The Prediction Model Research for Network Traffic Based on ARMA

2014 ◽  
Vol 530-531 ◽  
pp. 760-763
Author(s):  
Zhao Ji Zhang
Keyword(s):  
Prediction Model ◽  
Network Traffic ◽  
Detection System ◽  
Moving Average ◽  
Third Party ◽  
Testing System ◽  
Network Resources ◽  
Network Intrusion ◽  
Model Research ◽  
Auto Regressive

This paper presents a new WIA-PA network intrusion detection system -- Auto Regressive and Moving Average (ARMA) network traffic prediction model. This model can predict the network traffic quickly and accurately, and because this is a third party testing system, it does not need to take network resources, the security of the WIA-PA network design is of vital importance. The simulation results show that our proposed system can effectively detect intrusion attack, improve the performance of the entire network, prolonging the life of the network.

PAIRWISE CLUSTERS OPTIMIZATION AND CLUSTER MOST SIGNIFICANT FEATURE METHODS FOR ANOMALY-BASED NETWORK INTRUSION DETECTION SYSTEM (POC2MSF)

2018 ◽  
Vol 3 (2) ◽  
pp. 93
Author(s):  
Gervais Hatungimana
Keyword(s):  
Intrusion Detection ◽  
Network Traffic ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Significant Feature ◽  
Features Selection ◽  
Number Of Clusters ◽  
Network Intrusion

 Anomaly-based Intrusion Detection System (IDS) uses known baseline to detect patterns which have deviated from normal behavior. If the baseline is faulty, the IDS performance degrades. Most of researches in IDS which use k-centroids-based clustering methods like K-means, K-medoids, Fuzzy, Hierarchical and agglomerative algorithms to baseline network traffic suffer from high false positive rate compared to signature-based IDS, simply because the nature of these algorithms risk to force some network traffic into wrong profiles depending on K number of clusters needed. In this paper we propose alternate method which instead of defining K number of clusters, defines t distance threshold. The unrecognizable IDS; IDS which is neither HIDS nor NIDS is the consequence of using statistical methods for features selection. The speed, memory and accuracy of IDS are affected by inappropriate features reduction method or ignorance of irrelevant features. In this paper we use two-step features selection and Quality Threshold with Optimization methods to design anomaly-based HIDS and NIDS separately. The performance of our system is 0% ,99.9974%, 1,1 false positive rates, accuracy , precision and recall respectively for NIDS and  0%,99.61%, 0.991,0.978 false positive rates, accuracy, precision and recall respectively for HIDS.

scholarly journals Classifier Rank Identification using Multi-Criteria Decision Making Method for Intrusion Detection Dataset

2019 ◽  
Vol 9 (1) ◽  
pp. 1732-1738 ◽  
Keyword(s):  
Decision Making ◽  
Intrusion Detection ◽  
Network Traffic ◽  
Detection System ◽  
False Positive Rate ◽  
Absolute Error ◽  
Multi Criteria Decision Making ◽  
Intrusion Prevention ◽  
Network Intrusion ◽  
Intrusion Prevention System

Network intrusion detection system (NIDS) tracks network traffic for suspicious activity and policy violations. It generates alerts whenever such activity found. The objective is to detect and report anomalies. Further intrusion prevention system can take action such as blocking traffic from suspected IP addresses. Classification of network traffic as is a tedious task. Existing classifiers are suffered by generating many/false alerts. It is paramount important to select best classification approach among set of available approaches. KDD 99 is the benchmark dataset utilized to test the classification capabilities of classifiers. However, many classifiers generate similar results by measuring performance on various criteria. Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) is a traditional multi-criteria decision making (MCDM) approach which is widely used to rank classifiers from number of options that are assessed on various criteria. In this work, KDD 99 dataset is applied as input to bayes net, naive bayes, NB updateable, random forest, oneR, zeroR, adaboostM1, decision stump, J48 and decision table classifiers. The performance of each classifier is measured using 10 different criteria’s such as accuracy, misclassification, RA error, RMS error, false positive rate, f- measure, precision, RRS error, mean absolute error and recall. In order to test the effectiveness of proposed approach weka utility is utilized for classification and classifier performance result are supplied to the TOPSIS. An application is designed to implement TOPSIS method using python. It is observed that J48 secured at the top position with performance score 0.5829.

Short-term prediction model for daily COVID-19 reported positive cases in Senegal

2021 ◽  
Vol 8 (1) ◽  
pp. 1111-1126
Author(s):  
Aba Diop ◽  
Abdourahmane Ndao ◽  
Cheikh Tidiane Seck ◽  
Ibrahima Faye
Keyword(s):  
Prediction Model ◽  
Moving Average ◽  
Arima Model ◽  
Short Term ◽  
Ministry Of Health ◽  
Term Prediction ◽  
Daily Data ◽  
Auto Regressive ◽  
Short Term Prediction ◽  
Second Wave

In this work, we use an Auto-Regressive Integrated Moving Average (ARIMA) model to study the evolution of COVID-19 disease in Senegal and then make short-term predictions about the number of people likely to be infected by the coronavirus. We are dealing with daily data provided by the Senegalese Ministry of Health during the period from March 2, 2020 to March 2, 2021.Our results show that the peak of the disease appearsduring the second wave seems to be reached on February 12 2021. But they also show that the number of COVID-19 infections will be around 200 cases per day during the next 30 days if the trend of the total number of tests performed is maintained.

Short-term prediction model for daily COVID-19 reported positive cases in Senegal

2021 ◽  
Vol 8 (1) ◽  
pp. 1507-1523
Author(s):  
Aba Diop ◽  
Abdourahmane Ndao ◽  
Cheikh Tidiane Seck ◽  
Ibrahima Faye
Keyword(s):  
Prediction Model ◽  
Moving Average ◽  
Arima Model ◽  
Short Term ◽  
Ministry Of Health ◽  
Term Prediction ◽  
Daily Data ◽  
Auto Regressive ◽  
Short Term Prediction ◽  
Second Wave

In this work, we use an Auto-Regressive Integrated Moving Average (ARIMA) model to study the evolution of COVID-19 disease in Senegal and then make short-term predictions about the number of people likely to be infected by the coronavirus. We are dealing with daily data provided by the Senegalese Ministry of Health during the period from March 2, 2020 to March 2, 2021.Our results show that the peak of the disease appearsduring the second wave seems to be reached on February 12 2021. But they also show that the number of COVID-19 infections will be around 200 cases per day during the next 30 days if the trend of the total number of tests performed is maintained.

A Network Intrusion Detection System for Concept Drifting Network Traffic Data

2021 ◽  
pp. 111-121
Author(s):  
Giuseppina Andresini ◽  
Annalisa Appice ◽  
Corrado Loglisci ◽  
Vincenzo Belvedere ◽  
Domenico Redavid ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Network Traffic ◽  
Intrusion Detection System ◽  
Detection System ◽  
Network Intrusion Detection ◽  
Traffic Data ◽  
Network Intrusion ◽  
Network Intrusion Detection System

scholarly journals NTAM-LSTM models of network traffic prediction

2022 ◽  
Vol 355 ◽  
pp. 02007
Author(s):  
Jihong Zhao ◽  
Xiaoyuan He
Keyword(s):  
Prediction Model ◽  
Network Traffic ◽  
Prediction Models ◽  
Rapid Development ◽  
Attention Mechanism ◽  
Accurate Prediction ◽  
Traffic Prediction ◽  
Network Resources ◽  
Multiple Characteristics ◽  
Lstm Network

Accurate prediction of network traffic is very important in allocating network resources. With the rapid development of network technology, network traffic becomes more complex and diverse. The traditional network traffic prediction model cannot accurately predict the current network traffic within the effective time. This paper proposes a Network Traffic Prediction Model----NTAM-LSTM, which based on Attention Mechanism with Long and Short Time Memory. Firstly, the model preprocesses the historical dataset of network traffic with multiple characteristics. Then the LSTM network is used to make initial prediction for the processed dataset. Finally, attention mechanism is introduced to get more accurate prediction results. Compared with other network traffic prediction models, NTAM-LSTM prediction model can achieve higher prediction accuracy and take shorter running time.

Parallel Combining Different Approaches to Multi-pattern Matching for Fpga-based Security Systems

2017 ◽  
Vol 5 (1) ◽  
pp. 8-15
Author(s):  
Sergii Hilgurt ◽  
Keyword(s):  
Information Security ◽  
Pattern Matching ◽  
Intrusion Detection System ◽  
Detection System ◽  
Finite Automata ◽  
Network Intrusion Detection ◽  
Security Systems ◽  
Analytical Technique ◽  
Network Intrusion ◽  
Pros And Cons

The multi-pattern matching is a fundamental technique found in applications like a network intrusion detection system, anti-virus, anti-worms and other signature- based information security tools. Due to rising traffic rates, increasing number and sophistication of attacks and the collapse of Moore’s law, traditional software solutions can no longer keep up. Therefore, hardware approaches are frequently being used by developers to accelerate pattern matching. Reconfigurable FPGA-based devices, providing the flexibility of software and the near-ASIC performance, have become increasingly popular for this purpose. Hence, increasing the efficiency of reconfigurable information security tools is a scientific issue now. Many different approaches to constructing hardware matching circuits on FPGAs are known. The most widely used of them are based on discrete comparators, hash-functions and finite automata. Each approach possesses its own pros and cons. None of them still became the leading one. In this paper, a method to combine several different approaches to enforce their advantages has been developed. An analytical technique to quickly advance estimate the resource costs of each matching scheme without need to compile FPGA project has been proposed. It allows to apply optimization procedures to near-optimally split the set of pattern between different approaches in acceptable time.

Sign in / Sign up

Export Citation Format

Share Document