A Study on Supervised Machine Learning Technique to Detect Anomalies in Networks

2021 ◽  
pp. 209-230
Author(s):  
Keshav Sinha
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Detection System ◽  
Supervised Machine Learning ◽  
The Internet ◽  
Machine Learning Technique ◽  
Network Intrusion ◽  
Learning Technique ◽  
Enormous Amount ◽  
Static Checking

During this time, COVID-19 has affected the lifestyles of many individuals; in the meantime, an enormous amount of users are connected with the internet. This will also increase the chance of network intrusion due to congestion and overloading of the server. So, to cope with this problem, the authors proposed an automated intrusion detection system (IDS) which helps in monitoring the traffic and service request. The model is used to identify the illegal access and counterparts with static checking capabilities of the firewall. The classical KDDCup 99 dataset is used for training and testing purposes.

scholarly journals Intrusion detection in internet of things using supervised machine learning based on application and transport layer features using UNSW-NB15 data-set

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Muhammad Ahmad ◽  
Qaiser Riaz ◽  
Muhammad Zeeshan ◽  
Hasan Tahir ◽  
Syed Ali Haider ◽  
...  
Keyword(s):  
Machine Learning ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Detection System ◽  
Transport Layer ◽  
Supervised Machine Learning ◽  
Support Vector ◽  
Data Set ◽  
Network Intrusion ◽  
Iot Devices

AbstractInternet of Things (IoT) devices are well-connected; they generate and consume data which involves transmission of data back and forth among various devices. Ensuring security of the data is a critical challenge as far as IoT is concerned. Since IoT devices are inherently low-power and do not require a lot of compute power, a Network Intrusion Detection System is typically employed to detect and remove malicious packets from entering the network. In the same context, we propose feature clusters in terms of Flow, Message Queuing Telemetry Transport (MQTT) and Transmission Control Protocol (TCP) by using features in UNSW-NB15 data-set. We eliminate problems like over-fitting, curse of dimensionality and imbalance in the data-set. We apply supervised Machine Learning (ML) algorithms, i.e., Random Forest (RF), Support Vector Machine and Artificial Neural Networks on the clusters. Using RF, we, respectively, achieve 98.67% and 97.37% of accuracy in binary and multi-class classification. In clusters based techniques, we achieved 96.96%, 91.4% and 97.54% of classification accuracy by using RF on Flow & MQTT features, TCP features and top features from both clusters. Moreover, we show that the proposed feature clusters provide higher accuracy and requires lesser training time as compared to other state-of-the-art supervised ML-based approaches.

scholarly journals A hybrid machine learning method for increasing the performance of network intrusion detection systems

2021 ◽  
Vol 8 (1) ◽  
Author(s):  
Achmad Akbar Megantara ◽  
Tohari Ahmad
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
The Internet ◽  
Public Facility ◽  
Machine Learning Method ◽  
Learning Method ◽  
Network Intrusion ◽  
Hybrid Machine

AbstractThe internet has grown enormously for many years. It is not just connecting computer networks but also a group of devices worldwide involving big data. The internet provides an opportunity to make various innovations for any sector, such as education, health, public facility, financial technology, and digital commerce. Despite its advantages, the internet may contain dangerous activities and cyber-attacks that may happen to anyone connected through the internet. To detect any cyber-attack intrudes on the network system, an intrusion detection system (IDS) is applied, which can identify those incoming attacks. The intrusion detection system works in two mechanisms: signature-based detection and anomaly-based detection. In anomaly-based detection, the quality of the machine learning model obtained is influenced by the data training process. The biggest challenge of machine learning methods is how to build an appropriate model to represent the dataset. This research proposes a hybrid machine learning method by combining the feature selection method, representing the supervised learning and data reduction method as the unsupervised learning to build an appropriate model. It works by selecting relevant and significant features using feature importance decision tree-based method with recursive feature elimination and detecting anomaly/outlier data using the Local Outlier Factor (LOF) method. The experimental results show that the proposed method achieves the highest accuracy in detecting R2L (i.e., 99.89%) and keeps higher for other attack types than most other research in the NSL-KDD dataset. Therefore, it has a more stable performance than the others. More challenges are experienced in the UNSW-NB15 dataset with binary classes.

scholarly journals A Framework for Generating Evasion Attacks for Machine Learning based Network Intrusion Detection Systems

2021 ◽  
Author(s):  
Raymond Mogg ◽  
Simon Enoch ◽  
Dong Seong Kim
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Detection System ◽  
Vital Role ◽  
Cyber Attacks ◽  
Algorithm Performance ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems ◽  
Learning Technique

<p>Intrusion Detection System (IDS) plays a vital role in detecting anomalies and cyber-attacks in networked systems. However, sophisticated attackers can manipulate the IDS’ attacks samples to evade possible detection. In this paper, we present a network-based IDS and investigate the viability of generating interpretable evasion attacks against the IDS through the application of a machine learning technique and an evolutionary algorithm. We employ a genetic algorithm to generate optimal attack features for certain attack categories, which are evaluated against a decision tree-based IDS in terms of their fitness measurements. To demonstrate the feasibility of our approach, we perform experiments based on the NSL-KDD dataset and analyze the algorithm performance. </p> <p> </p>

scholarly journals A Framework for Generating Evasion Attacks for Machine Learning based Network Intrusion Detection Systems

2021 ◽  
Author(s):  
Raymond Mogg ◽  
Simon Enoch ◽  
Dong Seong Kim
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Detection System ◽  
Vital Role ◽  
Cyber Attacks ◽  
Algorithm Performance ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems ◽  
Learning Technique

<p>Intrusion Detection System (IDS) plays a vital role in detecting anomalies and cyber-attacks in networked systems. However, sophisticated attackers can manipulate the IDS’ attacks samples to evade possible detection. In this paper, we present a network-based IDS and investigate the viability of generating interpretable evasion attacks against the IDS through the application of a machine learning technique and an evolutionary algorithm. We employ a genetic algorithm to generate optimal attack features for certain attack categories, which are evaluated against a decision tree-based IDS in terms of their fitness measurements. To demonstrate the feasibility of our approach, we perform experiments based on the NSL-KDD dataset and analyze the algorithm performance. </p> <p> </p>

scholarly journals Intrusion Detection System using Machine Learning

2020 ◽  
pp. 61-71
Author(s):  
Jayesh Zala ◽  
Aditya Panchal ◽  
Advait Thakkar ◽  
Bhagirath Prajapati ◽  
Priyanka Puvar
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Technique ◽  
Software Application ◽  
Malicious Activity ◽  
The Past ◽  
Learning Technique

Intrusion Detection System (IDS) is a tool, or software application, that monitors network or system activity and detects malicious activity occurring. The protected evolution of the network must incorporate new threats and related approaches to avoid these threats. The key role of the IDS is to secure resources against the attacks. Several approaches, methods and algorithms of the intrusion detection help to detect a plethora of attacks. The main objective of this paper is to provide a complete system to detect intruding attacks using the Machine Learning technique which identifies the unknown attacks using the past information gained from the known attacks. The paper explains preprocessing techniques, model comparisons for training as well as testing, and evaluation technique.

scholarly journals Flow Based Intrusion Detection System for Software Defined Networking using Hybrid Machine Learning Technique

2019 ◽  
Vol 9 (2S2) ◽  
pp. 1026-1033
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Software Defined Networking ◽  
Machine Learning Technique ◽  
Security Issues ◽  
Learning Technique ◽  
Flow Information ◽  
Hybrid Machine

Software Defined Networking and OpenFlow protocol have been recently emerged as dynamic and promising framework for future networks. Even though, programmable features and logically centralized controller leads to large number of security issues. To address the security problems, we have to impose Intrusion Detection System module to continuously keep track of the network traffic and to detect the malicious activities in the SDN environment. In this paper, we have implemented flow-based IDS with the help of hybrid machine learning technique. By collecting the flow information from the controller, we classify the traffic, extract the essential features and classify the attack using machine learning based classifier module. For classifier, we have developed hybrid machine learning model with the help of Modified K-Means and C4.5 algorithm. Our proposed work is compared with single machine learning classifier and our experimental results show that, proposed work can classify the normal and attack instances with accuracy of 97.66%.

Sign in / Sign up

Export Citation Format

Share Document