DS-kNN

2021 ◽  
Vol 15 (2) ◽  
pp. 131-144
Author(s):  
Redha Taguelmimt ◽  
Rachid Beghdad
Keyword(s):  
Intrusion Detection ◽  
False Positive ◽  
Detection Rate ◽  
Nearest Neighbors ◽  
The Other ◽  
Intrusion Detection Systems ◽  
K Nearest Neighbors ◽  
Detection Systems ◽  
Knn Classifier ◽  
Better Than

On one hand, there are many proposed intrusion detection systems (IDSs) in the literature. On the other hand, many studies try to deduce the important features that can best detect attacks. This paper presents a new and an easy-to-implement approach to intrusion detection, named distance sum-based k-nearest neighbors (DS-kNN), which is an improved version of k-NN classifier. Given a data sample to classify, DS-kNN computes the distance sum of the k-nearest neighbors of the data sample in each of the possible classes of the dataset. Then, the data sample is assigned to the class having the smallest sum. The experimental results show that the DS-kNN classifier performs better than the original k-NN algorithm in terms of accuracy, detection rate, false positive, and attacks classification. The authors mainly compare DS-kNN to CANN, but also to SVM, S-NDAE, and DBN. The obtained results also show that the approach is very competitive.

scholarly journals Security of Things Intrusion Detection System for Smart Healthcare

Electronics ◽  
2021 ◽  
Vol 10 (12) ◽  
pp. 1375
Author(s):  
Celestine Iwendi ◽  
Joseph Henry Anajemba ◽  
Cresantus Biamba ◽  
Desire Ngabo
Keyword(s):  
Genetic Algorithm ◽  
Intrusion Detection ◽  
False Alarm ◽  
False Alarm Rate ◽  
Detection Rate ◽  
Web Security ◽  
Intrusion Detection Systems ◽  
High Detection Rate ◽  
Detection Systems ◽  
Smart Healthcare

Web security plays a very crucial role in the Security of Things (SoT) paradigm for smart healthcare and will continue to be impactful in medical infrastructures in the near future. This paper addressed a key component of security-intrusion detection systems due to the number of web security attacks, which have increased dramatically in recent years in healthcare, as well as the privacy issues. Various intrusion-detection systems have been proposed in different works to detect cyber threats in smart healthcare and to identify network-based attacks and privacy violations. This study was carried out as a result of the limitations of the intrusion detection systems in responding to attacks and challenges and in implementing privacy control and attacks in the smart healthcare industry. The research proposed a machine learning support system that combined a Random Forest (RF) and a genetic algorithm: a feature optimization method that built new intrusion detection systems with a high detection rate and a more accurate false alarm rate. To optimize the functionality of our approach, a weighted genetic algorithm and RF were combined to generate the best subset of functionality that achieved a high detection rate and a low false alarm rate. This study used the NSL-KDD dataset to simultaneously classify RF, Naive Bayes (NB) and logistic regression classifiers for machine learning. The results confirmed the importance of optimizing functionality, which gave better results in terms of the false alarm rate, precision, detection rate, recall and F1 metrics. The combination of our genetic algorithm and RF models achieved a detection rate of 98.81% and a false alarm rate of 0.8%. This research raised awareness of privacy and authentication in the smart healthcare domain, wireless communications and privacy control and developed the necessary intelligent and efficient web system. Furthermore, the proposed algorithm was applied to examine the F1-score and precisionperformance as compared to the NSL-KDD and CSE-CIC-IDS2018 datasets using different scaling factors. The results showed that the proposed GA was greatly optimized, for which the average precision was optimized by 5.65% and the average F1-score by 8.2%.

scholarly journals The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems

Sensors ◽  
2020 ◽  
Vol 20 (9) ◽  
pp. 2559 ◽  
Author(s):  
Celestine Iwendi ◽  
Suleman Khan ◽  
Joseph Henry Anajemba ◽  
Mohit Mittal ◽  
Mamdouh Alenezi ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
False Alarm ◽  
False Alarm Rate ◽  
Detection Rate ◽  
Detection System ◽  
Denial Of Service ◽  
Intrusion Detection Systems ◽  
Ensemble Models ◽  
Detection Systems

The pursuit to spot abnormal behaviors in and out of a network system is what led to a system known as intrusion detection systems for soft computing besides many researchers have applied machine learning around this area. Obviously, a single classifier alone in the classifications seems impossible to control network intruders. This limitation is what led us to perform dimensionality reduction by means of correlation-based feature selection approach (CFS approach) in addition to a refined ensemble model. The paper aims to improve the Intrusion Detection System (IDS) by proposing a CFS + Ensemble Classifiers (Bagging and Adaboost) which has high accuracy, high packet detection rate, and low false alarm rate. Machine Learning Ensemble Models with base classifiers (J48, Random Forest, and Reptree) were built. Binary classification, as well as Multiclass classification for KDD99 and NSLKDD datasets, was done while all the attacks were named as an anomaly and normal traffic. Class labels consisted of five major attacks, namely Denial of Service (DoS), Probe, User-to-Root (U2R), Root to Local attacks (R2L), and Normal class attacks. Results from the experiment showed that our proposed model produces 0 false alarm rate (FAR) and 99.90% detection rate (DR) for the KDD99 dataset, and 0.5% FAR and 98.60% DR for NSLKDD dataset when working with 6 and 13 selected features.

scholarly journals Security Enrichment in Intrusion Detection System Using Classifier Ensemble

2017 ◽  
Vol 2017 ◽  
pp. 1-6 ◽  
Author(s):  
Uma R. Salunkhe ◽  
Suresh N. Mali
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Detection System ◽  
Hybrid Approach ◽  
Classifier Ensemble ◽  
Intrusion Detection Systems ◽  
Detection Rates ◽  
Detection Systems

In the era of Internet and with increasing number of people as its end users, a large number of attack categories are introduced daily. Hence, effective detection of various attacks with the help of Intrusion Detection Systems is an emerging trend in research these days. Existing studies show effectiveness of machine learning approaches in handling Intrusion Detection Systems. In this work, we aim to enhance detection rate of Intrusion Detection System by using machine learning technique. We propose a novel classifier ensemble based IDS that is constructed using hybrid approach which combines data level and feature level approach. Classifier ensembles combine the opinions of different experts and improve the intrusion detection rate. Experimental results show the improved detection rates of our system compared to reference technique.

scholarly journals Data Mining based Intrusion Detection in Wireless Sensor Network

2019 ◽  
Vol 8 (2) ◽  
pp. 2612-2616
Keyword(s):  
Wireless Sensor Network ◽  
Intrusion Detection ◽  
Sensor Network ◽  
Intrusion Detection Systems ◽  
Wireless Sensor ◽  
Defense System ◽  
Network Resources ◽  
Detection Systems ◽  
The One ◽  
Better Than

Intrusion detection is the one of the challenging task in wireless sensor network and prevents the system and network resources from being intrude or compromised. One of the ongoing strategies for recognizing any anomalous activities presented in a network is done by intrusion detection systems (IDS) and it becomes an essential part of defense system against attacker problems. The primary goal of our work is to study and analyze intrusion detection technique meant for improving the performance of Intrusion Detection using hybrid ANN based Clustering technique. To estimate the effectiveness of the proposed strategy, KDD CUP 99 dataset is utilized for testing and assessment. Based on the analysis, it is noticed that the proposed ANN clustering performs much better than other methods with respect to accuracy which attains an average high accuracy of 93.91%when compared with other methods.

scholarly journals On the Detection Capabilities of Signature-Based Intrusion Detection Systems in the Context of Web Attacks

2022 ◽  
Vol 12 (2) ◽  
pp. 852
Author(s):  
Jesús Díaz-Verdejo ◽  
Javier Muñoz-Calle ◽  
Antonio Estepa Alonso ◽  
Rafael Estepa Alonso ◽  
Germán Madinabeitia
Keyword(s):  
Intrusion Detection ◽  
False Alarm ◽  
False Alarm Rate ◽  
Detection Rate ◽  
Real Life ◽  
Intrusion Detection Systems ◽  
Operational Environment ◽  
Detection Systems ◽  
Web Attacks ◽  
Trade Offs

Signature-based Intrusion Detection Systems (SIDS) play a crucial role within the arsenal of security components of most organizations. They can find traces of known attacks in the network traffic or host events for which patterns or signatures have been pre-established. SIDS include standard packages of detection rulesets, but only those rules suited to the operational environment should be activated for optimal performance. However, some organizations might skip this tuning process and instead activate default off-the-shelf rulesets without understanding its implications and trade-offs. In this work, we help gain insight into the consequences of using predefined rulesets in the performance of SIDS. We experimentally explore the performance of three SIDS in the context of web attacks. In particular, we gauge the detection rate obtained with predefined subsets of rules for Snort, ModSecurity and Nemesida using seven attack datasets. We also determine the precision and rate of alert generated by each detector in a real-life case using a large trace from a public webserver. Results show that the maximum detection rate achieved by the SIDS under test is insufficient to protect systems effectively and is lower than expected for known attacks. Our results also indicate that the choice of predefined settings activated on each detector strongly influences its detection capability and false alarm rate. Snort and ModSecurity scored either a very poor detection rate (activating the less-sensitive predefined ruleset) or a very poor precision (activating the full ruleset). We also found that using various SIDS for a cooperative decision can improve the precision or the detection rate, but not both. Consequently, it is necessary to reflect upon the role of these open-source SIDS with default configurations as core elements for protection in the context of web attacks. Finally, we provide an efficient method for systematically determining which rules deactivate from a ruleset to significantly reduce the false alarm rate for a target operational environment. We tested our approach using Snort’s ruleset in our real-life trace, increasing the precision from 0.015 to 1 in less than 16 h of work.

Efficient String Matching Algorithm for Searching Large DNA and Binary Texts

2020 ◽  
pp. 298-324
Author(s):  
Abdulrakeeb M. Al-Ssulami ◽  
Hassan I. Mathkour ◽  
Mohammed Amer Arafah
Keyword(s):  
Intrusion Detection ◽  
Hybrid Algorithm ◽  
Binary Data ◽  
String Matching ◽  
The Other ◽  
Intrusion Detection Systems ◽  
Average Case ◽  
Matching Algorithm ◽  
Detection Systems ◽  
Maximal Shift

The exact string matching is essential in application areas such as Bioinformatics and Intrusion Detection Systems. Speeding-up the string matching algorithm will therefore result in accelerating the searching process in DNA and binary data. Previously, there are two types of fast algorithms exist, bit-parallel based algorithms and hashing algorithms. The bit-parallel based are efficient when dealing with patterns of short lengths, less than 64, but slow on long patterns. On the other hand, hashing algorithms have optimal sublinear average case on large alphabets and long patterns, but the efficiency not so good on small alphabet such as DNA and binary texts. In this paper, the authors present hybrid algorithm to overcome the shortcomings of those previous algorithms. The proposed algorithm is based on q-gram hashing with guaranteeing the maximal shift in advance. Experimental results on random and complete human genome confirm that the proposed algorithm is efficient on various pattern lengths and small alphabet.

Hybrid Intrusion Detection System Security Enrichment Using Classifier Ensemble

2020 ◽  
Vol 17 (1) ◽  
pp. 434-438
Author(s):  
D. Karthikeyan ◽  
V. Mohanraj ◽  
Y. Suresh ◽  
J. Senthilkumar
Keyword(s):  
Data Mining ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection Rate ◽  
Detection System ◽  
Classifier Ensemble ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Malicious Activity ◽  
Using Data

Intrusion Detection Systems (IDS) is a software or device used to monitor a system or network for malicious activity. Thus, effective intrusion detection of different attacks. Existing methods of studies prove value of data mining methods in Intrusion Detection Systems (IDS). We focus on improving intrusion detection rate of IDS using Data Mining techniques. We implements a new classifier ensemble based intrusion detection systems (CEBIDS) using hybird detection approaches. CEBIDS combines feature level and data level techniques in WEKA tool with KDD cup’99 dataset enhances detection rate in significant manner.

Efficient String Matching Algorithm for Searching Large DNA and Binary Texts

2017 ◽  
Vol 13 (4) ◽  
pp. 198-220
Author(s):  
Abdulrakeeb M. Al-Ssulami ◽  
Hassan Mathkour ◽  
Mohammed Amer Arafah
Keyword(s):  
Intrusion Detection ◽  
Hybrid Algorithm ◽  
Binary Data ◽  
String Matching ◽  
The Other ◽  
Intrusion Detection Systems ◽  
Average Case ◽  
Matching Algorithm ◽  
Detection Systems ◽  
Maximal Shift

The exact string matching is essential in application areas such as Bioinformatics and Intrusion Detection Systems. Speeding-up the string matching algorithm will therefore result in accelerating the searching process in DNA and binary data. Previously, there are two types of fast algorithms exist, bit-parallel based algorithms and hashing algorithms. The bit-parallel based are efficient when dealing with patterns of short lengths, less than 64, but slow on long patterns. On the other hand, hashing algorithms have optimal sublinear average case on large alphabets and long patterns, but the efficiency not so good on small alphabet such as DNA and binary texts. In this paper, the authors present hybrid algorithm to overcome the shortcomings of those previous algorithms. The proposed algorithm is based on q-gram hashing with guaranteeing the maximal shift in advance. Experimental results on random and complete human genome confirm that the proposed algorithm is efficient on various pattern lengths and small alphabet.

Sign in / Sign up

Export Citation Format

Share Document