Network Intrusion Detection
Recently Published Documents





2021 ◽  
Ming Li ◽  
Dezhi Han ◽  
Dun Li ◽  
Han Liu ◽  
Chin- Chen Chang

Abstract Network intrusion detection, which takes the extraction and analysis of network traffic features as the main method, plays a vital role in network security protection. The current network traffic feature extraction and analysis for network intrusion detection mostly uses deep learning algorithms. Currently, deep learning requires a lot of training resources, and have weak processing capabilities for imbalanced data sets. In this paper, a deep learning model (MFVT) based on feature fusion network and Vision Transformer architecture is proposed, to which improves the processing ability of imbalanced data sets and reduces the sample data resources needed for training. Besides, to improve the traditional raw traffic features extraction methods, a new raw traffic features extraction method (CRP) is proposed, the CPR uses PCA algorithm to reduce all the processed digital traffic features to the specified dimension. On the IDS 2017 dataset and the IDS 2012 dataset, the ablation experiments show that the performance of the proposed MFVT model is significantly better than other network intrusion detection models, and the detection accuracy can reach the state-of-the-art level. And, When MFVT model is combined with CRP algorithm, the detection accuracy is further improved to 99.99%.

2022 ◽  
Vol 70 (1) ◽  
pp. 91-107
Mavra Mehmood ◽  
Talha Javed ◽  
Jamel Nebhen ◽  
Sidra Abbas ◽  
Rabia Abid ◽  

2021 ◽  
Vol 2021 ◽  
pp. 1-11
Guohong Qi ◽  
Jie Zhou ◽  
Wenxian Jia ◽  
Menghan Liu ◽  
Shengnan Zhang ◽  

With the rapid development of Internet technology, network attacks have become more frequent and complex, and intrusion detection has also played an increasingly important role in network security. Intrusion detection is real-time and proactive, and it is an indispensable technology under the diversified trend of network security issues. In terms of network security, neural networks have the characteristics of self-learning, self-adaptation, and parallel computing, which are very important in intrusion detection. This paper combines back propagation neural network (BPNN) and elite clone artificial bee colony (ECABC) to propose a new ECABC-BPNN, which updates and optimizes the settings of traditional BPNN weights and thresholds. Then, apply ECABC-BPNN to network intrusion detection. Use the attack data samples of KDD CUP 99 and water pipe for attack classification experiments using GA-BPNN, PSO-BPNN, and ECABC-BPNN. The results show that the ECABC-BPNN proposed in this paper has an accuracy rate of 98.08% on KDD 99 and 99.76% on water pipe data. ECABC-BPNN effectively improves the accuracy of network intrusion classification and reduces classification errors. In addition, the time complexity of using ECABC-BPNN to classify network attacks is relatively low. Therefore, ECABC-BPNN has superior performance in network intrusion detection and classification.

2021 ◽  
Vol 2021 ◽  
pp. 1-17
Zu-Min Wang ◽  
Ji-Yu Tian ◽  
Jing Qin ◽  
Hui Fang ◽  
Li-Ming Chen

Network intrusion detection remains one of the major challenges in cybersecurity. In recent years, many machine-learning-based methods have been designed to capture the dynamic and complex intrusion patterns to improve the performance of intrusion detection systems. However, two issues, including imbalanced training data and new unknown attacks, still hinder the development of a reliable network intrusion detection system. In this paper, we propose a novel few-shot learning-based Siamese capsule network to tackle the scarcity of abnormal network traffic training data and enhance the detection of unknown attacks. In specific, the well-designed deep learning network excels at capturing dynamic relationships across traffic features. In addition, an unsupervised subtype sampling scheme is seamlessly integrated with the Siamese network to improve the detection of network intrusion attacks under the circumstance of imbalanced training data. Experimental results have demonstrated that the metric learning framework is more suitable to extract subtle and distinctive features to identify both known and unknown attacks after the sampling scheme compared to other supervised learning methods. Compared to the state-of-the-art methods, our proposed method achieves superior performance to effectively detect both types of attacks.

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Sivaraman Eswaran ◽  
Vakula Rani ◽  
Daniel D. ◽  
Jayabrabu Ramakrishnan ◽  
Sadhana Selvakumar

Purpose In the recent era, banking infrastructure constructs various remotely handled platforms for users. However, the security risk toward the banking sector has also elevated, as it is visible from the rising number of reported attacks against these security systems. Intelligence shows that cyberattacks of the crawlers are increasing. Malicious crawlers can crawl the Web pages, crack the passwords and reap the private data of the users. Besides, intrusion detection systems in a dynamic environment provide more false positives. The purpose of this research paper is to propose an efficient methodology to sense the attacks for creating low levels of false positives. Design/methodology/approach In this research, the authors have developed an efficient approach for malicious crawler detection and correlated the security alerts. The behavioral features of the crawlers are examined for the recognition of the malicious crawlers, and a novel methodology is proposed to improvise the bank user portal security. The authors have compared various machine learning strategies including Bayesian network, support sector machine (SVM) and decision tree. Findings This proposed work stretches in various aspects. Initially, the outcomes are stated for the mixture of different kinds of log files. Then, distinct sites of various log files are selected for the construction of the acceptable data sets. Session identification, attribute extraction, session labeling and classification were held. Moreover, this approach clustered the meta-alerts into higher level meta-alerts for fusing multistages of attacks and the various types of attacks. Originality/value This methodology used incremental clustering techniques and analyzed the probability of existing topologies in SVM classifiers for more deterministic classification. It also enhanced the taxonomy for various domains.

Manuel Lopez-Martin ◽  
Antonio Sanchez-Esguevillas ◽  
Juan Ignacio Arribas ◽  
Belen Carro

2021 ◽  
Vol 11 (4) ◽  
pp. 14-40
Shyla ◽  
Vishal Bhatnagar

The increased requirement of data science in recent times has given rise to the concept of data security, which has become a major issue; thus, the amalgamation of data science methodology with intrusion detection systems as a field of research has acquired a lot of prominence. The level of access to the information system and its visibility to user pursuit was required to operate securely. Intrusion detection has been gaining popularity in the area of data science to incorporate the overall information security infrastructure, where regular operations depend upon shared use of information. The problems are to build an intrusion detection system efficient enough for detecting attacks and to reduce the false positives with a high detection rate. In this paper, the authors analyse various techniques of intrusion detection combined with data science, which will help in understanding the best fit technique under different circumstances.

Sign in / Sign up

Export Citation Format

Share Document