniques

2020 ◽  
Vol 38 (1B) ◽  
pp. 6-14
Author(s):  
ٍٍSarah M. Shareef ◽  
Soukaena H. Hashim
Keyword(s):  
Intrusion Detection ◽  
False Alarm ◽  
Intrusion Detection System ◽  
Detection System ◽  
Multinomial Logistic Regression ◽  
Network Intrusion Detection ◽  
Limiting Factor ◽  
Network Intrusion ◽  
Network Intrusion Detection System ◽  
Normal Behavior

Network intrusion detection system (NIDS) is a software system which plays an important role to protect network system and can be used to monitor network activities to detect different kinds of attacks from normal behavior in network traffics. A false alarm is one of the most identified problems in relation to the intrusion detection system which can be a limiting factor for the performance and accuracy of the intrusion detection system. The proposed system involves mining techniques at two sequential levels, which are: at the first level Naïve Bayes algorithm is used to detect abnormal activity from normal behavior. The second level is the multinomial logistic regression algorithm of which is used to classify abnormal activity into main four attack types in addition to a normal class. To evaluate the proposed system, the KDDCUP99 dataset of the intrusion detection system was used and K-fold cross-validation was performed. The experimental results show that the performance of the proposed system is improved with less false alarm rate.

Sign in / Sign up

Export Citation Format

Share Document