Design of Optimal Machine Learning based Cybersecurity Intrusion Detection Systems

2019 ◽  
pp. 32-43
Author(s):  
Andino Maseleno ◽  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Data Storage ◽  
Detection System ◽  
Parameter Tuning ◽  
Classification Performance ◽  
Critical Systems ◽  
Confidential Data ◽  
Benchmark Datasets ◽  
Learning Machine

Cybersecurity is the process of protecting critical systems and confidential data from digital attacks. With the advent of machine learning, cybersecurity systems can examine the patterns and learns them from preventing similar attacks and responds to fluctuating behavior. Cybersecurity intrusion detection system helps to detect the existence of intrusions in the network and achieves security in confidential data storage and transmission. In this view, this study designs an efficient cockroach optimization (CSO) with kernel extreme learning machine (KELM) model for cybersecurity intrusion detection. The proposed CSO-KELM model can accomplish cybersecurity by the detection and classification of intrusions. The proposed CSO-KELM technique encompasses a three-level process, namely preprocessing, classification, and parameter tuning. The design of the CSO algorithm for the appropriate selection of KELM parameters results in improved classification performance. For examining the betterment of the CSO-KELM technique, a series of experiments were performed on benchmark datasets. The experimental results pointed out the superiority of the CSO-KELM technique concerning several measures.

scholarly journals An IoT-Focused Intrusion Detection System Approach Based on Preprocessing Characterization for Cybersecurity Datasets

Sensors ◽  
2021 ◽  
Vol 21 (2) ◽  
pp. 656
Author(s):  
Xavier Larriva-Novo ◽  
Víctor A. Villagrá ◽  
Mario Vega-Barbas ◽  
Diego Rivera ◽  
Mario Sanz Rodrigo
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
High Performance ◽  
Learning Algorithm ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Statistical Characteristics ◽  
Detection Techniques ◽  
Traffic Characteristics ◽  
Benchmark Datasets

Security in IoT networks is currently mandatory, due to the high amount of data that has to be handled. These systems are vulnerable to several cybersecurity attacks, which are increasing in number and sophistication. Due to this reason, new intrusion detection techniques have to be developed, being as accurate as possible for these scenarios. Intrusion detection systems based on machine learning algorithms have already shown a high performance in terms of accuracy. This research proposes the study and evaluation of several preprocessing techniques based on traffic categorization for a machine learning neural network algorithm. This research uses for its evaluation two benchmark datasets, namely UGR16 and the UNSW-NB15, and one of the most used datasets, KDD99. The preprocessing techniques were evaluated in accordance with scalar and normalization functions. All of these preprocessing models were applied through different sets of characteristics based on a categorization composed by four groups of features: basic connection features, content characteristics, statistical characteristics and finally, a group which is composed by traffic-based features and connection direction-based traffic characteristics. The objective of this research is to evaluate this categorization by using various data preprocessing techniques to obtain the most accurate model. Our proposal shows that, by applying the categorization of network traffic and several preprocessing techniques, the accuracy can be enhanced by up to 45%. The preprocessing of a specific group of characteristics allows for greater accuracy, allowing the machine learning algorithm to correctly classify these parameters related to possible attacks.

Building an Effective Approach toward Intrusion Detection Using Ensemble Feature Selection

2019 ◽  
Vol 13 (3) ◽  
pp. 31-47 ◽  
Author(s):  
Alok Kumar Shukla ◽  
Pradeep Singh
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Detection System ◽  
Classification Performance ◽  
Support Vector ◽  
Web Traffic ◽  
Data Set ◽  
Optimal Subset ◽  
Benchmark Datasets ◽  
Kdd Cup 99

The duplicate and insignificant features present in the data set to cause a long-term problem in the classification of network or web traffic. The insignificant features not only decrease the classification performance but also prevent a classifier from making accurate decisions, exclusively when substantial volumes of data are managed. In this article, the author introduced an ensemble feature selection (EFS) technique, where multiple homogeneous feature selection (FS) methods are combined to choose the optimal subset of relevant and non-redundant features. An intrusion detection system, named support vector machine-based IDS (SVM-IDS), is prompted using the feature selected by the proposed method. The SVM-IDS performance is evaluated using two benchmark datasets of intrusion detection, including KDD Cup 99 and NSL-KDD. Our proposed method provided more significant features for SVM-IDS and compared with the other state-of-the-art methods. The experimental results demonstrate that proposed method achieves a maximum accuracy as 98.95% in KDD Cup 99 data set and 98.12% in the NSL-KDD data set.

scholarly journals Intrusion Detection System in Software-Defined Networks Using Machine Learning and Deep Learning Techniques –A Comprehensive Survey

2021 ◽  
Author(s):  
Md. Rayhan Ahmed ◽  
salekul Islam ◽  
Swakkhar Shatabda ◽  
A. K. M. Muzahidul Islam ◽  
Md. Towhidul Islam Robin
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Software Defined Networks ◽  
Control Plane ◽  
Data Plane ◽  
Benchmark Datasets ◽  
Comprehensive Survey

<div>At present, the Internet is facing numerous attacks of different kinds that put its data at risk. The safety of information within the network is, therefore, a significant concern. In order to prevent the loss of incredibly valuable information, the Intrusion Detection System (IDS) was developed to recognize the outbreak of a stream of attacks and notify the network system administrator providing network security. IDS is an extrapolative model used to detect network traffic as routine or attack. Software-Defined Networks (SDN) is a revolutionary paradigm that isolates the control plane from the data plane, transforming the concept of a software-driven network. Through this data and control plane separation, SDN provides us the opportunity to create a manageable and programmable network, allowing applications in the top plane to access physical devices via the controller. The controller functioning inside the control plane executes network modules and establishes flow rules to forward packets in the switches residing in the data plane. Cyber attackers target the SDN controller to subdue the control plane, which is considered the brain of the SDN, providing a plethora of functionalities such as regulating flow control to switches or routers in the data plane below via southbound Application Programming Interfaces (APIs) and business and application logic in the application plane above via northbound APIs to implement sophisticated networks. However, the control plane becomes a tempting prospect for security attacks from adversaries because of its centralization feature. This paper includes an in-depth overview of the notable published articles from 2015 to 2021 that used Machine Learning (ML) and Deep Learning (DL) techniques to construct an IDS solution to provide security for SDN. We also present two detailed taxonomic studies regarding IDS, and ML-DL techniques based on their learning categories, exploring various IDS solutions to secure the SDN paradigm. We have also conducted brief research on a few benchmark datasets used to construct IDS in the SDN paradigm. To conclude the survey, we provide a discussion that sheds light on continuous challenges and IDS issues for SDN security.</div>

scholarly journals Intrusion Detection System in Software-Defined Networks Using Machine Learning and Deep Learning Techniques –A Comprehensive Survey

2021 ◽  
Author(s):  
Md. Rayhan Ahmed ◽  
salekul Islam ◽  
Swakkhar Shatabda ◽  
A. K. M. Muzahidul Islam ◽  
Md. Towhidul Islam Robin
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Software Defined Networks ◽  
Control Plane ◽  
Data Plane ◽  
Benchmark Datasets ◽  
Comprehensive Survey

<div>At present, the Internet is facing numerous attacks of different kinds that put its data at risk. The safety of information within the network is, therefore, a significant concern. In order to prevent the loss of incredibly valuable information, the Intrusion Detection System (IDS) was developed to recognize the outbreak of a stream of attacks and notify the network system administrator providing network security. IDS is an extrapolative model used to detect network traffic as routine or attack. Software-Defined Networks (SDN) is a revolutionary paradigm that isolates the control plane from the data plane, transforming the concept of a software-driven network. Through this data and control plane separation, SDN provides us the opportunity to create a manageable and programmable network, allowing applications in the top plane to access physical devices via the controller. The controller functioning inside the control plane executes network modules and establishes flow rules to forward packets in the switches residing in the data plane. Cyber attackers target the SDN controller to subdue the control plane, which is considered the brain of the SDN, providing a plethora of functionalities such as regulating flow control to switches or routers in the data plane below via southbound Application Programming Interfaces (APIs) and business and application logic in the application plane above via northbound APIs to implement sophisticated networks. However, the control plane becomes a tempting prospect for security attacks from adversaries because of its centralization feature. This paper includes an in-depth overview of the notable published articles from 2015 to 2021 that used Machine Learning (ML) and Deep Learning (DL) techniques to construct an IDS solution to provide security for SDN. We also present two detailed taxonomic studies regarding IDS, and ML-DL techniques based on their learning categories, exploring various IDS solutions to secure the SDN paradigm. We have also conducted brief research on a few benchmark datasets used to construct IDS in the SDN paradigm. To conclude the survey, we provide a discussion that sheds light on continuous challenges and IDS issues for SDN security.</div>

Supervised Classifier Approach for Intrusion Detection on KDD with Optimal MapReduce Framework Model in Cloud Computing

2019 ◽  
Vol 12 ◽  
Author(s):  
M. Ilayaraja ◽  
S. Hemalatha ◽  
P. Manickam ◽  
K. Sathesh Kumar ◽  
K. Shankar
Keyword(s):  
Machine Learning ◽  
Cloud Computing ◽  
Intrusion Detection ◽  
Decision Tree ◽  
Learning Strategies ◽  
Nearest Neighbor ◽  
Detection System ◽  
K Nearest Neighbor ◽  
Mapreduce Model ◽  
The Web

Cloud computing is characterized as the arrangement of assets or administrations accessible through the web to the clients on their request by cloud providers. It communicates everything as administrations over the web in view of the client request, for example operating system, organize equipment, storage, assets, and software. Nowadays, Intrusion Detection System (IDS) plays a powerful system, which deals with the influence of experts to get actions when the system is hacked under some intrusions. Most intrusion detection frameworks are created in light of machine learning strategies. Since the datasets, this utilized as a part of intrusion detection is Knowledge Discovery in Database (KDD). In this paper detect or classify the intruded data utilizing Machine Learning (ML) with the MapReduce model. The primary face considers Hadoop MapReduce model to reduce the extent of database ideal weight decided for reducer model and second stage utilizing Decision Tree (DT) classifier to detect the data. This DT classifier comprises utilizing an appropriate classifier to decide the class labels for the non-homogeneous leaf nodes. The decision tree fragment gives a coarse section profile while the leaf level classifier can give data about the qualities that influence the label inside a portion. From the proposed result accuracy for detection is 96.21% contrasted with existing classifiers, for example, Neural Network (NN), Naive Bayes (NB) and K Nearest Neighbor (KNN).

A MACHINE LEARNING BASED IOT FOR PROVIDING AN INTRUSION DETECTION SYSTEM FOR SECURITY

2021 ◽  
pp. 103741
Author(s):  
Dhanke Jyoti Atul ◽  
Dr. R. Kamalraj ◽  
Dr. G. Ramesh ◽  
K. Sakthidasan Sankaran ◽  
Sudhir Sharma ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System
Sign in / Sign up

Export Citation Format

Share Document