A Hybrid NIDS Model Using Artificial Neural Network and D-S Evidence

2020 ◽  
pp. 477-488
Author(s):  
Chunlin Lu ◽  
Yue Li ◽  
Mingjie Ma ◽  
Na Li
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Bp Neural Network ◽  
False Positive Rate ◽  
Detection Methods ◽  
Training Time ◽  
Dempster Shafer Theory ◽  
Positive Rate ◽  
Artificial Neural ◽  
Shafer Theory

Artificial Neural Networks (ANNs), especially back-propagation (BP) neural network, can improve the performance of intrusion detection systems. However, for the current network intrusion detection methods, the detection precision, especially for low-frequent attacks, detection stability and training time are still needed to be enhanced. In this paper, a new model which based on optimized BP neural network and Dempster-Shafer theory to solve the above problems and help NIDS to achieve higher detection rate, less false positive rate and stronger stability. The general process of the authors' model is as follows: firstly dividing the main extracted feature into several different feature subsets. Then, based on different feature subsets, different ANN models are trained to build the detection engine. Finally, the D-S evidence theory is employed to integration these results, and obtain the final result. The effectiveness of this method is verified by experimental simulation utilizing KDD Cup1999 dataset.

A Hybrid NIDS Model Using Artificial Neural Network and D-S Evidence

2016 ◽  
Vol 8 (1) ◽  
pp. 37-50 ◽  
Author(s):  
Chunlin Lu ◽  
Yue Li ◽  
Mingjie Ma ◽  
Na Li
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Bp Neural Network ◽  
False Positive Rate ◽  
Experimental Simulation ◽  
Detection Methods ◽  
General Process ◽  
Training Time ◽  
Network Intrusion ◽  
Artificial Neural

Artificial Neural Networks (ANNs), especially back-propagation (BP) neural network, can improve the performance of intrusion detection systems. However, for the current network intrusion detection methods, the detection precision, especially for low-frequent attacks, detection stability and training time are still needed to be enhanced. In this paper, a new model which based on optimized BP neural network and Dempster-Shafer theory to solve the above problems and help NIDS to achieve higher detection rate, less false positive rate and stronger stability. The general process of the authors' model is as follows: firstly dividing the main extracted feature into several different feature subsets. Then, based on different feature subsets, different ANN models are trained to build the detection engine. Finally, the D-S evidence theory is employed to integration these results, and obtain the final result. The effectiveness of this method is verified by experimental simulation utilizing KDD Cup1999 dataset.

A Novel Hybrid LE and SVM with CV in Intrusion Detection

2014 ◽  
Vol 644-650 ◽  
pp. 2572-2576
Author(s):  
Qing Liu ◽  
Yun Kai Zhang ◽  
Qing Ru Li
Keyword(s):  
Intrusion Detection ◽  
False Positive Rate ◽  
Likelihood Estimation ◽  
Support Vector ◽  
Training Time ◽  
Detection Algorithms ◽  
Lower False Positive Rate ◽  
Proposed Model ◽  
Positive Rate ◽  
Rbf Kernel

A support vector machine (SVM) model combined Laplacian Eigenmaps (LE) with Cross Validation (CV) is proposed for intrusion detection. In the proposed model, a classifier is adopted to estimate whether an action is an attack or not. Maximum Likelihood Estimation (MLE) is used to estimate the intrinsic dimensions, and LE is used as a preprocessor of SVM to reduce the dimensions of feature vectors then training time is shortened. In order to improve the performance of SVM, CV is used to optimize the parameters of SVM in RBF kernel function. Compared with other detection algorithms, the experimental results show that the proposed model has the advantages: shorter training time, higher accuracy rate and lower false positive rate.

The Application of Improved Genetic Neural Network in IDS for Material Detecting

2011 ◽  
Vol 321 ◽  
pp. 213-217
Author(s):  
Qing Yu ◽  
Jin Lin Wang ◽  
Xiao Chen Sui
Keyword(s):  
Neural Network ◽  
Genetic Algorithm ◽  
Intrusion Detection ◽  
Network Model ◽  
Bp Neural Network ◽  
Error Function ◽  
Detection Algorithm ◽  
Test Time ◽  
Training Time ◽  
Network Intrusion

The basic idea of twice genetic algorithm optimization of BP neural network model(TGB)is rough selection network model using genetic algorithm, then use BP neural network to determine the parameters which can make the error function obtained the minimum and determine its position in the parameter space, then the genetic algorithm again to solve the problem of possible local minima.Feature selection is a new formulation of dimension reduction methods. It can simplify the size of neural network and improve real-time and the accuracy of the system.The simulation results TGB-based network intrusion detection algorithm improve intrusion detection rate of samples in different degrees. It can reduce significantly training time and test time. It further demonstrates the effectiveness and feasibility of this method. The study is very useful to detect materials. So from the analysis, you can learn some skills for materials detecting.

scholarly journals A Combination of Artificial Neural Network and Artificial Immune System for Virus Detection

2016 ◽  
Author(s):  
Mai Trong Khang ◽  
Vu Thanh Nguyen ◽  
Tuan Dinh Le
Keyword(s):  
Neural Network ◽  
Artificial Neural Network ◽  
False Positive Rate ◽  
Virus Detection ◽  
Malicious Code ◽  
Immune Network ◽  
Artificial Immune ◽  
Positive Rate ◽  
Artificial Neural ◽  
Artificial Neural Network Ann

In this paper, we propose an Artificial Neural Immune Network (ANIN) for virus detection. ANIN is a combination of Artificial Neural Network (ANN) and Artificial Immune Network (AiNet). In ANIN, each ANN is considered as a detector. A pool of initial detectors then undergoes a mature process, called AiNet, to improve its recognizing ability. Thus, more than one ANN objects can cooperate to detect malicious code. The experimental results show that ANIN can achieve a detection rate of 87.98% on average with an acceptable false positive rate.

DeepReturn: A deep neural network can learn how to detect previously-unseen ROP payloads without using any heuristics

2020 ◽  
Vol 28 (5) ◽  
pp. 499-523
Author(s):  
Xusheng Li ◽  
Zhisheng Hu ◽  
Haizhou Wang ◽  
Yiwei Fu ◽  
Ping Chen ◽  
...  
Keyword(s):  
Neural Network ◽  
Deep Neural Network ◽  
False Positive Rate ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Address Space ◽  
High Detection Rate ◽  
Positive Rate ◽  
In The Wild ◽  
Space Layout

Return-oriented programming (ROP) is a code reuse attack that chains short snippets of existing code to perform arbitrary operations on target machines. Existing detection methods against ROP exhibit unsatisfactory detection accuracy and/or have high runtime overhead. In this paper, we present DeepReturn, which innovatively combines address space layout guided disassembly and deep neural networks to detect ROP payloads. The disassembler treats application input data as code pointers and aims to find any potential gadget chains, which are then classified by a deep neural network as benign or malicious. Our experiments show that DeepReturn has high detection rate (99.3%) and a very low false positive rate (0.01%). DeepReturn successfully detects all of the 100 real-world ROP exploits that are collected in-the-wild, created manually or created by ROP exploit generation tools. DeepReturn is non-intrusive and does not incur any runtime overhead to the protected program.

scholarly journals The detection of lung cancer using massive artificial neural network based on soft tissue technique

2020 ◽  
Vol 20 (1) ◽  
Author(s):  
Kishore Rajagopalan ◽  
Suresh Babu
Keyword(s):  
Neural Network ◽  
Lung Cancer ◽  
Artificial Neural Network ◽  
Soft Tissue ◽  
False Positive ◽  
False Positive Rate ◽  
X Ray ◽  
Positive Rate ◽  
Image Set ◽  
Artificial Neural

Abstract Background A proposed computer aided detection (CAD) scheme faces major issues during subtle nodule recognition. However, radiologists have not noticed subtle nodules in beginning stage of lung cancer while a proposed CAD scheme recognizes non subtle nodules using x-ray images. Method Such an issue has been resolved by creating MANN (Massive Artificial Neural Network) based soft tissue technique from the lung segmented x-ray image. A soft tissue image recognizes nodule candidate for feature extortion and classification. X-ray images are downloaded using Japanese society of radiological technology (JSRT) image set. This image set includes 233 images (140 nodule x-ray images and 93 normal x-ray images). A mean size for a nodule is 17.8 mm and it is validated with computed tomography (CT) image. Thirty percent (42/140) abnormal represents subtle nodules and it is split into five stages (tremendously subtle, very subtle, subtle, observable, relatively observable) by radiologists. Result A proposed CAD scheme without soft tissue technique attained 66.42% (93/140) sensitivity and 66.76% accuracy having 2.5 false positives per image. Utilizing soft tissue technique, many nodules superimposed by ribs as well as clavicles have identified (sensitivity is 72.85% (102/140) and accuracy is 72.96% at one false positive rate). Conclusion In particular, a proposed CAD system determine sensitivity and accuracy in support of subtle nodules (sensitivity is 14/42 = 33.33% and accuracy is 33.66%) is statistically higher than CAD (sensitivity is 13/42 = 30.95% and accuracy is 30.97%) scheme without soft tissue technique. A proposed CAD scheme attained tremendously minimum false positive rate and it is a promising technique in support of cancerous recognition due to improved sensitivity and specificity.

Optimizing Error Rate in Intrusion Detection System Using Artificial Neural Network Algorithm

2018 ◽  
Vol 6 (9) ◽  
pp. 152
Author(s):  
S. Vijaya Rani ◽  
G. N. K. Suresh Babu
Keyword(s):  
Neural Network ◽  
Artificial Neural Network ◽  
Intrusion Detection ◽  
Error Rate ◽  
Learning Process ◽  
Nearest Neighbor ◽  
Detection System ◽  
Support Vector ◽  
K Nearest Neighbor ◽  
Artificial Neural

The illegal hackers  penetrate the servers and networks of corporate and financial institutions to gain money and extract vital information. The hacking varies from one computing system to many system. They gain access by sending malicious packets in the network through virus, worms, Trojan horses etc. The hackers scan a network through various tools and collect information of network and host. Hence it is very much essential to detect the attacks as they enter into a network. The methods  available for intrusion detection are Naive Bayes, Decision tree, Support Vector Machine, K-Nearest Neighbor, Artificial Neural Networks. A neural network consists of processing units in complex manner and able to store information and make it functional for use. It acts like human brain and takes knowledge from the environment through training and learning process. Many algorithms are available for learning process This work carry out research on analysis of malicious packets and predicting the error rate in detection of injured packets through artificial neural network algorithms.

Sign in / Sign up

Export Citation Format

Share Document