Intrusion Detection Using Machine Learning

2010 ◽  
pp. 70-107
Author(s):  
Mohammed M. Mazid ◽  
A. B.M. Shawkat Ali ◽  
Kevin S. Tickle
Keyword(s):  
Intrusion Detection ◽  
Medical Diagnosis ◽  
Computer Network ◽  
Model Identification ◽  
Intrusion Detection Systems ◽  
Network Technology ◽  
Rule Based ◽  
Detection Systems ◽  
Research Areas ◽  
Future Direction

Intrusion detection has received enormous attention from the beginning of computer network technology. It is the task of detecting attacks against a network and its resources. To detect and counteract any unauthorized activity, it is desirable for network and system administrators to monitor the activities in their network. Over the last few years a number of intrusion detection systems have been developed and are in use for commercial and academic institutes. But still there have some challenges to be solved. This chapter will provide the review, demonstration and future direction on intrusion detection. The authors’ emphasis on Intrusion Detection is various kinds of rule based techniques. The research aims are also to summarize the effectiveness and limitation of intrusion detection technologies in the medical diagnosis, control and model identification in engineering, decision making in marketing and finance, web and text mining, and some other research areas.

scholarly journals Neural networks in intrusion detection systems

2012 ◽  
Vol 50 (No. 1) ◽  
pp. 35-40 ◽  
Author(s):  
A. Veselý ◽  
D. Brechlerová
Keyword(s):  
Neural Networks ◽  
Intrusion Detection ◽  
System Structure ◽  
Intrusion Detection Systems ◽  
Network Technology ◽  
Promising Technique ◽  
Abnormal Behaviour ◽  
Rule Based ◽  
Detection Systems ◽  
Neural Network Technology

Security of an information system is its very important property, especially today, when computers are interconnected via internet. Because no system can be absolutely secure, the timely and accurate detection of intrusions is necessary. For this purpose, Intrusion Detection Systems (IDS) were designed. There are two basic models of IDS: misuse IDS and anomaly IDS. Misuse systems detect intrusions by looking for activity that corresponds to the known signatures of intrusions or vulnerabilities. Anomaly systems detect intrusions by searching for an abnormal system activity. Most IDS commercial tools are misuse systems with rule-based expert system structure. However, these techniques are less successful when attack characteristics vary from built-in signatures. Artificial neural networks offer the potential to resolve these problems. As far as anomaly systems are concerned, it is very difficult to build them, because it is difficult to define the normal and abnormal behaviour of a system. Also for building anomaly system, neural networks can be used, because they can learn to discriminate the normal and abnormal behaviour of a system from examples. Therefore, they offer a promising technique for building anomaly systems. This paper presents an overview of the applicability of neural networks in building intrusion systems and discusses advantages and drawbacks of neural network technology.

scholarly journals A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015

2016 ◽  
Author(s):  
Atilla Özgür ◽  
Hamit Erdem
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Citation Index ◽  
Academic Research ◽  
Intrusion Detection Systems ◽  
Classification Algorithms ◽  
Detection Systems ◽  
Research Areas ◽  
Software Toolbox ◽  
Wide Usage

Although KDD99 dataset is more than 15 years old, it is still widely used in academic research. To investigate wide usage of this dataset in Machine Learning Research (MLR) and Intrusion Detection Systems (IDS); this study reviews 149 research articles from 65 journals indexed in Science Citation In- dex Expanded and Emerging Sources Citation Index during the last six years (2010–2015). If we include papers presented in other indexes and conferences, number of studies would be tripled. The number of published studies shows that KDD99 is the most used dataset in IDS and machine learning areas, and it is the de facto dataset for these research areas. To show recent usage of KDD99 and the related sub-dataset (NSL-KDD) in IDS and MLR, the following de- scriptive statistics about the reviewed studies are given: main contribution of articles, the applied algorithms, compared classification algorithms, software toolbox usage, the size and type of the used dataset for training and test- ing, and classification output classes (binary, multi-class). In addition to these statistics, a checklist for future researchers that work in this area is provided.

scholarly journals INTRUSION RECOGNITION USING NEURAL NETWORKS

2014 ◽  
pp. 37-42
Author(s):  
Vladimir Golovko ◽  
Pavel Kochurko
Keyword(s):  
Neural Networks ◽  
Intrusion Detection ◽  
Multilayer Perceptron ◽  
Computer Network ◽  
Anomalous Behavior ◽  
Intrusion Detection Systems ◽  
Data Set ◽  
Detection Techniques ◽  
Behavior Detection ◽  
Detection Systems

Intrusion detection techniques are of great importance for computer network protecting because of increasing the number of remote attack using TCP/IP protocols. There exist a number of intrusion detection systems, which are based on different approaches for anomalous behavior detection. This paper focuses on applying neural networks for attack recognition. It is based on multilayer perceptron. The 1999 KDD Cup data set is used for training and testing neural networks. The results of experiments are discussed in the paper.

scholarly journals A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015

2016 ◽  
Author(s):  
Atilla Özgür ◽  
Hamit Erdem
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Citation Index ◽  
Academic Research ◽  
Intrusion Detection Systems ◽  
Classification Algorithms ◽  
Detection Systems ◽  
Research Areas ◽  
Software Toolbox ◽  
Wide Usage

Although KDD99 dataset is more than 15 years old, it is still widely used in academic research. To investigate wide usage of this dataset in Machine Learning Research (MLR) and Intrusion Detection Systems (IDS); this study reviews 149 research articles from 65 journals indexed in Science Citation In- dex Expanded and Emerging Sources Citation Index during the last six years (2010–2015). If we include papers presented in other indexes and conferences, number of studies would be tripled. The number of published studies shows that KDD99 is the most used dataset in IDS and machine learning areas, and it is the de facto dataset for these research areas. To show recent usage of KDD99 and the related sub-dataset (NSL-KDD) in IDS and MLR, the following de- scriptive statistics about the reviewed studies are given: main contribution of articles, the applied algorithms, compared classification algorithms, software toolbox usage, the size and type of the used dataset for training and test- ing, and classification output classes (binary, multi-class). In addition to these statistics, a checklist for future researchers that work in this area is provided.

Fuzzy Rule-Based Layered Classifier and Entropy-Based Feature Selection for Intrusion Detection System

2021 ◽  
pp. 289-309
Author(s):  
Devaraju Sellappan ◽  
Ramakrishnan Srinivasan
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Fuzzy Rule ◽  
Intrusion Detection Systems ◽  
Rule Based ◽  
Detection Systems ◽  
Positive Rate ◽  
Rule Based Classifier

Intrusion detection systems must detect the vulnerability consistently in a network and also perform efficiently with the huge amount of traffic. Intrusion detection systems must be capable of detecting emerging and proactive threats in the networks. Various classifiers are used to classify the threats as normal or intrusive by supervising the system activity. In this chapter, layered fuzzy rule-based classifier is proposed to detect the various intrusions, and fuzzy entropy-based feature selection is proposed to identify the relevant features. Layered fuzzy rule-based classifier is proposed to improve the performance of the intrusion detection system. KDD dataset contains various attacks; these attacks are grouped into four classes, namely Denial-of-Service (DoS), Probe, Remote-to-Local (R2L), and User-to-Root (U2R). Real-time dataset is also considered in this research. Experimental result shows that the proposed method provides good detection rate, minimizes the false positive rate, and less computational time.

scholarly journals Approaches for improving the performance of snort Intrusion Detection Systems

2012 ◽  
pp. 102-105
Author(s):  
V.P. Kshirsagar ◽  
S.S. Vishnu ◽  
S.M. Tidke
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
High Speed ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Dynamic Adjustment ◽  
Rule Based ◽  
Matching Algorithm ◽  
Detection Systems ◽  
Rule Based System

The process of monitoring the events occurring in a computer system or network and analyzing them for sign of intrusions is known as intrusion detection systems (IDS).In this paper the architecture of the snort which is an open source Intrusion detection system is explained. It is a rule based system hence the structure of the rule is also explained. But to match with the high speed of network traffic the performance of the SNORT need to be improved hence the various methods has been developed three of them are reviewed here which are Rules Matching Algorithm Based on Dynamic Adjustment, NAPI and LASSP.

Sign in / Sign up

Export Citation Format

Share Document