scholarly journals Classifier Rank Identification using Multi-Criteria Decision Making Method for Intrusion Detection Dataset

2019 ◽  
Vol 9 (1) ◽  
pp. 1732-1738 ◽  
Keyword(s):  
Decision Making ◽  
Intrusion Detection ◽  
Network Traffic ◽  
Detection System ◽  
False Positive Rate ◽  
Absolute Error ◽  
Multi Criteria Decision Making ◽  
Intrusion Prevention ◽  
Network Intrusion ◽  
Intrusion Prevention System

Network intrusion detection system (NIDS) tracks network traffic for suspicious activity and policy violations. It generates alerts whenever such activity found. The objective is to detect and report anomalies. Further intrusion prevention system can take action such as blocking traffic from suspected IP addresses. Classification of network traffic as is a tedious task. Existing classifiers are suffered by generating many/false alerts. It is paramount important to select best classification approach among set of available approaches. KDD 99 is the benchmark dataset utilized to test the classification capabilities of classifiers. However, many classifiers generate similar results by measuring performance on various criteria. Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) is a traditional multi-criteria decision making (MCDM) approach which is widely used to rank classifiers from number of options that are assessed on various criteria. In this work, KDD 99 dataset is applied as input to bayes net, naive bayes, NB updateable, random forest, oneR, zeroR, adaboostM1, decision stump, J48 and decision table classifiers. The performance of each classifier is measured using 10 different criteria’s such as accuracy, misclassification, RA error, RMS error, false positive rate, f- measure, precision, RRS error, mean absolute error and recall. In order to test the effectiveness of proposed approach weka utility is utilized for classification and classifier performance result are supplied to the TOPSIS. An application is designed to implement TOPSIS method using python. It is observed that J48 secured at the top position with performance score 0.5829.

PAIRWISE CLUSTERS OPTIMIZATION AND CLUSTER MOST SIGNIFICANT FEATURE METHODS FOR ANOMALY-BASED NETWORK INTRUSION DETECTION SYSTEM (POC2MSF)

2018 ◽  
Vol 3 (2) ◽  
pp. 93
Author(s):  
Gervais Hatungimana
Keyword(s):  
Intrusion Detection ◽  
Network Traffic ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Significant Feature ◽  
Features Selection ◽  
Number Of Clusters ◽  
Network Intrusion

 Anomaly-based Intrusion Detection System (IDS) uses known baseline to detect patterns which have deviated from normal behavior. If the baseline is faulty, the IDS performance degrades. Most of researches in IDS which use k-centroids-based clustering methods like K-means, K-medoids, Fuzzy, Hierarchical and agglomerative algorithms to baseline network traffic suffer from high false positive rate compared to signature-based IDS, simply because the nature of these algorithms risk to force some network traffic into wrong profiles depending on K number of clusters needed. In this paper we propose alternate method which instead of defining K number of clusters, defines t distance threshold. The unrecognizable IDS; IDS which is neither HIDS nor NIDS is the consequence of using statistical methods for features selection. The speed, memory and accuracy of IDS are affected by inappropriate features reduction method or ignorance of irrelevant features. In this paper we use two-step features selection and Quality Threshold with Optimization methods to design anomaly-based HIDS and NIDS separately. The performance of our system is 0% ,99.9974%, 1,1 false positive rates, accuracy , precision and recall respectively for NIDS and  0%,99.61%, 0.991,0.978 false positive rates, accuracy, precision and recall respectively for HIDS.

scholarly journals Perancangan Security Network Intrusion Prevention System Pada PDTI Universitas Islam Raden Rahmat Malang

2021 ◽  
Vol 5 (1) ◽  
pp. 60-69
Author(s):  
Farid Wahyudi ◽  
◽  
Listanto Tri Utomo ◽  
Keyword(s):  
Network Security ◽  
Computer Security ◽  
Detection System ◽  
Local Network ◽  
Science System ◽  
Intrusion Prevention ◽  
Data Packets ◽  
Network Intrusion ◽  
Prevention System ◽  
Intrusion Prevention System

Security is very main in computer networks, where many devices are connected to each other to interact and exchange data without limits. Network security is also a very important issue to prioritize, one of which is to use an intrusion prevention system. At PDTI UNIRA there are often network security problems, one of which is that during the test season, the server experiences many intrusion problems. The purpose of this research is to develop a social science system based on the analysis at PDTI of Raden Rahmat Islamic University Malang. This research method uses a computer security development approach, namely the Intrusion Prevention System (IPS), by combining firewall engineering methods and Intrusion-Detection System (IDS). The result of this research is a technology that can be used to prevent attacks that will enter the local network checking and recording all data packets and recognizing sensor packets, when the attack has been identified, IPS will deny access (block) and record (log) all data packets. identified. So IPS acts as a firewall that will allow and block combined with IDS that can detect packets in detail. With a network security system, the Unira PDTI server is safer and can avoid intrusion.

Performance Analysis of Mail Clients on Low Cost Computer With ELGamal and RSA Using SNORT

2018 ◽  
pp. 332-353
Author(s):  
Sreerama Murthy Kattamuri ◽  
Vijayalakshmi Kakulapati ◽  
Pallam Setty S.
Keyword(s):  
Intrusion Detection ◽  
Low Power ◽  
Intrusion Detection System ◽  
Detection System ◽  
Low Cost ◽  
Raspberry Pi ◽  
Ip Address ◽  
Intrusion Prevention ◽  
Plain Text ◽  
Intrusion Prevention System

An intrusion detection system (IDS) focuses on determining malicious tasks by verifying network traffic and informing the network administrator for restricting the user or source or source IP address from accessing the network. SNORT is an open source intrusion detection system (IDS) and SNORT also acts as an intrusion prevention system (IPS) for monitoring and prevention of security attacks on networks. The authors applied encryption for text files by using cryptographic algorithms like Elgamal and RSA. This chapter tested the performance of mail clients in low cost, low power computer Raspberry Pi, and verified that SNORT is efficient for both algorithms. Within low cost, low power computer, they observed that as the size of the file increases, the run time is constant for compressed data; whereas in plain text, it changed significantly.

scholarly journals Pemanfaatan IPTables Sebagai Intrusion Detection System (IDS) dan Intrusion Prevention System (IPS) Pada Linux Server

Teknika ◽  
2017 ◽  
Vol 6 (1) ◽  
pp. 19-23
Author(s):  
Ery Setiyawan Jullev Atmadji ◽  
Bekti Maryuni Susanto ◽  
Rahardian Wiratama
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Prevention ◽  
Prevention System ◽  
Intrusion Prevention System

Keamanan jaringan menjadi hal yang penting untuk semua industri dan perusahaan untuk melindungi data dan informasi penting yang berada didalamnnya. Perlindungan keamanan dalam suatu jaringan umumnya berbasis pada keamanan transmisi data yang dibuat dan diaplikasikan untuk membantu mengamankan suatu jaringan tertentu. Untuk lebih mengoptimalkan pengambilan keputusan maka diperlukan sebuah mesin yang mampu berkolaborasi dengan database IDS maupun IPS, sehingga tipikal serangan yang sangat beragam dapat dipetakan dengan lebih optimal. Salah satu database yang mempunyai rule yang sudah ada adalah IPTABLES, hal ini dikarenakan pada IPTABLES terdapat fungsi firewall yang mampu menangani jenis serangan yang berlipat serta masif. Server yang akan digunakan adalah server dengan sistem operasi Linux. Sedangkan database serangan IDS yang digunakan adalah database KDD 99 yang sudah diakui sebagai salah satu database serangan yang sangat kompleks. Dengan pemanfaatan IPTABLES ini maka diharapkan keamanan server akan bisa dimonitor dengan lebih optimal. IPTABLES biasanya digunakan sebagai salah satu firewall yang digunakan pada server.

scholarly journals CNID: Research of Network Intrusion Detection Based on Convolutional Neural Network

2020 ◽  
Vol 2020 ◽  
pp. 1-11
Author(s):  
Guojie Liu ◽  
Jianbiao Zhang
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Convolutional Neural Network ◽  
Detection System ◽  
False Positive Rate ◽  
Network Intrusion Detection ◽  
Test Results ◽  
Softmax Classifier ◽  
Detection Model ◽  
Network Intrusion

Network intrusion detection system can effectively detect network attack behaviour, which is very important to network security. In this paper, a multiclassification network intrusion detection model based on convolutional neural network is proposed, and the algorithm is optimized. First, the data is preprocessed, the original one-dimensional network intrusion data is converted into two-dimensional data, and then the effective features are learned using optimized convolutional neural networks, and, finally, the final test results are produced in conjunction with the Softmax classifier. In this paper, KDD-CUP 99 and NSL-KDD standard network intrusion detection dataset were used to carry out the multiclassification network intrusion detection experiment; the experimental results show that the multiclassification network intrusion detection model proposed in this paper improves the accuracy and check rate, reduces the false positive rate, and also obtains better test results for the detection of unknown attacks.

scholarly journals LSTM deep learning method for network intrusion detection system

2020 ◽  
Vol 10 (3) ◽  
pp. 3315
Author(s):  
Alaeddine Boukhalfa ◽  
Abderrahim Abdellaoui ◽  
Nabil Hmina ◽  
Habiba Chaoui
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Network Intrusion Detection ◽  
Primary Concern ◽  
Great Ability ◽  
Network Intrusion ◽  
Network Intrusion Detection System

The security of the network has become a primary concern for organizations. Attackers use different means to disrupt services or steal information, these various attacks push to think of a new way to block them all in one manner. In addition, these intrusions can change and penetrate the devices of security. To solve these issues, we suggest, in this paper, a new idea for Network Intrusion Detection System (NIDS) based on Long Short-TermMemory (LSTM) to recognize menaces and to obtain a long-term memory on them, inorder to stop the new attacks that are like the existing ones, and at the sametime, to have a single mean to block intrusions. According to the results of the experiments of detections that we have carried out, the Accuracy reaches upto 99.98 % and 99.93 % for respectively the classification of two classes and several classes, Also the False Positive Rate (FPR) reaches up to only 0,068 % and 0,023 % for respectively the classification of two classes and several classes, which proves that the proposed model is very effective, it has a great ability to memorize and differentiate between normal traffic and attack traffic and its identification is more accurate than other Machine Learning classifiers.

A Network Intrusion Detection System for Concept Drifting Network Traffic Data

2021 ◽  
pp. 111-121
Author(s):  
Giuseppina Andresini ◽  
Annalisa Appice ◽  
Corrado Loglisci ◽  
Vincenzo Belvedere ◽  
Domenico Redavid ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Network Traffic ◽  
Intrusion Detection System ◽  
Detection System ◽  
Network Intrusion Detection ◽  
Traffic Data ◽  
Network Intrusion ◽  
Network Intrusion Detection System

scholarly journals Security Testing Using Intrusion Detection System in Cloud Computing

2020 ◽  
Vol 2 (3) ◽  
pp. 123-127
Author(s):  
Augustin Anggeliung ◽  
Arief Dwi Rachmadian ◽  
Vincent Vincent
Keyword(s):  
Cloud Computing ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Scientific Work ◽  
Security Testing ◽  
Intrusion Prevention ◽  
Aes Algorithm ◽  
Prevention System ◽  
Intrusion Prevention System

The development of technology is very fast, one of them is cloud computing. Cloud computing has been used from various circles and began to be developed. There are various problems that arise in cloud computing, such as problems from data, whether the data will be safe. To ensure that the data is safe, several methods or tools can be used. In this scientific work we use the Intrusion Detection System as an aid tool needed to access the network, including whether packages can protect data in cloud computing. Although the intrusion detection system there are still some shortcomings such as only being able to read some data and the performance will decrease the data very much. To overcome this it is necessary to use several additional tools such as the Intrusion Prevention System which is a refinement of the Intrusion Detection System and using the AES algorithm

Sign in / Sign up

Export Citation Format

Share Document