scholarly journals Research on Property and Model Optimization of Multiclass SVM for NIDS

2013 ◽  
Vol 347-350 ◽  
pp. 3696-3701 ◽  
Author(s):  
Jian Hao Song ◽  
Gang Zhao ◽  
Jun Yi Song
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
High Rate ◽  
Support Vector ◽  
False Negatives ◽  
Online Data ◽  
Detection Systems ◽  
Network Intrusion ◽  
Multiclass Svm

By investigating insufficiency of typical artificial intelligence algorithms aiming at the high rate of False-Positives and False-Negatives in the Intrusion Detection Systems (IDS), this paper presents an approach that Support Vector Machine (SVM) is embedded in Network Intrusion Detection System (NIDS). At the same time, by using online data and K-fold cross-validation method, this paper proposes a method to optimize the attributes and model of SVM respectively. Experimental results show that by using this method as the detection core of the intrusion detection system, the rate of False-Negatives in IDS can be reduced significantly.

scholarly journals THE LOAD BALANCING OF SELF-SIMILAR TRAFFIC IN NETWORK INTRUSION DETECTION SYSTEMS

2020 ◽  
Vol 3 (7) ◽  
pp. 17-30
Author(s):  
Tamara Radivilova ◽  
Lyudmyla Kirichenko ◽  
Maksym Tawalbeh ◽  
Petro Zinchenko ◽  
Vitalii Bulakh
Keyword(s):  
Load Balancing ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Deep Packet Inspection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Load Imbalance ◽  
Packet Inspection

The problem of load balancing in intrusion detection systems is considered in this paper. The analysis of existing problems of load balancing and modern methods of their solution are carried out. Types of intrusion detection systems and their description are given. A description of the intrusion detection system, its location, and the functioning of its elements in the computer system are provided. Comparative analysis of load balancing methods based on packet inspection and service time calculation is performed. An analysis of the causes of load imbalance in the intrusion detection system elements and the effects of load imbalance is also presented. A model of a network intrusion detection system based on packet signature analysis is presented. This paper describes the multifractal properties of traffic. Based on the analysis of intrusion detection systems, multifractal traffic properties and load balancing problem, the method of balancing is proposed, which is based on the funcsioning of the intrusion detection system elements and analysis of multifractal properties of incoming traffic. The proposed method takes into account the time of deep packet inspection required to compare a packet with signatures, which is calculated based on the calculation of the information flow multifractality degree. Load balancing rules are generated by the estimated average time of deep packet inspection and traffic multifractal parameters. This paper presents the simulation results of the proposed load balancing method compared to the standard method. It is shown that the load balancing method proposed in this paper provides for a uniform load distribution at the intrusion detection system elements. This allows for high speed and accuracy of intrusion detection with high-quality multifractal load balancing.

Application of Computational Intelligence in Network Intrusion Detection

2018 ◽  
pp. 153-174
Author(s):  
Heba F. Eid
Keyword(s):  
Intrusion Detection ◽  
Computational Intelligence ◽  
Intrusion Detection System ◽  
Detection System ◽  
Effective Area ◽  
Network Intrusion Detection ◽  
Support Vector ◽  
Network Intrusion ◽  
New Research ◽  
Operational Issues

Intrusion detection system plays an important role in network security. However, network intrusion detection (NID) suffers from several problems, such as false positives, operational issues in high dimensional data, and the difficulty of detecting unknown threats. Most of the problems with intrusion detection are caused by improper implementation of the network intrusion detection system (NIDS). Over the past few years, computational intelligence (CI) has become an effective area in extending research capabilities. Thus, NIDS based upon CI is currently attracting considerable interest from the research community. The scope of this review will encompass the concept of NID and presents the core methods of CI, including support vector machine, hidden naïve Bayes, particle swarm optimization, genetic algorithm, and fuzzy logic. The findings of this review should provide useful insights into the application of different CI methods for NIDS over the literature, allowing to clearly define existing research challenges and progress, and to highlight promising new research directions.

An Intelligent Network Intrusion Detection System Based on Multi-Modal Support Vector Machines

2013 ◽  
Vol 7 (4) ◽  
pp. 37-52
Author(s):  
Srinivasa K G
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Intelligent Network ◽  
Statistical Machine Learning ◽  
High Detection Rate ◽  
Network Intrusion

Increase in the number of network based transactions for both personal and professional use has made network security gain a significant and indispensable status. The possible attacks that an Intrusion Detection System (IDS) has to tackle can be of an existing type or of an entirely new type. The challenge for researchers is to develop an intelligent IDS which can detect new attacks as efficiently as they detect known ones. Intrusion Detection Systems are rendered intelligent by employing machine learning techniques. In this paper we present a statistical machine learning approach to the IDS using the Support Vector Machine (SVM). Unike conventional SVMs this paper describes a milti model approach which makes use of an extra layer over the existing SVM. The network traffic is modeled into connections based on protocols at various network layers. These connection statistics are given as input to SVM which in turn plots each input vector. The new attacks are identified by plotting them with respect to the trained system. The experimental results demonstrate the lower execution time of the proposed system with high detection rate and low false positive number. The 1999 DARPA IDS dataset is used as the evaluation dataset for both training and testing. The proposed system, SVM NIDS is bench marked with SNORT (Roesch, M. 1999), an open source IDS.

scholarly journals A Novel Intrusion Detection System for RPL Based IoT Networks with Bio-Inspired Feature Selection and Ensemble Classifier

2021 ◽  
Author(s):  
Jayaprakash Pokala ◽  
B. Lalitha
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Ensemble Classifier ◽  
Support Vector ◽  
Routing Attacks ◽  
Salp Swarm Algorithm ◽  
Network Intrusion ◽  
Swarm Algorithm

Abstract Internet of Things (IoT) is the powerful latest trend that allows communications and networking of many sources over the internet. Routing protocol for low power and lossy networks (RPL) based IoT networks may be exposed to many routing attacks due to resource-constrained and open nature of the IoT nodes. Hence, there is a need for network intrusion detection system (NIDS) to protect RPL based IoT networks from routing attacks. The existing techniques for anomaly-based NIDS (ANIDS) subjects to high false alarm rate (FAR). Therefore, a novel bio-inspired voting ensemble classifier with feature selection technique is proposed in this paper to improve the performance of ANIDS for RPL based IoT networks. The proposed voting ensemble classifier combines the results of various base classifiers such as logistic Regression, support vector machine, decision tree, bidirectional long short-term memory and K-nearest neighbor to detect the attacks accurately based on majority voting rule. The optimized weights of base classifiers are obtained by using the feature selection method called simulated annealing based improved salp swarm algorithm (SA-ISSA), which is the hybridization of particle swarm optimization, opposition based learning and salp swarm algorithm. The experiments are performed with RPL-NIDDS17 dataset that contains seven types of attack instances. The performance of the proposed model is evaluated and compared with existing feature selection and classification techniques in terms of accuracy, attack detection rate (ADR), FAR and so on. The proposed ensemble classifier shows better performance with higher accuracy (96.4%), ADR (97.7%) and reduced FAR (3.6%).

scholarly journals Enhanced Network Intrusion Detection System

Sensors ◽  
2021 ◽  
Vol 21 (23) ◽  
pp. 7835
Author(s):  
Ketan Kotecha ◽  
Raghav Verma ◽  
Prahalad V. Rao ◽  
Priyanshu Prasad ◽  
Vipul Kumar Mishra ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Network Intrusion Detection ◽  
High Detection Rate ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection System ◽  
Network Intrusion Detection Systems ◽  
High Detection

A reasonably good network intrusion detection system generally requires a high detection rate and a low false alarm rate in order to predict anomalies more accurately. Older datasets cannot capture the schema of a set of modern attacks; therefore, modelling based on these datasets lacked sufficient generalizability. This paper operates on the UNSW-NB15 Dataset, which is currently one of the best representatives of modern attacks and suggests various models. We discuss various models and conclude our discussion with the model that performs the best using various kinds of evaluation metrics. Alongside modelling, a comprehensive data analysis on the features of the dataset itself using our understanding of correlation, variance, and similar factors for a wider picture is done for better modelling. Furthermore, hypothetical ponderings are discussed for potential network intrusion detection systems, including suggestions on prospective modelling and dataset generation as well.

scholarly journals An ensemble feature selection approach using hybrid kernel based SVM for network intrusion detection system

2021 ◽  
Vol 23 (1) ◽  
pp. 558
Author(s):  
Gaddam Venu Gopal ◽  
Gatram Rama Mohan Babu
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Network Intrusion Detection ◽  
Support Vector ◽  
Feature Subset ◽  
Network Intrusion ◽  
Feature Selection Approach ◽  
Hybrid Kernel

Feature selection is a process of identifying relevant feature subset that leads to the machine learning algorithm in a well-defined manner. In this paper, anovel ensemble feature selection approach that comprises of Relief  Attribute Evaluation and hybrid kernel-based support vector machine (HK-SVM) approach is proposed as a feature selection method for network intrusion detection system (NIDS). A Hybrid approach along with the combination of Gaussian and Polynomial methods is used as a kernel for support vector machine (SVM). The key issue is to select a feature subset that yields good accuracy at a minimal computational cost. The proposed approach is implemented and compared with classical SVM and simple kernel. Kyoto2006+, a bench mark intrusion detection dataset,is used for experimental evaluation and then observations are drawn.

Sign in / Sign up

Export Citation Format

Share Document