scholarly journals A Comparative Analysis of Decision Tree and Bayesian Model for Network Intrusion Detection System

2019 ◽  
Vol 4 (2) ◽  
Author(s):  
Bosede A Ayogu ◽  
Adebayo O Adetunmbi ◽  
Ikechukwu I Ayogu
Keyword(s):  
Intrusion Detection ◽  
Decision Tree ◽  
Bayesian Network ◽  
Classification System ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Attribute Selection ◽  
Denial Of Service Attack ◽  
Network Intrusion

Denial of Service Attacks (DoS) is a major threat to computer networks. This paper presents two approaches (Decision tree and Bayesian network) to the building of classifiers for DoS attack. Important attributes selection increases the classification accuracy of intrusion detection systems; as decision tree which has the advantage of generating explainable rules was used for the selection of relevant attributes in this research. A C4.5 decision tree dimensional reduction algorithm was used in reducing the 41 attributes of the KDD´99 dataset to 29. Thereafter, a rule based classification system (decision tree) was built as well as Bayesian network classification system for denial of service attack (DoS) based on the selected attributes. The classifiers were evaluated and compared using performance on the test dataset. Experimental results show that Decision Tree is robust and gives the highest percentage of successful classification than Bayesian Network which was found to be sensitive to the discritization techniques. It has been successfully tested that significant attribute selection is important in designing a real world intrusion detection system (IDS). Keywords— Intrusion Detection System, Machine Learning, Decision Tree, and Bayesian Network.

scholarly journals Deep Learning Based Attack Detection in IIoT using Two-Level Intrusion Detection System

2021 ◽  
Author(s):  
Kathiroli Raja ◽  
Krithika Karthikeyan ◽  
Abilash B ◽  
Kapal Dev ◽  
Gunasekaran Raja
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Production Management ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Sensitive Information ◽  
Smart Meters ◽  
Network Intrusion

Abstract The Industrial Internet of Things (IIoT), also known as Industry 4.0, has brought a revolution in the production and manufacturing sectors as it assists in the automation of production management and reduces the manual effort needed in auditing and managing the pieces of machinery. IoT-enabled industries, in general, use sensors, smart meters, and actuators. Most of the time, the data held by these devices is surpassingly sensitive and private. This information might be modified,
1
stolen, or even the devices may be subjected to a Denial of Service (DoS) attack. As a consequence, the product quality may deteriorate or sensitive information may be leaked. An Intrusion Detection System (IDS), implemented in the network layer of IIoT, can detect attacks, thereby protecting the data and devices. Despite substantial advancements in attack detection in IIoT, existing works fail to detect certain attacks obfuscated from detectors resulting in a low detection performance. To address the aforementioned issue, we propose a Deep Learning-based Two Level Network Intrusion Detection System (DLTL-NIDS) for IIoT environment, emphasizing challenging attacks. The attacks that attain low accuracy or low precision in level-1 detection are marked as challenging attacks. Experimental results show that the proposed model, when tested against TON IoT, figures out the challenging attacks well and achieves an accuracy of 99.97%, precision of 95.62%, recall of 99.5%, and F1-score of 99.65%. The proposed DL-TLNIDS, when compared with state-of-art models, achieves a decrease in false alarm rate to 2.34% (flagging normal traffic as an attack) in IIoT.

scholarly journals Anomaly Detection in Distributed Denial of Service Attack using Map Reduce Improvised Counter Based Algorithm in Hadoop

2019 ◽  
Vol 8 (4) ◽  
pp. 4668-4671
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Network Traffic ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Map Reduce ◽  
Distributed Denial Of Service ◽  
Unusual Pattern ◽  
Denial Of Service Attack

A Distributed denial of Service attacks(DDoS) is one of the major threats in the cyber network and it attacks the computers flooded with the Users Data Gram packet. These types of attacks causes major problem in the network in the form of crashing the system with large volume of traffic to attack the victim and make the victim idle in which not responding the requests. To detect this DDOS attack traditional intrusion detection system is not suitable to handle huge volume of data. Hadoop is a frame work which handles huge volume of data and is used to process the data to find any malicious activity in the data. In this research paper anomaly detection technique is implemented in Map Reduce Algorithm which detects the unusual pattern of data in the network traffic. To design a proposed model, Map Reduce platform is used to hold the improvised algorithm which detects the (DDoS) attacks by filtering and sorting the network traffic and detects the unusual pattern from the network. Improvised Map reduce algorithm is implemented with Map Reduce functionalities at the stage of verifying the network IPS. This Proposed algorithm focuses on the UDP flooding attack using Anomaly based Intrusion detection system technique which detects kind of pattern and flow of packets in the node is more than the threshold and also identifies the source code causing UDP Flood Attack.

scholarly journals Deep Stacking Network for Intrusion Detection

Sensors ◽  
2021 ◽  
Vol 22 (1) ◽  
pp. 25
Author(s):  
Yifan Tang ◽  
Lize Gu ◽  
Leiting Wang
Keyword(s):  
Intrusion Detection ◽  
Decision Tree ◽  
Classification Accuracy ◽  
Intrusion Detection System ◽  
Detection System ◽  
Detection Performance ◽  
Network Intrusion Detection ◽  
Fusion Model ◽  
Data Set ◽  
Network Intrusion

Preventing network intrusion is the essential requirement of network security. In recent years, people have conducted a lot of research on network intrusion detection systems. However, with the increasing number of advanced threat attacks, traditional intrusion detection mechanisms have defects and it is still indispensable to design a powerful intrusion detection system. This paper researches the NSL-KDD data set and analyzes the latest developments and existing problems in the field of intrusion detection technology. For unbalanced distribution and feature redundancy of the data set used for training, some training samples are under-sampling and feature selection processing. To improve the detection effect, a Deep Stacking Network model is proposed, which combines the classification results of multiple basic classifiers to improve the classification accuracy. In the experiment, we screened and compared the performance of various mainstream classifiers and found that the four models of the decision tree, k-nearest neighbors, deep neural network and random forests have outstanding detection performance and meet the needs of different classification effects. Among them, the classification accuracy of the decision tree reaches 86.1%. The classification effect of the Deeping Stacking Network, a fusion model composed of four classifiers, has been further improved and the accuracy reaches 86.8%. Compared with the intrusion detection system of other research papers, the proposed model effectively improves the detection performance and has made significant improvements in network intrusion detection.

scholarly journals Intrusion Detection System using Hybrid SVM-RF and SVM-DT in Wireless Sensor Networks

2019 ◽  
Vol 8 (2S8) ◽  
pp. 1926-1931
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Hybrid Algorithm ◽  
Detection Rate ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Support Vector ◽  
Second Stage ◽  
Network Intrusion

Intrusion detection system (IDS) is one of the essential security mechanisms against attacks in WSN. Network intrusion detection system (NIDS) generally uses the classification techniques in order to obtain the best possible accuracy and attack detection rate. In this paper, Intrusion Detection System is designed which uses two-stage hybrid classification method. In the first stage it uses Support Vector Machine (SVM) as anomaly detection, and in the second stage it uses Random Forest (RF)/Decision Tree (DT) as misuse. The abnormal activities are detected in the first stage. These abnormal activities are further analyzed and the known attacks are identified in the second stage and are classified as Denial of Service (DoS) attack, Probe attack, Remote to Local (R2L) attack and User to Root (U2R) attack. Simulation results reveal that the proposed hybrid algorithm obtains better accuracy and detection rate than the single classifier namely, SVM, RF and DT algorithm. The experimental results also shows that hybrid algorithm can detect anomaly activity in a reliable way. Proposed technique uses the standard NSL KDD dataset to evaluate/calculate the performance of the proposed approach. Here the results show that the proposed Hybrid SVM-RF/DT IDS technique performs better in terms of detection rate, accuracy and recall than the existing SVM, RF and DT approaches.

scholarly journals Study of Intrusion Detection System

2021 ◽  
Vol 9 (VI) ◽  
pp. 788-792
Author(s):  
Miss. Manoshri A. Ghawade
Keyword(s):  
Intrusion Detection ◽  
Key Management ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Secure Routing ◽  
Abnormal Behavior ◽  
Sybil Attack ◽  
Malicious Activity ◽  
Network Intrusion

An intrusion detection system (IDS) could be a device or software application that observes a network for malicious activity or policy violations. Any malicious activity or violation is often reported or collected centrally employing a security information and event management system. Some IDS’s are proficient of responding to detected intrusion upon discovery. These are classified as intrusion prevention systems (IPS). A system that analyzes incoming network traffic is thought as Network intrusion detection system (NIDS). A system that monitors important software files is understood as Host intrusion detection system (HIDS). Wireless sensor networks (WSNs) are vulnerable to different kinds of security threats which will degenrate the performance of the entire network; that may lead to fatal problems like denial of service (DoS) attacks, direction attacks, Sybil attack etc. Key management protocols, authentication protocols and secure routing cannot provide security to WSNs for these varieties of attacks. Intrusion detection system (IDS) could be a solution to the present problem. It analyzes the network by collecting sufficient amount of knowledge and detects abnormal behavior of sensor node(s).

Sign in / Sign up

Export Citation Format

Share Document