scholarly journals Expert Knowledge Correlated Intrusion Detection System Evaluation Framework for Heterogeneous IoT

2021 ◽  
Author(s):  
Nitish A ◽  
J. Hanumanthappa ◽  
Shiva Prakash S.P ◽  
Kirill Krinkin
Keyword(s):  
Intrusion Detection ◽  
Expert Knowledge ◽  
Detection System ◽  
Evaluation Framework ◽  
Support Vector ◽  
Minimal Processing ◽  
Network Intrusion ◽  
Misclassification Rates ◽  
Improved Performance ◽  
Neural Network Classifiers

The dynamic contexts of heterogeneous Internet of Things (HetIoT) adversely affect the performance of learning-based network intrusion detection systems (NIDS) resulting in increased misclassification rates---necessitating an expert knowledge correlated evaluation framework. The proposed generalizable framework includes intrusion root cause analysis, correlation model, and correlated classification metrics that can be generalized over any NID dataset, corresponding expert knowledge, detection technique, and learning-based algorithm to facilitate context-awareness in reducing false alerts. To achieve this, we perform experimentations on the Bot-IoT dataset---with generalized traffic behaviors from multiple existing NID datasets---employing the Support Vector Machine (SVM) machine learning and Multilayer Perceptron (MLP) shallow neural network classifiers, demonstrating the generalizability, robustness, and improved performance of the propounded framework compared to the existing literature. Furthermore, the proposed framework offers minimal processing overhead on the classifier algorithms.<br>

scholarly journals Expert Knowledge Correlated Evaluation of Intrusion Detection System in Heterogeneous IoT

2021 ◽  
Author(s):  
Nitish A ◽  
Prof.(Dr).Hanumanthapppa J ◽  
Shiva Prakash S.P ◽  
Kirill Krinkin
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Expert Knowledge ◽  
Detection System ◽  
Evaluation Framework ◽  
Network Intrusion Detection ◽  
Root Cause ◽  
Network Intrusion ◽  
Misclassification Rates ◽  
Intrusion Detection And Prevention

<div>The dynamic heterogeneous IoT contexts adversely affect the performance of learning-based network intrusion detection and prevention systems resulting in increased misclassification rates—necessitating an expert knowledge correlated evaluation framework. The proposed framework includes intrusion root cause analysis and a correlation model that can be generalized over any network intrusion dataset, corresponding expert knowledge, detection technique, and learning-based algorithm. The experimentations prove the robustness of the propounded</div><div>framework on imbalanced datasets.</div>

scholarly journals Expert Knowledge Correlated Evaluation of Intrusion Detection System in Heterogeneous IoT

2021 ◽  
Author(s):  
Nitish A ◽  
Prof.(Dr).Hanumanthapppa J ◽  
Shiva Prakash S.P ◽  
Kirill Krinkin
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Expert Knowledge ◽  
Detection System ◽  
Evaluation Framework ◽  
Network Intrusion Detection ◽  
Root Cause ◽  
Network Intrusion ◽  
Misclassification Rates ◽  
Intrusion Detection And Prevention

<div>The dynamic heterogeneous IoT contexts adversely affect the performance of learning-based network intrusion detection and prevention systems resulting in increased misclassification rates—necessitating an expert knowledge correlated evaluation framework. The proposed framework includes intrusion root cause analysis and a correlation model that can be generalized over any network intrusion dataset, corresponding expert knowledge, detection technique, and learning-based algorithm. The experimentations prove the robustness of the propounded</div><div>framework on imbalanced datasets.</div>

Application of Computational Intelligence in Network Intrusion Detection

2018 ◽  
pp. 153-174
Author(s):  
Heba F. Eid
Keyword(s):  
Intrusion Detection ◽  
Computational Intelligence ◽  
Intrusion Detection System ◽  
Detection System ◽  
Effective Area ◽  
Network Intrusion Detection ◽  
Support Vector ◽  
Network Intrusion ◽  
New Research ◽  
Operational Issues

Intrusion detection system plays an important role in network security. However, network intrusion detection (NID) suffers from several problems, such as false positives, operational issues in high dimensional data, and the difficulty of detecting unknown threats. Most of the problems with intrusion detection are caused by improper implementation of the network intrusion detection system (NIDS). Over the past few years, computational intelligence (CI) has become an effective area in extending research capabilities. Thus, NIDS based upon CI is currently attracting considerable interest from the research community. The scope of this review will encompass the concept of NID and presents the core methods of CI, including support vector machine, hidden naïve Bayes, particle swarm optimization, genetic algorithm, and fuzzy logic. The findings of this review should provide useful insights into the application of different CI methods for NIDS over the literature, allowing to clearly define existing research challenges and progress, and to highlight promising new research directions.

An Intelligent Network Intrusion Detection System Based on Multi-Modal Support Vector Machines

2013 ◽  
Vol 7 (4) ◽  
pp. 37-52
Author(s):  
Srinivasa K G
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Intelligent Network ◽  
Statistical Machine Learning ◽  
High Detection Rate ◽  
Network Intrusion

Increase in the number of network based transactions for both personal and professional use has made network security gain a significant and indispensable status. The possible attacks that an Intrusion Detection System (IDS) has to tackle can be of an existing type or of an entirely new type. The challenge for researchers is to develop an intelligent IDS which can detect new attacks as efficiently as they detect known ones. Intrusion Detection Systems are rendered intelligent by employing machine learning techniques. In this paper we present a statistical machine learning approach to the IDS using the Support Vector Machine (SVM). Unike conventional SVMs this paper describes a milti model approach which makes use of an extra layer over the existing SVM. The network traffic is modeled into connections based on protocols at various network layers. These connection statistics are given as input to SVM which in turn plots each input vector. The new attacks are identified by plotting them with respect to the trained system. The experimental results demonstrate the lower execution time of the proposed system with high detection rate and low false positive number. The 1999 DARPA IDS dataset is used as the evaluation dataset for both training and testing. The proposed system, SVM NIDS is bench marked with SNORT (Roesch, M. 1999), an open source IDS.

scholarly journals A Novel Intrusion Detection System for RPL Based IoT Networks with Bio-Inspired Feature Selection and Ensemble Classifier

2021 ◽  
Author(s):  
Jayaprakash Pokala ◽  
B. Lalitha
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Ensemble Classifier ◽  
Support Vector ◽  
Routing Attacks ◽  
Salp Swarm Algorithm ◽  
Network Intrusion ◽  
Swarm Algorithm

Abstract Internet of Things (IoT) is the powerful latest trend that allows communications and networking of many sources over the internet. Routing protocol for low power and lossy networks (RPL) based IoT networks may be exposed to many routing attacks due to resource-constrained and open nature of the IoT nodes. Hence, there is a need for network intrusion detection system (NIDS) to protect RPL based IoT networks from routing attacks. The existing techniques for anomaly-based NIDS (ANIDS) subjects to high false alarm rate (FAR). Therefore, a novel bio-inspired voting ensemble classifier with feature selection technique is proposed in this paper to improve the performance of ANIDS for RPL based IoT networks. The proposed voting ensemble classifier combines the results of various base classifiers such as logistic Regression, support vector machine, decision tree, bidirectional long short-term memory and K-nearest neighbor to detect the attacks accurately based on majority voting rule. The optimized weights of base classifiers are obtained by using the feature selection method called simulated annealing based improved salp swarm algorithm (SA-ISSA), which is the hybridization of particle swarm optimization, opposition based learning and salp swarm algorithm. The experiments are performed with RPL-NIDDS17 dataset that contains seven types of attack instances. The performance of the proposed model is evaluated and compared with existing feature selection and classification techniques in terms of accuracy, attack detection rate (ADR), FAR and so on. The proposed ensemble classifier shows better performance with higher accuracy (96.4%), ADR (97.7%) and reduced FAR (3.6%).

scholarly journals An ensemble feature selection approach using hybrid kernel based SVM for network intrusion detection system

2021 ◽  
Vol 23 (1) ◽  
pp. 558
Author(s):  
Gaddam Venu Gopal ◽  
Gatram Rama Mohan Babu
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Network Intrusion Detection ◽  
Support Vector ◽  
Feature Subset ◽  
Network Intrusion ◽  
Feature Selection Approach ◽  
Hybrid Kernel

Feature selection is a process of identifying relevant feature subset that leads to the machine learning algorithm in a well-defined manner. In this paper, anovel ensemble feature selection approach that comprises of Relief  Attribute Evaluation and hybrid kernel-based support vector machine (HK-SVM) approach is proposed as a feature selection method for network intrusion detection system (NIDS). A Hybrid approach along with the combination of Gaussian and Polynomial methods is used as a kernel for support vector machine (SVM). The key issue is to select a feature subset that yields good accuracy at a minimal computational cost. The proposed approach is implemented and compared with classical SVM and simple kernel. Kyoto2006+, a bench mark intrusion detection dataset,is used for experimental evaluation and then observations are drawn.

Sign in / Sign up

Export Citation Format

Share Document