scholarly journals Acquaintance Management Algorithm Based on the Multi-Class Risk-Cost Analysis for Collaborative Intrusion Detection Network

2021 ◽  
Vol 53 (6) ◽  
pp. 210610
Author(s):  
Yudha Purwanto ◽  
Kuspriyanto Kuspriyanto ◽  
Hendrawan Hendrawan ◽  
Budi Rahardjo
Keyword(s):  
Intrusion Detection ◽  
Cost Analysis ◽  
Processing Time ◽  
Denial Of Service ◽  
Decision Accuracy ◽  
Detection Systems ◽  
Management Algorithm ◽  
Merge Sort ◽  
Collaborative Intrusion Detection ◽  
Risk Cost

The collaborative intrusion detection network (CIDN) framework provides collaboration capability among intrusion detection systems (IDS). Collaboration selection is done by an acquaintance management algorithm. A recent study developed an effective acquaintance management algorithm by the use of binary risk analysis and greedy-selection-sort based methods. However, most algorithms do not pay attention to the possibility of wrong responses in multi-botnet attacks. The greedy-based acquaintance management algorithm also leads to a poor acquaintance selection processing time when there is a high number of IDS candidates. The growing number of advanced distributed denial of service (DDoS) attacks make acquaintance management potentially end up with an unreliable CIDN acquaintance list, resulting in low decision accuracy. This paper proposes an acquaintance management algorithm based on multi-class risk-cost analysis and merge-sort selection methods. The algorithm implements merge risk-ordered selection to reduce computation complexity. The simulation result showed the reliability of CIDN in reducing the acquaintance selection processing time decreased and increasing the decision accuracy.

scholarly journals Recent Advancements in Intrusion Detection Systems for the Internet of Things

2019 ◽  
Vol 2019 ◽  
pp. 1-19 ◽  
Author(s):  
Zeeshan Ali Khan ◽  
Peter Herrmann
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Ad Hoc ◽  
Denial Of Service ◽  
Research Work ◽  
Intrusion Detection Systems ◽  
Future Research ◽  
Detection Systems ◽  
Iot Applications ◽  
Iot Devices

Many Internet of Things (IoT) systems run on tiny connected devices that have to deal with severe processor and energy restrictions. Often, the limited processing resources do not allow the use of standard security mechanisms on the nodes, making IoT applications quite vulnerable to different types of attacks. This holds particularly for intrusion detection systems (IDS) that are usually too resource-heavy to be handled by small IoT devices. Thus, many IoT systems are not sufficiently protected against typical network attacks like Denial-of-Service (DoS) and routing attacks. On the other side, IDSs have already been successfully used in adjacent network types like Mobile Ad hoc Networks (MANET), Wireless Sensor Networks (WSN), and Cyber-Physical Systems (CPS) which, in part, face limitations similar to those of IoT applications. Moreover, there is research work ongoing that promises IDSs that may better fit to the limitations of IoT devices. In this article, we will give an overview about IDSs suited for IoT networks. Besides looking on approaches developed particularly for IoT, we introduce also work for the three similar network types mentioned above and discuss if they are also suitable for IoT systems. In addition, we present some suggestions for future research work that could be useful to make IoT networks more secure.

scholarly journals CNN-Based Network Intrusion Detection against Denial-of-Service Attacks

Electronics ◽  
2020 ◽  
Vol 9 (6) ◽  
pp. 916 ◽  
Author(s):  
Jiyeon Kim ◽  
Jiwon Kim ◽  
Hyunjung Kim ◽  
Minsun Shim ◽  
Eunjung Choi
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Denial Of Service ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
National Defense ◽  
Dos Attacks ◽  
Detection Systems ◽  
Network Intrusion

As cyberattacks become more intelligent, it is challenging to detect advanced attacks in a variety of fields including industry, national defense, and healthcare. Traditional intrusion detection systems are no longer enough to detect these advanced attacks with unexpected patterns. Attackers bypass known signatures and pretend to be normal users. Deep learning is an alternative to solving these issues. Deep Learning (DL)-based intrusion detection does not require a lot of attack signatures or the list of normal behaviors to generate detection rules. DL defines intrusion features by itself through training empirical data. We develop a DL-based intrusion model especially focusing on denial of service (DoS) attacks. For the intrusion dataset, we use KDD CUP 1999 dataset (KDD), the most widely used dataset for the evaluation of intrusion detection systems (IDS). KDD consists of four types of attack categories, such as DoS, user to root (U2R), remote to local (R2L), and probing. Numerous KDD studies have been employing machine learning and classifying the dataset into the four categories or into two categories such as attack and benign. Rather than focusing on the broad categories, we focus on various attacks belonging to same category. Unlike other categories of KDD, the DoS category has enough samples for training each attack. In addition to KDD, we use CSE-CIC-IDS2018 which is the most up-to-date IDS dataset. CSE-CIC-IDS2018 consists of more advanced DoS attacks than that of KDD. In this work, we focus on the DoS category of both datasets and develop a DL model for DoS detection. We develop our model based on a Convolutional Neural Network (CNN) and evaluate its performance through comparison with an Recurrent Neural Network (RNN). Furthermore, we suggest the optimal CNN design for the better performance through numerous experiments.

scholarly journals The Use of Ensemble Models for Multiple Class and Binary Class Classification for Improving Intrusion Detection Systems

Sensors ◽  
2020 ◽  
Vol 20 (9) ◽  
pp. 2559 ◽  
Author(s):  
Celestine Iwendi ◽  
Suleman Khan ◽  
Joseph Henry Anajemba ◽  
Mohit Mittal ◽  
Mamdouh Alenezi ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
False Alarm ◽  
False Alarm Rate ◽  
Detection Rate ◽  
Detection System ◽  
Denial Of Service ◽  
Intrusion Detection Systems ◽  
Ensemble Models ◽  
Detection Systems

The pursuit to spot abnormal behaviors in and out of a network system is what led to a system known as intrusion detection systems for soft computing besides many researchers have applied machine learning around this area. Obviously, a single classifier alone in the classifications seems impossible to control network intruders. This limitation is what led us to perform dimensionality reduction by means of correlation-based feature selection approach (CFS approach) in addition to a refined ensemble model. The paper aims to improve the Intrusion Detection System (IDS) by proposing a CFS + Ensemble Classifiers (Bagging and Adaboost) which has high accuracy, high packet detection rate, and low false alarm rate. Machine Learning Ensemble Models with base classifiers (J48, Random Forest, and Reptree) were built. Binary classification, as well as Multiclass classification for KDD99 and NSLKDD datasets, was done while all the attacks were named as an anomaly and normal traffic. Class labels consisted of five major attacks, namely Denial of Service (DoS), Probe, User-to-Root (U2R), Root to Local attacks (R2L), and Normal class attacks. Results from the experiment showed that our proposed model produces 0 false alarm rate (FAR) and 99.90% detection rate (DR) for the KDD99 dataset, and 0.5% FAR and 98.60% DR for NSLKDD dataset when working with 6 and 13 selected features.

scholarly journals Classification of Intrusion using Artificial Neural Network with GWO

2020 ◽  
Vol 9 (4) ◽  
pp. 599-606
Keyword(s):  
Neural Network ◽  
Artificial Neural Network ◽  
Intrusion Detection ◽  
Detection System ◽  
Denial Of Service ◽  
Data Set ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems ◽  
Artificial Neural

In the present milieu of connected world, where security is the major concern, Intrusion Detection System is the prominent area of research to deal with various types of attacks in network. Intrusion detection systems (IDS) finds the dynamic and malicious traffic of network, in accordance to the aspect of network. Various form of IDS has been developed working on distinctive approaches. One popular approach is machine learning in which various algorithms like ANN, SVM etc. have been used. But the most prominent method used is ANN. The performance of the ANN can significantly be improved by combining it with different metaheuristic algorithms. In present work, GWO is used to optimize ANN. For this KDD-99 data-set is used to classify various types of attacks i.e. denial of service (DOS), normal and other form of attack. The present paper provides detailed analysis of the performance of Artificial Neural Network and optimized Artificial Neural Network with GA, PSO and GWO. The research shows that ANN with GWO outperform as compared to others (ANN, ANN with PSO and ANN with GA).

Sign in / Sign up

Export Citation Format

Share Document