scholarly journals Machine Learning Approach for Intrusion Detection Systems as a Cyber Security Strategy for Small and Medium Enterprises

2022 ◽  
Vol 19 ◽  
pp. 474-480
Author(s):  
Nevila Baci ◽  
Kreshnik Vukatana ◽  
Marius Baci
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Small And Medium Enterprises ◽  
Classification Model ◽  
Supervised Machine Learning ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Original Dataset ◽  
Medium Enterprises

Small and medium enterprises (SMEs) are businesses that account for a large percentage of the economy in many countries, but they lack cyber security. The present study examines different supervised machine learning methods with a focus on intrusion detection systems (IDSs) that will help in improving SMEs’ security. The algorithms that are tested through a real dataset, are Naïve Bayes, Sequential minimal optimization (SMO), C4.5 decision tree, and Random Forest. The experiments are run using the Waikato Environment for Knowledge Analyses (WEKA) 3.8.4 tools and the metrics used to evaluate the results were: accuracy, false-positive rate (FPR), and total time to train and build a classification model. The results obtained from the original dataset with 130 features show a high value of accuracy, but the computation time to build the classification model was notably high for the cases of C4.5 (1 hr. and 20 mins) and SMO algorithm (4 hrs. and 20 mins). the Information Gain (IG) method was used and the result was impressive. The time needed to train the model was reduced in the order of a few minutes and the accuracy was high (above 95%). In the end, challenges that SMEs can have for choosing an IDS such as lack of scalability and autonomic self-adaptation, can be solved by using a correct methodology with machine learning techniques.

scholarly journals Empirical Evaluation of Noise Influence on Supervised Machine Learning Algorithms Using Intrusion Detection Datasets

2021 ◽  
Vol 2021 ◽  
pp. 1-28
Author(s):  
Khalid M. Al-Gethami ◽  
Mousa T. Al-Akhras ◽  
Mohammed Alawairdhi
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Extreme Values ◽  
Empirical Evaluation ◽  
Machine Learning Algorithms ◽  
Supervised Machine Learning ◽  
Intrusion Detection Systems ◽  
Support Vector ◽  
Detection Systems ◽  
Ensembles Of Classifiers

Optimizing the detection of intrusions is becoming more crucial due to the continuously rising rates and ferocity of cyber threats and attacks. One of the popular methods to optimize the accuracy of intrusion detection systems (IDSs) is by employing machine learning (ML) techniques. However, there are many factors that affect the accuracy of the ML-based IDSs. One of these factors is noise, which can be in the form of mislabelled instances, outliers, or extreme values. Determining the extent effect of noise helps to design and build more robust ML-based IDSs. This paper empirically examines the extent effect of noise on the accuracy of the ML-based IDSs by conducting a wide set of different experiments. The used ML algorithms are decision tree (DT), random forest (RF), support vector machine (SVM), artificial neural networks (ANNs), and Naïve Bayes (NB). In addition, the experiments are conducted on two widely used intrusion datasets, which are NSL-KDD and UNSW-NB15. Moreover, the paper also investigates the use of these ML algorithms as base classifiers with two ensembles of classifiers learning methods, which are bagging and boosting. The detailed results and findings are illustrated and discussed in this paper.

scholarly journals Improving the Performance of Machine Learning-Based Network Intrusion Detection Systems on the UNSW-NB15 Dataset

2021 ◽  
Vol 2021 ◽  
pp. 1-13
Author(s):  
Soulaiman Moualla ◽  
Khaldoun Khorzom ◽  
Assef Jafar
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
False Alarm ◽  
Supervised Machine Learning ◽  
Intrusion Detection Systems ◽  
Detection Rates ◽  
Detection Systems ◽  
Network Intrusion ◽  
Imbalanced Classes ◽  
Learning Machine

Networks are exposed to an increasing number of cyberattacks due to their vulnerabilities. So, cybersecurity strives to make networks as safe as possible, by introducing defense systems to detect any suspicious activities. However, firewalls and classical intrusion detection systems (IDSs) suffer from continuous updating of their defined databases to detect threats. The new directions of the IDSs aim to leverage the machine learning models to design more robust systems with higher detection rates and lower false alarm rates. This research presents a novel network IDS, which plays an important role in network security and faces the current cyberattacks on networks using the UNSW-NB15 dataset benchmark. Our proposed system is a dynamically scalable multiclass machine learning-based network IDS. It consists of several stages based on supervised machine learning. It starts with the Synthetic Minority Oversampling Technique (SMOTE) method to solve the imbalanced classes problem in the dataset and then selects the important features for each class existing in the dataset by the Gini Impurity criterion using the Extremely Randomized Trees Classifier (Extra Trees Classifier). After that, a pretrained extreme learning machine (ELM) model is responsible for detecting the attacks separately, “One-Versus-All” as a binary classifier for each of them. Finally, the ELM classifier outputs become the inputs to a fully connected layer in order to learn from all their combinations, followed by a logistic regression layer to make soft decisions for all classes. Results show that our proposed system performs better than related works in terms of accuracy, false alarm rate, Receiver Operating Characteristic (ROC), and Precision-Recall Curves (PRCs).

scholarly journals Analyzing the Impact of Cyber Security Related Attributes for Intrusion Detection Systems

2021 ◽  
Vol 13 (22) ◽  
pp. 12337
Author(s):  
Abdullah Alharbi ◽  
Adil Hussain Seh ◽  
Wael Alosaimi ◽  
Hashem Alyami ◽  
Alka Agrawal ◽  
...  
Keyword(s):  
Machine Learning ◽  
Decision Making ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Security And Privacy ◽  
Intrusion Detection Systems ◽  
Critical Function ◽  
Security Issues ◽  
Detection Systems ◽  
The Impact

Machine learning (ML) is one of the dominating technologies practiced in both the industrial and academic domains throughout the world. ML algorithms can examine the threats and respond to intrusions and security incidents swiftly in an instinctive way. It plays a critical function in providing a proactive security mechanism in the cybersecurity domain. Cybersecurity ensures the real time protection of information, information systems, and networks from intruders. Several security and privacy reports have cited that there has been a rapid increase in both the frequency and the number of cybersecurity breaches in the last decade. Information security has been compromised by intruders at an alarming rate. Anomaly detection, phishing page identification, software vulnerability diagnosis, malware identification, and denial of services attacks are the main cyber-security issues that demand effective solutions. Researchers and experts have been practicing different approaches to address the current cybersecurity issues and challenges. However, in this research endeavor, our objective is to make an idealness assessment of machine learning-based intrusion detection systems (IDS) under the hesitant fuzzy (HF) conditions, using a multi-criteria decision making (MCDM)-based analytical hierarchy process (AHP) and technique for order of preference by similarity to ideal-solutions (TOPSIS). Hesitant fuzzy sets are useful for addressing decision-making situations in which experts must overcome the reluctance to make a conclusion. The proposed research project would assist the machine learning practitioners and cybersecurity specialists in identifying, selecting, and prioritizing cybersecurity-related attributes for intrusion detection systems, and build more ideal and effective intrusion detection systems.

scholarly journals A Comprehensive Analysis and Solution of Cyber Attacks using Machine Learning Techniques

2020 ◽  
Vol 8 (12s3) ◽  
pp. 70-74
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Computer Network ◽  
Modern Society ◽  
Cyber Attacks ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
Detection Systems ◽  
Human Skills

Cyber security is a major problem of modern society so that Vulnerabilities of computer Network is become easy with the help of technologies and human skills. Now day’s difference type of attacks occurred for example DOS attack, Probing, R2U, R2L virus, port scans, buffer overflow, CGI Attack and flooding etc. We need a platform where a system can be developed for recognition and prevention of these attacks. In This paper, most of the latest methods are summarised to implement IDS for cyber security. Intrusion Detection Systems is a most suitable solution for cyber attacks. Machine learning based Intrusion Detection Systems have high accuracy, in rapidly changing environment. This paper discusses which type of ML techniques has low accuracy, so it explore some research area for researcher.

scholarly journals Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT

2021 ◽  
Vol 1 (2) ◽  
pp. 252-273
Author(s):  
Pavlos Papadopoulos ◽  
Oliver Thornewill von Essen ◽  
Nikolaos Pitropakis ◽  
Christos Chrysoulas ◽  
Alexios Mylonas ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Learning Models ◽  
Detection Systems ◽  
Network Intrusion ◽  
Robust Model ◽  
Significant Probability ◽  
Adversarial Examples ◽  
Attack Surface

As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defending approaches are no longer sufficient to detect both known and unknown attacks to high accuracy. Machine learning intrusion detection systems have proven their success in identifying unknown attacks with high precision. Nevertheless, machine learning models are also vulnerable to attacks. Adversarial examples can be used to evaluate the robustness of a designed model before it is deployed. Further, using adversarial examples is critical to creating a robust model designed for an adversarial environment. Our work evaluates both traditional machine learning and deep learning models’ robustness using the Bot-IoT dataset. Our methodology included two main approaches. First, label poisoning, used to cause incorrect classification by the model. Second, the fast gradient sign method, used to evade detection measures. The experiments demonstrated that an attacker could manipulate or circumvent detection with significant probability.

Sign in / Sign up

Export Citation Format

Share Document