A Hybrid NIDS Model Using Artificial Neural Network and D-S Evidence

2016 ◽  
Vol 8 (1) ◽  
pp. 37-50 ◽  
Author(s):  
Chunlin Lu ◽  
Yue Li ◽  
Mingjie Ma ◽  
Na Li
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Bp Neural Network ◽  
False Positive Rate ◽  
Experimental Simulation ◽  
Detection Methods ◽  
General Process ◽  
Training Time ◽  
Network Intrusion ◽  
Artificial Neural

Artificial Neural Networks (ANNs), especially back-propagation (BP) neural network, can improve the performance of intrusion detection systems. However, for the current network intrusion detection methods, the detection precision, especially for low-frequent attacks, detection stability and training time are still needed to be enhanced. In this paper, a new model which based on optimized BP neural network and Dempster-Shafer theory to solve the above problems and help NIDS to achieve higher detection rate, less false positive rate and stronger stability. The general process of the authors' model is as follows: firstly dividing the main extracted feature into several different feature subsets. Then, based on different feature subsets, different ANN models are trained to build the detection engine. Finally, the D-S evidence theory is employed to integration these results, and obtain the final result. The effectiveness of this method is verified by experimental simulation utilizing KDD Cup1999 dataset.

A Hybrid NIDS Model Using Artificial Neural Network and D-S Evidence

2020 ◽  
pp. 477-488
Author(s):  
Chunlin Lu ◽  
Yue Li ◽  
Mingjie Ma ◽  
Na Li
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Bp Neural Network ◽  
False Positive Rate ◽  
Detection Methods ◽  
Training Time ◽  
Dempster Shafer Theory ◽  
Positive Rate ◽  
Artificial Neural ◽  
Shafer Theory

Artificial Neural Networks (ANNs), especially back-propagation (BP) neural network, can improve the performance of intrusion detection systems. However, for the current network intrusion detection methods, the detection precision, especially for low-frequent attacks, detection stability and training time are still needed to be enhanced. In this paper, a new model which based on optimized BP neural network and Dempster-Shafer theory to solve the above problems and help NIDS to achieve higher detection rate, less false positive rate and stronger stability. The general process of the authors' model is as follows: firstly dividing the main extracted feature into several different feature subsets. Then, based on different feature subsets, different ANN models are trained to build the detection engine. Finally, the D-S evidence theory is employed to integration these results, and obtain the final result. The effectiveness of this method is verified by experimental simulation utilizing KDD Cup1999 dataset.

The Application of Improved Genetic Neural Network in IDS for Material Detecting

2011 ◽  
Vol 321 ◽  
pp. 213-217
Author(s):  
Qing Yu ◽  
Jin Lin Wang ◽  
Xiao Chen Sui
Keyword(s):  
Neural Network ◽  
Genetic Algorithm ◽  
Intrusion Detection ◽  
Network Model ◽  
Bp Neural Network ◽  
Error Function ◽  
Detection Algorithm ◽  
Test Time ◽  
Training Time ◽  
Network Intrusion

The basic idea of twice genetic algorithm optimization of BP neural network model(TGB)is rough selection network model using genetic algorithm, then use BP neural network to determine the parameters which can make the error function obtained the minimum and determine its position in the parameter space, then the genetic algorithm again to solve the problem of possible local minima.Feature selection is a new formulation of dimension reduction methods. It can simplify the size of neural network and improve real-time and the accuracy of the system.The simulation results TGB-based network intrusion detection algorithm improve intrusion detection rate of samples in different degrees. It can reduce significantly training time and test time. It further demonstrates the effectiveness and feasibility of this method. The study is very useful to detect materials. So from the analysis, you can learn some skills for materials detecting.

scholarly journals CBAM: A Contextual Model for Network Anomaly Detection

Computers ◽  
2021 ◽  
Vol 10 (6) ◽  
pp. 79
Author(s):  
Henry Clausen ◽  
Gudmund Grov ◽  
David Aspinall
Keyword(s):  
Intrusion Detection ◽  
Network Flows ◽  
Concept Drift ◽  
False Positive Rate ◽  
Real Life ◽  
Remote Access ◽  
Detection Methods ◽  
Short Term ◽  
Deep Model ◽  
Network Intrusion

Anomaly-based intrusion detection methods aim to combat the increasing rate of zero-day attacks, however, their success is currently restricted to the detection of high-volume attacks using aggregated traffic features. Recent evaluations show that the current anomaly-based network intrusion detection methods fail to reliably detect remote access attacks. These are smaller in volume and often only stand out when compared to their surroundings. Currently, anomaly methods try to detect access attack events mainly as point anomalies and neglect the context they appear in. We present and examine a contextual bidirectional anomaly model (CBAM) based on deep LSTM-networks that is specifically designed to detect such attacks as contextual network anomalies. The model efficiently learns short-term sequential patterns in network flows as conditional event probabilities. Access attacks frequently break these patterns when exploiting vulnerabilities, and can thus be detected as contextual anomalies. We evaluated CBAM on an assembly of three datasets that provide both representative network access attacks, real-life traffic over a long timespan, and traffic from a real-world red-team attack. We contend that this assembly is closer to a potential deployment environment than current NIDS benchmark datasets. We show that, by building a deep model, we are able to reduce the false positive rate to 0.16% while effectively detecting six out of seven access attacks, which is significantly lower than the operational range of other methods. We further demonstrate that short-term flow structures remain stable over long periods of time, making the CBAM robust against concept drift.

The Application of BP Neural Network in Network Intrusion Detection

2013 ◽  
Vol 765-767 ◽  
pp. 1415-1418 ◽  
Author(s):  
Ya Fang Lou ◽  
Zhi Jun Yuan ◽  
Hao Wu
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Bp Neural Network ◽  
Practical Significance ◽  
Network Intrusion Detection ◽  
Critical Problem ◽  
Detection Model ◽  
Detection Systems ◽  
Network Intrusion ◽  
Detection Technology

As the network is impacting enormously to all aspects of society, the network security becomes a critical problem. The traditional intrusion detection technology exists some disadvantages: the imperfection of architecture, the slow detecting of system, the vulnerable of itself architecture, and so on. This paper presents an intrusion detection model based on BP neural network which has the incomparable advantages against traditional intrusion detection systems. Therefore, the study of this subject possesses the practical significance.

scholarly journals Classification of Intrusion using Artificial Neural Network with GWO

2020 ◽  
Vol 9 (4) ◽  
pp. 599-606
Keyword(s):  
Neural Network ◽  
Artificial Neural Network ◽  
Intrusion Detection ◽  
Detection System ◽  
Denial Of Service ◽  
Data Set ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems ◽  
Artificial Neural

In the present milieu of connected world, where security is the major concern, Intrusion Detection System is the prominent area of research to deal with various types of attacks in network. Intrusion detection systems (IDS) finds the dynamic and malicious traffic of network, in accordance to the aspect of network. Various form of IDS has been developed working on distinctive approaches. One popular approach is machine learning in which various algorithms like ANN, SVM etc. have been used. But the most prominent method used is ANN. The performance of the ANN can significantly be improved by combining it with different metaheuristic algorithms. In present work, GWO is used to optimize ANN. For this KDD-99 data-set is used to classify various types of attacks i.e. denial of service (DOS), normal and other form of attack. The present paper provides detailed analysis of the performance of Artificial Neural Network and optimized Artificial Neural Network with GA, PSO and GWO. The research shows that ANN with GWO outperform as compared to others (ANN, ANN with PSO and ANN with GA).

Sign in / Sign up

Export Citation Format

Share Document