Classification of Intrusion Detection System

With the expansion of computer network there is a challenge to compete with the intruders who can easily break into the system. So it becomes a necessity to device systems or algorithms that can not only detect intrusion but can also improve the detection rate. In this paper we propose an intrusion detection system that uses rough set theory for feature selection, which is extraction of relevant attributes from the entire set of attributes describing a data packet and used the same theory to classify the packet if it is normal or an attack. After the simplification of the discernibility matrix we were to select or reduce the features. We have used Rosetta tool to obtain the reducts and classification rules. NSL KDD dataset is used as training set and is provided to Rosetta to obtain the classification rules.

Download Full-text

Network Intrusion Detection System Using Neural Network Classification of Attack Behavior

Journal of Advances in Information Technology ◽

10.12720/jait.6.1.1-8 ◽

2015 ◽

pp. 1-8 ◽

Cited By ~ 12

Author(s):

Omar Al-Jarrah ◽

Ahmad Arafat

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Network Intrusion Detection ◽

Attack Behavior ◽

Neural Network Classification ◽

Network Intrusion ◽

Network Intrusion Detection System

Download Full-text

A Data Classification Model: For Effective Classification of Intrusion in an Intrusion Detection System Based on Decision Tree Learning Algorithm

Information and Communication Technology for Sustainable Development - Lecture Notes in Networks and Systems ◽

10.1007/978-981-10-3932-4_7 ◽

2017 ◽

pp. 61-66

Author(s):

Latika Mehrotra ◽

Prashant Sahai Saxena ◽

Nitika Vats Doohan

Keyword(s):

Intrusion Detection ◽

Decision Tree ◽

Intrusion Detection System ◽

Learning Algorithm ◽

Detection System ◽

Data Classification ◽

Classification Model ◽

Decision Tree Learning

Download Full-text

Guidance for Selecting Data Collection Mechanisms for Intrusion Detection

Handbook of Research on Emerging Developments in Data Privacy - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-7381-6.ch016 ◽

2015 ◽

pp. 340-370

Author(s):

Ulf Larson ◽

Erland Jonsson ◽

Stefan Lindskog

Keyword(s):

Data Collection ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Log Data ◽

Detailed Explanation ◽

Generic Data ◽

Efficient Data ◽

Efficient Data Collection

This chapter aims at providing a clear and concise picture of data collection for intrusion detection. It provides a detailed explanation of generic data collection mechanism components and the interaction with the environment, from initial triggering to output of log data records. Taxonomies of mechanism characteristics and deployment considerations are provided and discussed. Furthermore, guidelines and hints for mechanism selection and deployment are provided. Finally, this chapter presents a set of strategies for determining what data to collect, and it also discusses some of the challenges in the field. An appendix providing a classification of 50 studied mechanisms is also provided. This chapter aims at assisting intrusion detection system developers, designers, and operators in selecting mechanisms for resource-efficient data collection.

Download Full-text

MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 2

Automation technological and business processes ◽

10.15673/atbp.v9i3.713 ◽

2017 ◽

Vol 9 (3) ◽

Cited By ~ 1

Author(s):

K. Smirnova ◽

A. Smirnov ◽

V. Plotnikov

Keyword(s):

Machine Learning ◽

Neural Networks ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Main Idea ◽

Approximate Model ◽

Training Sample ◽

Web Systems

The possibility of applying machine learning for the classification of malicious requests to aWeb application is considered. This approach excludes the use of deterministic analysis systems (for example, expert systems),and is based on the application of a cascade of neural networks or perceptrons on an approximate model to the real humanbrain. The main idea of the work is to enable to describe complex attack vectors consisting of feature sets, abstract terms forcompiling a training sample, controlling the quality of recognition and classifying each of the layers (networks) participatingin the work, with the ability to adjust not the entire network, but only a small part of it, in the training of which a mistake orinaccuracy crept in. The design of the developed network can be described as a cascaded, scalable neural network.When using neural networks to detect attacks on web systems, the issue of vectorization and normalization of features isacute. The most commonly used methods for solving these problems are not designed for the case of deliberate distortion ofthe signs of an attack.The proposed approach makes it possible to obtain a neural network that has been studied in more detail by small features,and also to eliminate the normalization issues in order to avoid deliberately bypassing the intrusion detection system. Byisolating one more group of neurons in the network and teaching it to samples containing various variants of circumvention ofthe attack classification, the developed intrusion detection system remains able to classify any types of attacks as well as theiraggregates, putting forward more stringent measures to counteract attacks. This allows you to follow the life cycle of theattack in more detail: from the starting trial attack to deliberate sophisticated attempts to bypass the system and introducemore decisive measures to actively counteract the attack, eliminating the chances of a false alarm system.

Download Full-text

LSTM deep learning method for network intrusion detection system

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v10i3.pp3315-3322 ◽

2020 ◽

Vol 10 (3) ◽

pp. 3315

Author(s):

Alaeddine Boukhalfa ◽

Abderrahim Abdellaoui ◽

Nabil Hmina ◽

Habiba Chaoui

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

False Positive Rate ◽

Network Intrusion Detection ◽

Primary Concern ◽

Great Ability ◽

Network Intrusion ◽

Network Intrusion Detection System

The security of the network has become a primary concern for organizations. Attackers use different means to disrupt services or steal information, these various attacks push to think of a new way to block them all in one manner. In addition, these intrusions can change and penetrate the devices of security. To solve these issues, we suggest, in this paper, a new idea for Network Intrusion Detection System (NIDS) based on Long Short-TermMemory (LSTM) to recognize menaces and to obtain a long-term memory on them, inorder to stop the new attacks that are like the existing ones, and at the sametime, to have a single mean to block intrusions. According to the results of the experiments of detections that we have carried out, the Accuracy reaches upto 99.98 % and 99.93 % for respectively the classification of two classes and several classes, Also the False Positive Rate (FPR) reaches up to only 0,068 % and 0,023 % for respectively the classification of two classes and several classes, which proves that the proposed model is very effective, it has a great ability to memorize and differentiate between normal traffic and attack traffic and its identification is more accurate than other Machine Learning classifiers.

Download Full-text