Research on Distributed Intrusion Detection Model Based on Information Fusion

2010 ◽  
Vol 121-122 ◽  
pp. 528-533
Author(s):  
Ping Du ◽  
Wei Xu
Keyword(s):  
Intrusion Detection ◽  
Information Fusion ◽  
Detection System ◽  
False Positive Rate ◽  
Prototype System ◽  
Security Risk ◽  
Source Information ◽  
Detection Model ◽  
Distributed Intrusion Detection ◽  
Positive Rate

The research actuality of Intrusion Detection System(IDS) were analyzed, Due to the defects of IDS such as high positive rate of IDS and incapable of effective detection of dispersed coordinated attacks on the time and space, the ideas of the multi-source information fusion were introduced in the paper, a multi-level IDS reasoning framework and prototype system were presented. The prototype adds analysis engine to the existing IDS Sensor, We used Bayesian Network as a tool for multi-source information fusion, and we used goal-tree to analyze the attempts of coordinated attacks and quantify the security risk of system. Compared to the existing IDS, the prototype is more integrated and more capable in finding coordinated attacks with lower false positive rate.

The Study of the Ontology and Context Verification Based Intrusion Detection Model

2014 ◽  
Vol 644-650 ◽  
pp. 3338-3341 ◽  
Author(s):  
Guang Feng Guo
Keyword(s):  
Intrusion Detection ◽  
Knowledge Base ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
False Positives ◽  
The Real ◽  
Detection Model ◽  
Positive Rate

During the 30-year development of the Intrusion Detection System, the problems such as the high false-positive rate have always plagued the users. Therefore, the ontology and context verification based intrusion detection model (OCVIDM) was put forward to connect the description of attack’s signatures and context effectively. The OCVIDM established the knowledge base of the intrusion detection ontology that was regarded as the center of efficient filtering platform of the false alerts to realize the automatic validation of the alarm and self-acting judgment of the real attacks, so as to achieve the goal of filtering the non-relevant positives alerts and reduce false positives.

Association Rule-Mining-Based Intrusion Detection System With Entropy-Based Feature Selection

2020 ◽  
pp. 1-24
Author(s):  
Devaraju Sellappan ◽  
Ramakrishnan Srinivasan
Keyword(s):  
Intrusion Detection ◽  
Association Rule ◽  
Intrusion Detection System ◽  
Association Rule Mining ◽  
Detection System ◽  
False Positive Rate ◽  
Rule Mining ◽  
Detection Rates ◽  
Mining Algorithm ◽  
Positive Rate

Intrusion detection system (IDSs) are important to industries and organizations to solve the problems of networks, and various classifiers are used to classify the activity as malicious or normal. Today, the security has become a decisive part of any industrial and organizational information system. This chapter demonstrates an association rule-mining algorithm for detecting various network intrusions. The KDD dataset is used for experimentation. There are three input features classified as basic features, content features, and traffic features. There are several attacks are present in the dataset which are classified into Denial of Service (DoS), Probe, Remote to Local (R2L), and User to Root (U2R). The proposed method gives significant improvement in the detection rates compared with other methods. Association rule mining algorithm is proposed to evaluate the KDD dataset and dynamic data to improve the efficiency, reduce the false positive rate (FPR) and provides less time for processing.

scholarly journals A novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks

Electronics ◽  
2019 ◽  
Vol 8 (11) ◽  
pp. 1210 ◽  
Author(s):  
Khraisat ◽  
Gondal ◽  
Vamplew ◽  
Kamruzzaman ◽  
Alazab
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Support Vector ◽  
Detection Accuracy ◽  
Lower False Positive Rate ◽  
Positive Rate ◽  
Iot Devices

The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques.

scholarly journals IDSFS: A Signature Based Intrusion Detection System with High Pertinent Feature Selection Method

2019 ◽  
Vol 8 (2) ◽  
pp. 25-31
Author(s):  
S. Latha ◽  
Sinthu Janita Prakash
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
Feature Selection Method ◽  
Selection Method ◽  
Positive Rate ◽  
Frame Work ◽  
Pertinent Feature

Securing a network from the attackers is a challenging task at present as many users involve in variety of computer networks. To protect any individual host in a network or the entire network, some security system must be implemented. In this case, the Intrusion Detection System (IDS) is essential to protect the network from the intruders. The IDS have to deal with a lot of network packets with different characteristics. A signature-based IDS is a potential tool to understand former attacks and to define suitable method to conquest it in variety of applications. This research article elucidates the objective of IDS with a mechanism which combines the network and host-based IDS. The benchmark dataset for DARPA is considered to generate the IDS mechanism. In this paper, a frame work IDSFS – a signature-based IDS with high pertinent feature selection method is framed. This frame work consists of earlier proposed Feature Selection method (HPFSM), Artificial Neural Network for classification of nodes or packets in the network, then the signatures or attack rules are configured by implementing Association Rule mining algorithm and finally the rules are restructured using a pattern matching algorithm-Aho-Corasick to ease the rule checking. The metrics like number of features, classification accuracy, False Positive Rate (FPR), Precision, Number of rules, Running Time and Memory consumption are checked and proved the proposed frame work’s efficiency.

Association Rule-Mining-Based Intrusion Detection System With Entropy-Based Feature Selection

2021 ◽  
pp. 183-206
Author(s):  
Devaraju Sellappan ◽  
Ramakrishnan Srinivasan
Keyword(s):  
Intrusion Detection ◽  
Association Rule ◽  
Intrusion Detection System ◽  
Association Rule Mining ◽  
Detection System ◽  
False Positive Rate ◽  
Rule Mining ◽  
Detection Rates ◽  
Mining Algorithm ◽  
Positive Rate

Intrusion detection system (IDSs) are important to industries and organizations to solve the problems of networks, and various classifiers are used to classify the activity as malicious or normal. Today, the security has become a decisive part of any industrial and organizational information system. This chapter demonstrates an association rule-mining algorithm for detecting various network intrusions. The KDD dataset is used for experimentation. There are three input features classified as basic features, content features, and traffic features. There are several attacks are present in the dataset which are classified into Denial of Service (DoS), Probe, Remote to Local (R2L), and User to Root (U2R). The proposed method gives significant improvement in the detection rates compared with other methods. Association rule mining algorithm is proposed to evaluate the KDD dataset and dynamic data to improve the efficiency, reduce the false positive rate (FPR) and provides less time for processing.

Usefulness of Sensor Fusion for Security Incident Analysis

2012 ◽  
pp. 165-180
Author(s):  
Ciza Thomas ◽  
N. Balakrishnan
Keyword(s):  
Intrusion Detection ◽  
Sensor Fusion ◽  
Detection System ◽  
False Positive Rate ◽  
Intrusion Detection Systems ◽  
Security Incident ◽  
Network Defense ◽  
Detection Systems ◽  
Positive Rate ◽  
The Individual

Intrusion Detection Systems form an important component of network defense. Because of the heterogeneity of the attacks, it has not been possible to make a single Intrusion Detection System that is capable of detecting all types of attacks with acceptable levels of accuracy. In this chapter, the distinct advantage of sensor fusion over individual IDSs is proved. The detection rate and the false positive rate quantify the performance benefit obtained through the fixing of threshold bounds. Also, the more independent and distinct the attack space is for the individual IDSs, the better the fusion of Intrusion Detection Systems performs. A simple theoretical model is initially illustrated and later supplemented with experimental evaluation. The chapter demonstrates that the proposed fusion technique is more flexible and also outperforms other existing fusion techniques such as OR, AND, SVM, and ANN, using the real-world network traffic embedded with attacks.

scholarly journals CNID: Research of Network Intrusion Detection Based on Convolutional Neural Network

2020 ◽  
Vol 2020 ◽  
pp. 1-11
Author(s):  
Guojie Liu ◽  
Jianbiao Zhang
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Convolutional Neural Network ◽  
Detection System ◽  
False Positive Rate ◽  
Network Intrusion Detection ◽  
Test Results ◽  
Softmax Classifier ◽  
Detection Model ◽  
Network Intrusion

Network intrusion detection system can effectively detect network attack behaviour, which is very important to network security. In this paper, a multiclassification network intrusion detection model based on convolutional neural network is proposed, and the algorithm is optimized. First, the data is preprocessed, the original one-dimensional network intrusion data is converted into two-dimensional data, and then the effective features are learned using optimized convolutional neural networks, and, finally, the final test results are produced in conjunction with the Softmax classifier. In this paper, KDD-CUP 99 and NSL-KDD standard network intrusion detection dataset were used to carry out the multiclassification network intrusion detection experiment; the experimental results show that the multiclassification network intrusion detection model proposed in this paper improves the accuracy and check rate, reduces the false positive rate, and also obtains better test results for the detection of unknown attacks.

scholarly journals An Application-Layer Distributed Intrusion Detection Model Based on the C/S Mode

2012 ◽  
Vol 6-7 ◽  
pp. 882-886
Author(s):  
Zhi Guo Ding ◽  
Xue Yong Zhu ◽  
Yuan Yuan
Keyword(s):  
Intrusion Detection ◽  
Theoretical Analysis ◽  
Intrusion Detection System ◽  
Simple Structure ◽  
Detection System ◽  
Application Layer ◽  
Detection Model ◽  
Model Based ◽  
Distributed Intrusion Detection ◽  
The Cost

In order to overcome the disadvantages of the traditional distributed intrusion detection system, an application-layer distributed intrusion detection model based on the C/S mode is proposed here. The new model, is composed of a main system of server and several sub-systems of clients, fully utilizes detection abilities of the client by means of computing the belief dynamically, while the cost is not increased. Theoretical analysis and experimental results show that the model is a simple structure, reasonable design and higher accuracy than the traditional models.

scholarly journals Support Based Graph Framework for Effective Intrusion Detection and Classification

2021 ◽  
Author(s):  
Rahul B Adhao ◽  
Vinod K Pachghare
Keyword(s):  
Intrusion Detection ◽  
False Positive ◽  
Detection System ◽  
False Positive Rate ◽  
Intrusion Detection Systems ◽  
Detection Systems ◽  
Krill Herd ◽  
Positive Rate ◽  
Time Accuracy

Abstract Intrusion Detection System is one of the worthwhile areas for researchers for a long. Numbers of researchers have worked for increasing the efficiency of Intrusion Detection Systems. But still, many challenges are present in modern Intrusion Detection Systems. One of the major challenges is controlling the false positive rate. In this paper, we have presented an efficient soft computing framework for the classification of intrusion detection dataset to diminish a false positive rate. The proposed processing steps are described as; the input data is at first pre-processed by the normalization process. Afterward, optimal features are chosen for the dimensionality decrease utilizing krill herd optimization. Here, the effective feature assortment is utilized to enhance classification accuracy. Support value is then estimated from ideally chosen features and lastly, a support value-based graph is created for the powerful classification of data into intrusion or normal. The exploratory outcomes demonstrate that the presented technique outperforms the existing techniques regarding different performance examinations like execution time, accuracy, false-positive rate, and their intrusion detection model increases the detection rate and decreases the false rate.

Sign in / Sign up

Export Citation Format

Share Document