Journal articles on the topic 'Intrusion Detection System'
To see the other types of publications on this topic, follow the link: Intrusion Detection System.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Intrusion Detection System.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Zhao, Xuemin. "Application of Data Mining Technology in Software Intrusion Detection and Information Processing." Wireless Communications and Mobile Computing 2022 (June 9, 2022): 1–8. http://dx.doi.org/10.1155/2022/3829160.
Full textAbstract:
In order to improve the efficiency of the software intrusion detection system, the author proposes an application based on data mining technology in software intrusion detection and information processing. Apply data mining technology to software intrusion detection; first, analyze and research software intrusion detection technology and data mining technology, including the basic concepts of software intrusion detection, the realization technology of software intrusion detection, the classification of software intrusion detection systems, and the typical software intrusion detection system situation. By detecting and analyzing known intrusion data and using association rules, constructing the inspection system rule base enables the system to learn independently and improve itself and has good scalability, while improving the degree of automation and complete intrusion detection. Experimental results show that under the same test sample, the accuracy of the detection system model designed in this paper is 95.67%, higher than the other three detection systems, and the false alarm rate is lower than other systems, which has certain advantages. It is proved that the system in this paper can help improve the accuracy of software intrusion detection, significantly reduce the false alarm rate and false alarm rate of software intrusion detection, and provide reference for the optimization and improvement of software intrusion detection system and information processing. The system has a certain degree of self-adaptation, which can effectively detect external intrusions.
2
Simavoryan, Simon Zhorzhevich, Arsen Rafikovich Simonyan, Georgii Aleksandrovich Popov, and Elena Ivanovna Ulitina. "The procedure of intrusions detection in information security systems based on the use of neural networks." Программные системы и вычислительные методы, no. 3 (March 2020): 1–9. http://dx.doi.org/10.7256/2454-0714.2020.3.33734.
Full textAbstract:
The subject of the research is the problem of identifying and countering intrusions (attacks) in information security systems (ISS) based on the system-conceptual approach, developed within the framework of the RFBR funded project No. 19-01-00383. The object of the research is neural networks and information security systems (ISS) of automated data processing systems (ADPS). The authors proceed from the basic conceptual requirements for intrusion detection systems - adaptability, learnability and manageability. The developed intrusion detection procedure considers both internal and external threats. It consists of two subsystems: a subsystem for detecting possible intrusions, which includes subsystems for predicting, controlling and managing access, analyzing and detecting the recurrence of intrusions, as well as a subsystem for countering intrusions, which includes subsystems for blocking / destroying protected resources, assessing losses associated with intrusions, and eliminating the consequences of the invasion. Methodological studies on the development of intrusion detection procedures are carried out using artificial intelligence methods, system analysis, and the theory of neural systems in the field of information security. Research in this work is carried out on the basis of the achievements of the system-conceptual approach to information security in ADPS.The main result obtained in this work is a block diagram (algorithm) of an adaptive intrusion detection procedure, which contains protection means and mechanisms, built by analogy with neural systems used in security systems.The developed general structure of the intrusion detection and counteraction system allows systematically interconnecting the subsystems for detecting possible intrusions and counteracting intrusions at the conceptual level.
3
Veselý, A., and D. Brechlerová. "Neural networks in intrusion detection systems." Agricultural Economics (Zemědělská ekonomika) 50, No. 1 (February 24, 2012): 35–40. http://dx.doi.org/10.17221/5164-agricecon.
Full textAbstract:
Security of an information system is its very important property, especially today, when computers are interconnected via internet. Because no system can be absolutely secure, the timely and accurate detection of intrusions is necessary. For this purpose, Intrusion Detection Systems (IDS) were designed. There are two basic models of IDS: misuse IDS and anomaly IDS. Misuse systems detect intrusions by looking for activity that corresponds to the known signatures of intrusions or vulnerabilities. Anomaly systems detect intrusions by searching for an abnormal system activity. Most IDS commercial tools are misuse systems with rule-based expert system structure. However, these techniques are less successful when attack characteristics vary from built-in signatures. Artificial neural networks offer the potential to resolve these problems. As far as anomaly systems are concerned, it is very difficult to build them, because it is difficult to define the normal and abnormal behaviour of a system. Also for building anomaly system, neural networks can be used, because they can learn to discriminate the normal and abnormal behaviour of a system from examples. Therefore, they offer a promising technique for building anomaly systems. This paper presents an overview of the applicability of neural networks in building intrusion systems and discusses advantages and drawbacks of neural network technology.
4
Solomon, Irin Anna, Aman Jatain, and Shalini Bhaskar Bajaj. "Intrusion Detection System Using Deep Learning." Asian Journal of Computer Science and Technology 8, no. 2 (May 5, 2019): 105–10. http://dx.doi.org/10.51983/ajcst-2019.8.2.2132.
Full textAbstract:
Intrusion detection system (IDS) plays a very critical part in identifying threats and monitoring malicious activities in networking system. The system administrators can use IDS to detect unauthorized access by intruders in different organizations. It has become an inevitable element to the security administration of every organization. IDSs can be generally categorized into two categories. The first group focuses on patterns/signatures of network packets/traffic and they identify network intrusions using rule-based matching. The second group uses machine learning (ML) based approaches such as supervised and/or semi-supervised learning and train IDS models on a collection of labeled and/or unlabeled network data. This method has obtained better detection compared to the previous method. This project paper’s scope involves implementing an intrusion detection system using deep learning technology for efficient detection of intrusion and intrusive activities that can cause disruption in the networking system. We use a Feed-forward Neural Network, a deep learning based technique, on KDD99 CUP – a commonly used dataset for network intrusion. In this paper the performance of the proposed system is compared with the existing previous work.
5
Priyavengatesh, A. "A Predictive Model Using Deep Learning Neural Network for Efficient Intrusion Detection." International Journal for Research in Applied Science and Engineering Technology 11, no. 10 (October 31, 2023): 577–85. http://dx.doi.org/10.22214/ijraset.2023.56020.
Full textAbstract:
Abstract: Network intrusion detection system helps to detect exploitations and mitigate damages. A network intrusion detection system detects the network traffic that deviates from the normal behavioral pattern. Developing an efficient intrusion detection system has many challenges and the patterns associated with one type of intrusion differ from other intrusions. In such situations, understanding different patterns and differentiating intrusions becomes essential to detect anomalies and attacks in the network. Deep learning models offer more power and intelligence to the detection system and extend the ability to differentiate & understand the network feature characteristics, also machine learning models with feature selection showed high performance in intrusion detections. This paper evaluates the proposed deep learning neural network model and machine learning models using feature selection for efficient intrusion detection using real world dataset.
6
Muhammad Arslan Tariq, Muhammad Arslan Tariq. "Anomaly based Intrusion Detection System." International Journal for Electronic Crime Investigation 3, no. 3 (September 6, 2019): 7. http://dx.doi.org/10.54692/ijeci.2020.030341.
Full textAbstract:
In the digital World full of hackers and scammers, data security is what everyone needs the most. Hackers and scammers invent new ways of stealing information on daily basis. A method to come up with more precise system is Intrusion Detection system. IDS is todays need because, it helps the individuals to keep up their confidentiality and integrity. Intrusions, that disturbs the security and secrecy of the system, has become major concern for many organizations. The logic and ways Intrusion Detection System uses are related to these days. Through cloud computing, Intrusion Detection System has creäted a world where it can flourish and be most operative. By means of cloud computing, the fundament has engrossed with the Intrusion Detection technology.
7
Muhammad Arslan Tariq, Muhammad Arslan Tariq. "Anomaly based Intrusion Detection System." International Journal for Electronic Crime Investigation 3, no. 3 (September 6, 2019): 7. http://dx.doi.org/10.54692/ijeci.2020.030336.
Full textAbstract:
In the digital World full of hackers and scammers, data security is what everyone needs the most. Hackers and scammers invent new ways of stealing information on daily basis. A method to come up with more precise system is Intrusion Detection system. IDS is todays need because, it helps the individuals to keep up their confidentiality and integrity. Intrusions, that disturbs the security and secrecy of the system, has become major concern for many organizations. The logic and ways Intrusion Detection System uses are related to these days. Through cloud computing, Intrusion Detection System has creäted a world where it can flourish and be most operative. By means of cloud computing, the fundament has engrossed with the Intrusion Detection technology.
8
Muhammad Arslan Tariq, Muhammad Arslan Tariq. "Anomaly based Intrusion Detection System." International Journal for Electronic Crime Investigation 3, no. 3 (September 6, 2019): 7. http://dx.doi.org/10.54692/ijeci.2019.030341.
Full textAbstract:
In the digital World full of hackers and scammers, data security is what everyone needs the most. Hackers and scammers invent new ways of stealing information on daily basis. A method to come up with more precise system is Intrusion Detection system. IDS is todays need because, it helps the individuals to keep up their confidentiality and integrity. Intrusions, that disturbs the security and secrecy of the system, has become major concern for many organizations. The logic and ways Intrusion Detection System uses are related to these days. Through cloud computing, Intrusion Detection System has creäted a world where it can flourish and be most operative. By means of cloud computing, the fundament has engrossed with the Intrusion Detection technology.
9
Muhammad Arslan Tariq, Muhammad Arslan Tariq. "Anomaly based Intrusion Detection System." International Journal for Electronic Crime Investigation 3, no. 3 (September 6, 2019): 7. http://dx.doi.org/10.54692/ijeci.2019.030336.
Full textAbstract:
In the digital World full of hackers and scammers, data security is what everyone needs the most. Hackers and scammers invent new ways of stealing information on daily basis. A method to come up with more precise system is Intrusion Detection system. IDS is todays need because, it helps the individuals to keep up their confidentiality and integrity. Intrusions, that disturbs the security and secrecy of the system, has become major concern for many organizations. The logic and ways Intrusion Detection System uses are related to these days. Through cloud computing, Intrusion Detection System has creäted a world where it can flourish and be most operative. By means of cloud computing, the fundament has engrossed with the Intrusion Detection technology.
10
Battini Sujatha, Et al. "An Efficient Fuzzy Based Multi Level Clustering Model Using Artificial Bee Colony For Intrusion Detection." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 11 (November 30, 2023): 264–73. http://dx.doi.org/10.17762/ijritcc.v11i11.9390.
Full textAbstract:
Network security is becoming increasingly important as computer technology advances. One of the most important components in maintaining a secure network is an Intrusion Detection System (IDS). An IDS is a collection of tools used to detect and report network anomalies. Threats to computer networks are increasing at an alarming rate. As a result, it is critical to create and maintain a safe computing environment. For network security, researchers employ a range of technologies, including anomaly-based intrusion detection systems (AIDS). These anomaly-based detections face a major challenge in the classification of data. Optimization algorithms that mimic the foraging behavior of bees in nature, such as the artificial bee colony algorithm, is a highly successful tool. A computer network's intrusion detection system (IDS) is an essential tool for keeping tabs on the activities taking place in the network. Artificial Bee Colony (ABC) algorithm is used in this research for effective intrusion detection. More and more intrusion detection systems are needed to keep up with the increasing number of attacks and the increase in Internet bandwidth. Detecting developing threats with high accuracy at line rates is the prerequisite for a good intrusion detection system. As traffic grows, current systems will be overwhelmed by the sheer volume of false positives and negatives they generate. In order to detect intrusions based on anomalies, this research employs an Efficient Fuzzy based Multi Level Clustering Model using Artificial Bee Colony (EFMLC-ABC). A semi-supervised intrusion detection method based on an artificial bee colony algorithm is proposed in this paper to optimize cluster centers and identify the best clustering options. In order to assess the effectiveness of the proposed method, various subsets of the KDD Cup 99 database were subjected to experimental testing. Analyses have shown that the proposed algorithm is suitable and efficient for intrusion detection system.
11
Jatti, Ashwini V., and V. J. K. Kishor Sonti. "Intrusion Detection Systems: A Review." Restaurant Business 118, no. 6 (June 3, 2019): 60–79. http://dx.doi.org/10.26643/rb.v118i6.7239.
Full textAbstract:
Intrusion Detection System is competent to detect the intrusions and alerting the administrator of system about the signs of possible intrusions. This paper presents a detailed review of the intrusion detection techniques used in WSNs. More specifically, the existing methods for blackhole and sinkhole attacks detection are reviewed. However, it is noted that most intrusion detection schemes proposed in the literature are either inefficient or have low detection rates/high false positive rates. This survey also highlights the research gap in this domain and provides better scope for the advanced work.
12
Jatti, Ashwini V., and V. J. K. Kishor Sonti. "Intrusion Detection Systems: A Review." Restaurant Business 118, no. 7 (July 28, 2019): 50–58. http://dx.doi.org/10.26643/rb.v118i7.7246.
Full textAbstract:
Intrusion Detection System is competent to detect the intrusions and alerting the administrator of system about the signs of possible intrusions. This paper presents a detailed review of the intrusion detection techniques used in WSNs. More specifically, the existing methods for blackhole and sinkhole attacks detection are reviewed. However, it is noted that most intrusion detection schemes proposed in the literature are either inefficient or have low detection rates/high false positive rates. This survey also highlights the research gap in this domain and provides better scope for the advanced work.
13
Singh Tomar, Apoorv, and Brijesh Kumar Chaurasia. "Intrusion Detection System and Its Attacks Detection: Comparative." International Journal of Advanced Research in Computer Science and Software Engineering 7, no. 1 (January 30, 2017): 1–6. http://dx.doi.org/10.23956/ijarcsse/v7i1/0147.
Full text
14
Ali, Rashid, and Supriya Kamthania. "A Comparative Study of Different Relevant Features Hybrid Neural Networks Based Intrusion Detection Systems." Advanced Materials Research 403-408 (November 2011): 4703–10. http://dx.doi.org/10.4028/www.scientific.net/amr.403-408.4703.
Full textAbstract:
Intrusion detection is the task of detecting, preventing and possibly reacting to the attacks and intrusions in a network based computer system. The neural network algorithms are popular for their ability to ’learn’ the so called patterns in a given environment. This feature can be used for intrusion detection, where the neural network can be trained to detect intrusions by recognizing patterns of an intrusion. In this work, we propose and compare the three different Relevant Features Hybrid Neural Networks based intrusion detection systems, where in, we first recognize the most relevant features for a connection record from a benchmark dataset and use these features in training the hybrid neural networks for intrusion detection. Performance of these three systems are evaluated on a well structured KDD CUP 99 dataset using a number of evaluation parameters such as classification rate, false positive rate, false negative rate etc.
15
Lafta, Hameed. "Network Intrusion Detection Using Optimal Perception with Cuckoo Algorithm." Wasit Journal for Pure sciences 3, no. 1 (March 30, 2024): 95–105. http://dx.doi.org/10.31185/wjps.326.
Full textAbstract:
ABSTRACT To safeguard computer networks from intruders, intrusion detection systems have been created. These systems operate in conjunction with firewalls and other security measures to guarantee the safety and efficiency of the computer system. An intrusion detection system is a tool designed to detect and pinpoint attacks and vulnerabilities within a network or computer system. It subsequently notifies the system administrator of them. The primary challenge with intrusion detection systems is enhancing their speed and precision in detecting intruders. This article explores a novel technique for identifying attempts to infiltrate computer systems. The system utilizes a hybrid approach involving the cuckoo algorithm and perceptron neural network. This novel approach can detect intrusion data more accurately than previous methods and enhance the detection rate by over 1%. The system utilizes the cuckoo method to choose a subset of characteristics, which are then analyzed based on the frequency of various attribute types in intrusive and normal data using an optimum perceptron. The system has been evaluated and the implementation has yielded a detection accuracy of 89.8%, representing a substantial enhancement compared to earlier approaches.
16
Kaur, Harpreet. "NETWORK INTRUSION DETECTION AND PREVENTION ATTACKS." INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 2, no. 3 (June 30, 2012): 21–23. http://dx.doi.org/10.24297/ijct.v2i3a.2669.
Full textAbstract:
Intrusion detection is an important technology in business sector as well as an active area of research. It is an important tool for information security. A Network Intrusion Detection System is used to monitor networks for attacks or intrusions and report these intrusions to the administrator in order to take evasive action. Today computers are part of networked; distributed systems that may span multiple buildings sometimes located thousands of miles apart. The network of such a system is a pathway for communication between the computers in the distributed system. The network is also a pathway for intrusion. This system is designed to detect and combat some common attacks on network systems. It follows the signature based IDs methodology for ascertaining attacks. A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. In this system the attack log displays the list of attacks to the administrator for evasive action. This system works as an alert device in the event of attacks directed towards an entire network.
17
Sreenivasa Reddy, G., and G. Shyama Chandra Prasad. "INTRUSION DETECTION SYSTEM USING CLUSTERING ALGORITHMS OF NEURAL NETWORKS." International Journal of Advanced Research 11, no. 11 (November 30, 2023): 607–14. http://dx.doi.org/10.21474/ijar01/17861.
Full textAbstract:
This research paper explores the application of clustering algorithms in neural networks for enhancing Intrusion Detection Systems (IDS). Intrusion Detection Systems are critical in safeguarding information systems from unauthorized access, misuse, or damage. The dynamic nature of cyber threats necessitates advanced approaches for detection and prevention. Neural networks, with their ability to learn and adapt, offer significant potential in identifying and classifying network intrusions. This paper reviews various neural network architectures and clustering algorithms, their integration in IDS, and evaluates their effectiveness in detecting known and unknown threats.
18
Kamble, Arvind, and Virendra S. Malemath. "Adam Improved Rider Optimization-Based Deep Recurrent Neural Network for the Intrusion Detection in Cyber Physical Systems." International Journal of Swarm Intelligence Research 13, no. 3 (July 1, 2022): 1–22. http://dx.doi.org/10.4018/ijsir.304402.
Full textAbstract:
This paper designed the intrusion detection systems for determining the intrusions. Here, Adam Improved rider optimization approach (Adam IROA) is newly developed for detecting the intrusion in intrusion detection. Accordingly, the training of DeepRNN is done by proposed Adam IROA, which is designed by combining the Adam optimization algorithm with IROA. Thus, the newly developed Adam IROA is applied for intrusion detection. Overall, two phases are included in the proposed intrusion detection system, which involves feature selection and classification. Here, the features selection is done using proposed WWIROA to select significant features from the input data. The proposed WWIROA is developed by combining WWO and IROA. The obtained features are fed to the classification module for discovering the intrusions present in the network. Here, the classification is progressed using Adam IROA-based DeepRNN. The proposed Adam IROA-based DeepRNN achieves maximal accuracy of 0.937, maximal sensitivity of 0.952, and maximal specificity of 0.908 based on SCADA dataset.
19
Deshpande, Apoorva. "A Review on Intrusion Detection System using Artificial Intelligence Approach." SMART MOVES JOURNAL IJOSCIENCE 4, no. 8 (August 5, 2018): 6. http://dx.doi.org/10.24113/ijoscience.v4i8.153.
Full textAbstract:
Today, intrusion detection system using the neural network is an interested and considerable area for the research community. The computational intelligence systems are defined on the basis of the following parameters: fault tolerance and adaptation; adaptable the requirements of make a better intrusion detection model. In this paper, provide an overview of the research progress using computational intelligence to the problem of intrusion detection. The goal of this paper summarized and compared research contributions of Intrusion detection system using computational intelligence and neural network, define existing research challenges and anticipated solution of machine learning. Research showed that application of machine learning techniques in intrusion detection could achieve high detection rate. Machine learning and classification algorithms help to design "Intrusion Detection Models" which can classify the network traffic into intrusive or normal traffic. This paper discusses some commonly used machine learning techniques in Intrusion Detection System and also reviews some of the existing machine learning IDS proposed by researchers at different times.
20
Priya, Ms Siva. "Intrusion Detection System Using Probabilistic Adaptive Learning." International Journal for Research in Applied Science and Engineering Technology 12, no. 5 (May 31, 2024): 1222–25. http://dx.doi.org/10.22214/ijraset.2024.61565.
Full textAbstract:
Abstract: Machine learning and deep learning techniques are widely used to evaluate intrusion detection systems (IDS) capable of rapidly and automatically recognizing and classifying cyber-attacks on networks and hosts. However, when destructive attacks are becoming more extensive, more challenges develop, needing a comprehensive response. Numerous intrusion detection datasets are publicly accessible for further analysis by the cybersecurity research community. The Intrusion Detection System (IDS) is an effective tool utilized in cybersecurity systems to detect and identify intrusion attacks. With the increasing volume of data generation, the possibility of various forms of intrusion attacks also increases. Feature selection is crucial and often necessary enhance performance. The structure of the dataset can impact the efficiency of the machine learning model. Furthermore, data imbalance can pose a problem, but sampling approaches can help mitigate it. With technological advancements, machine learning-based methods have emerged as the cornerstone of modern intrusion detection, enabling more precise identification of abnormal behaviors and potential intrusions by learning the patterns of normal network traffic. In response to these challenges, this paper introduces an innovative intrusion detection model that amalgamates the Probabilistic Adaptiv eLearning Network architecture.
21
Li, You Guo. "Analysis of the Snort Building Code Based on IDS." Applied Mechanics and Materials 543-547 (March 2014): 2965–68. http://dx.doi.org/10.4028/www.scientific.net/amm.543-547.2965.
Full textAbstract:
Intrusion Detection system (IDS) is a important element of Defense in Depth,which is able to capture all data in the LAN and analyse them for finding intrusional behavior. This paper presents conception of intrusion detection system.Snort that is a network based intrusion detection tool is analyzed,from the aspect of system structure and collectivity flow.Finally,snort base intrusion detection system is constructed and validated by our experiment.The result proves that the intrusional behavior isdetected effectively by using the system.
22
Maseno, Elijah M., Zenghui Wang, and Hongyan Xing. "A Systematic Review on Hybrid Intrusion Detection System." Security and Communication Networks 2022 (May 10, 2022): 1–23. http://dx.doi.org/10.1155/2022/9663052.
Full textAbstract:
As computer networks keep growing at a high rate, achieving confidentiality, integrity, and availability of the information system is essential. Intrusion detection systems (IDSs) have been widely used to monitor and secure networks. The two major limitations facing existing intrusion detection systems are high rates of false-positive alerts and low detection rates on zero-day attacks. To overcome these problems, we need intrusion detection techniques that can learn and effectively detect intrusions. Hybrid methods based on machine learning techniques have been proposed by different researchers. These methods take advantage of the single detection methods and leverage their weakness. Therefore, this paper reviews 111 related studies in the period between 2012 and 2022 focusing on hybrid detection systems. The review points out the existing gaps in the development of hybrid intrusion detection systems and the need for further research in this area.
23
Mao, Yi Min, Xiao Fang Xue, and Jin Qing Chen. "An Intrusion Detection Model Based on Mining Maximal Frequent Itemsets over Data Streams." Applied Mechanics and Materials 339 (July 2013): 341–48. http://dx.doi.org/10.4028/www.scientific.net/amm.339.341.
Full textAbstract:
Ming association rules have been proved as an important method to detect intrusions. To improve response speed and detecting precision in the current intrusion detection system, this papers proposes an intrusion detection system model of MMFIID-DS. Firstly, to improve response speed of the system by greatly reducing search space, various pruning strategies are proposed to mine the maximal frequent itemsets on trained normal data set, abnormal data set and current data streams to establish normal and abnormal behavior pattern as well as user behavior pattern of the system. Besides, to improve detection precision of the system, misuse detection and anomaly detection techniques are combined. Both theoretical and experimental results indicate that the MMFIID-DS intrusion detection system is fairly sound in performance.
24
Yu, Jie, Guo Xiang Yao, and Wei Wei Zhang. "Intrusion Detection Method Based on Frequent Pattern." Advanced Materials Research 204-210 (February 2011): 1751–54. http://dx.doi.org/10.4028/www.scientific.net/amr.204-210.1751.
Full textAbstract:
As the surging development of the information technology, Intrusion Detection System has been devised for the safety of computer network. This paper focuses on the method of frequent pattern based intrusion detection. A new formula measuring the normal degree of a transaction is presented. We propose a new algorithm to calculate each transaction’s normal degree as well as detect intrusions. Experiment results show that the proposed algorithm is competent in detecting intrusions with high detection rate and relatively low false positive rate.
25
Li, Yimin, Dezhi Han, Mingming Cui, Fan Yuan, and Yachao Zhou. "RESNETCNN: An abnormal network traffic flows detection model." Computer Science and Information Systems, no. 00 (2023): 4. http://dx.doi.org/10.2298/csis221124004l.
Full textAbstract:
Intrusion detection is an important means to protect system security by detecting intrusions or intrusion attempts on the system through operational behaviors, security logs, and data audit. However, existing intrusion detection systems suffer from incomplete data feature extraction and low classification accuracy, which affects the intrusion detection effect. To this end, this paper proposes an intrusion detection model that fuses residual network(RESNET) and parallel cross-convolutional neural network, called RESNETCCN. RESNETCNN can efficiently learn various data stream features through the fusion of deep learning and convolutional neural network (CNN), which improves the detection accuracy of abnormal data streams in unbalanced data streams, moreover, the oversampling method into the data preprocessing, to extract multiple types of unbalanced data stream features at the same time, effectively solving the problems of incomplete data feature extraction and low classification accuracy of unbalanced data streams. Finally, three improved versions of RESNETCNN networks are designed to meet the requirements of different traffic data processing, and the highest detection accuracy reaches 99.98% on the CICIDS 2017 dataset and 99.90% on the ISCXIDS 2012 dataset.
26
Singh, Amit, Jay Prakash, Gaurav Kumar, Praphula Kumar Jain, and Loknath Sai Ambati. "Intrusion Detection System." Journal of Database Management 35, no. 1 (February 14, 2024): 1–25. http://dx.doi.org/10.4018/jdm.338276.
Full textAbstract:
The use of encrypted data, the diversity of new protocols, and the surge in the number of malicious activities worldwide have posed new challenges for intrusion detection systems (IDS). In this scenario, existing signature-based IDS are not performing well. Various researchers have proposed machine learning-based IDS to detect unknown malicious activities based on behaviour patterns. Results have shown that machine learning-based IDS perform better than signature-based IDS (SIDS) in identifying new malicious activities in the communication network. In this paper, the authors have analyzed the IDS dataset that contains the most current common attacks and evaluated the performance of network intrusion detection systems by adopting two data resampling techniques and 10 machine learning classifiers. It has been observed that the top three IDS models—KNeighbors, XGBoost, and AdaBoost—outperform binary-class classification with 99.49%, 99.14%, and 98.75% accuracy, and XGBoost, KNneighbors, and GaussianNB outperform in multi-class classification with 99.30%, 98.88%, and 96.66% accuracy.
27
A P, Niharika. "Deep Learning Approach for Intrusion Detection System." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 05 (May 22, 2024): 1–5. http://dx.doi.org/10.55041/ijsrem33646.
Full textAbstract:
The rapid growth of the Internet and communications has resulted in a huge increase in transmitted data. These data are coveted by attackers and they continuously create novel attacks to steal or corrupt these data. The growth of these attacks is an issue for the security of our systems and represents one of the biggest challenges for intrusion detection. An intrusion detection system (IDS) is tool that helps to detect intrusions by inspecting the network traffic. A system called an intrusion detection system (IDS) observes network traffic for malicious transactions and sends immediate alerts when it is observed. It is software that checks a network or system for malicious activities or policy violations. Each illegal activity or violation is often recorded and notified to an administrator. IDS monitors a network or system for malicious activity and protects a computer network from unauthorized access from users, including perhaps insiders. The intrusion detector learning task is to build a predictive model capable of distinguishing between ‘malicious connections’ and ‘genuine connections’. Keywords: Cyber security, intrusion detection, malware, machine learning, deep learning, deep neural networks, CNN,
28
Hasan, Mokhtar Mohammed, and Noor Adnan Ibraheem. "APPLYING ADAPTIVE FUZZY NEURAL ALGORITHM FOR INTRUSION DETECTION." Journal of Engineering 16, no. 01 (April 1, 2010): 4488–509. http://dx.doi.org/10.31026/j.eng.2010.01.08.
Full textAbstract:
Many Network applications used as remote login have some ways for detecting the intruders which are classical ways applied by comparison of operations between login user interface and system stored information. The proposed system tried to detect the intrusions happened by the network intruders using new technique called Adaptive Fuzzy Neural Network which have the ability to detect the intrusions at the same time even if the number of users is large. The proposed system consists of two stages, the first stage is for monitoring all events that happen and analyzing them, and the second stage is to detect intrusions. The detection operation combines anomaly intrusion detection and misuse intrusion detection using the Adaptive Fuzzy Neural Network system, which is a suggested method in our paper used to learn the normal network traffic and detect the abnormal traffic.
29
Fegade, Saurabh, Amey Bhadkamka, Kamlesh Karekar, Jaikishan Jeshnani, and Vinayak Kachare. "Network Intrusion Detection System Using C4.5 Algorithm." Journal of Communications Technology, Electronics and Computer Science 10 (March 1, 2017): 15. http://dx.doi.org/10.22385/jctecs.v10i0.139.
Full textAbstract:
There is a great concern about the security of computer these days. The number of attacks has increased in a great number in the last few years, intrusion detection is the main source of information assurance. While firewalls can provide some protection, they fail to provide protection fully and they even need to be complemented with an intrusion detection system (IDS). A newer approach for Intrusion detection is data mining techniques.IDS system can be developed using individual algorithms like neural networks, clustering, classification, etc. The result of these systems is good detection rate and low false alarm rate. According to a recent study, cascading of multiple algorithms gives a way better performance than single algorithm. Single algorithm systems have a high alarm rate. Therefore, to solve this problem, a combination of different algorithms are required. In this research paper, we use the hybrid algorithm for developing the intrusion detection system. C4.5 Support Vector Machine (SVM) and Decision Tree combined to achieve high accuracy and diminish the false alarm rate. Intrusions can be classified into types like Normal, DOS, R2L and U2R.Intrusion detection with Decision trees and SVM were tested with benchmark standard NSL- KDD, which is the extended version of KDD Cup 1999 for intrusion detection (ID).
30
S, Reshni. "Cyber Intrusion Detection System Using Deep Learning Approach." International Journal for Research in Applied Science and Engineering Technology 12, no. 4 (April 30, 2024): 5886–88. http://dx.doi.org/10.22214/ijraset.2024.61352.
Full textAbstract:
Abstract: Technological developments in network communications have led to a remarkable increase in network traffic and an explosion in the use of linked devices across a number of commercial fields. Systems for detecting intrusions that can recognize malicious assaults from traffic data might be useful instruments for protecting company assets from illegal access. This project suggests a two-stage architecture for an intrusion detection system, where an auto encoder (AE) and the grey wolf algorithm (GWO) choose features. It is evaluated using the Bot-Iot and NSL-KDD datasets, yielding better accuracy levels for binary and multiclass attack categorization. This method outperforms the latest intrusion detection techniques in terms of categorization using an ideal selection of traffic characteristics.
31
Kaur, Avneet, Shruti Pawar, Neha Jore, Varsha Chavan, and Nikita Mule. "Intrusion Detection System using Blockchain." International Journal for Research in Applied Science and Engineering Technology 12, no. 2 (February 29, 2024): 569–71. http://dx.doi.org/10.22214/ijraset.2024.58361.
Full textAbstract:
Abstract: This paper investigates the integration of an Intrusion Detection System (IDS) within the context of blockchain technology. The objective is to enhance the security posture of blockchain networks by detecting and mitigating potential intrusions. Through a meticulous examination of the current threat landscape and the unique challenges posed by blockchain systems, this research proposes a robust IDS framework tailored to the specific requirements of decentralized and distributed ledger environments. The study employs [specific methodology/approach] to assess the effectiveness of the proposed IDS, presenting conclusive findings that contribute to the ongoing discourse on securing blockchain ecosystems. The implications of this research extend to bolstering the resilience of blockchain networks against emerging threat.
32
Pavani, Konagala, and Auvula Damodaram. "Multi-class Intrusion Detection System for MANETs." Journal of Advances in Computer Networks 3, no. 2 (2015): 93–98. http://dx.doi.org/10.7763/jacn.2015.v3.148.
Full text
33
Tamilarasi, T., and Sangeetha Varadhan. "Crime Analysis Mapping with Intrusion Detection System." International Journal of Research Publication and Reviews 5, no. 5 (May 2, 2024): 6411–16. http://dx.doi.org/10.55248/gengpi.5.0524.1106.
Full text
34
Susanto, Bekti Maryuni. "Naïve Bayes Decision Tree Hybrid Approach for Intrusion Detection System." Bulletin of Electrical Engineering and Informatics 2, no. 3 (September 1, 2013): 225–32. http://dx.doi.org/10.11591/eei.v2i3.208.
Full textAbstract:
Internet is also increasing exponentially increasing intrusion or attacks by crackers exploit vulnerabilities in Internet protocols, operating systems and software applications. Intrusion or attacks against computer networks, especially the Internet has increased from year to year. Intrusion detection systems into the main stream in the information security. The main purpose of intrusion detection system is a computer system to help deal with the attack. This study presents a hybrid approach to decision tree algorithm and naïve Bayes to detect computer network intrusions. Performance is measured based on the level of accuracy, sensitivity, precision and spesificity. Dataset used in this study is a dataset KDD 99 intrusion detection system. Dataset is composed of two training data and testing data. The selection of attributes is done using the chi-square, selected the top ten attributes based on the calculation of chi-square. From the experimental results obtained by the accuracy of naïve Bayes decision tree algorithm was 99.82%.
35
Afzal, Shehroz, and Jamil Asim. "Systematic Literature Review over IDPS, Classification and Application in its Different Areas." STATISTICS, COMPUTING AND INTERDISCIPLINARY RESEARCH 3, no. 2 (December 31, 2021): 189–223. http://dx.doi.org/10.52700/scir.v3i2.58.
Full textAbstract:
Cyber-attacks are becoming more sophisticated and thereby presenting increasing challenges in accurately detecting intrusions. Failure to prevent the intrusions could degrade the credibility of security services, e.g. data confidentiality, integrity, and availability. Numerous intrusion detection methods have been proposed in the literature to tackle computer security threats, which can be broadly classified into Signature-based Intrusion Detection Systems (SIDS) and Anomaly-based Intrusion Detection Systems (AIDS). Network security is vital for any organization connected to the Internet. Rock solid network security is a major challenge that can be overcome by strengthening the network against threats such as hackers, malware, botnets, data thieves, etc. Firewalls, antivirus, and intrusion detection systems are used to protect the network. The firewall can control network traffic, but reliance on this type of security alone is not enough. Attackers use open ports such as port 80 of the web server (http) and port 110 of the POP server to infiltrate networks. The Intrusion Detection System (IDS) minimizes security breaches and improves network security by scanning network packets to filter out malicious packets. Real-time detection with prevention using Intrusion Detection and Prevention Systems (IDPS) has elevated network security to an advanced level by strengthening the network against malicious activities. In this Survey paper focuses on Classifying various kinds of IDS with the major types of attacks based on intrusion methods. Presenting a classification of network anomaly IDS evaluation metrics and discussion on the importance of the feature selection. Evaluation of available IDS datasets discussing the challenges of evasion techniques.
36
Afzal, Shehroz, and Jamil Asim. "Systematic Literature Review over IDPS, Classification and Application in its Different Areas." STATISTICS, COMPUTING AND INTERDISCIPLINARY RESEARCH 3, no. 2 (December 31, 2021): 189–223. http://dx.doi.org/10.52700/scir.v3i2.58.
Full textAbstract:
Cyber-attacks are becoming more sophisticated and thereby presenting increasing challenges in accurately detecting intrusions. Failure to prevent the intrusions could degrade the credibility of security services, e.g. data confidentiality, integrity, and availability. Numerous intrusion detection methods have been proposed in the literature to tackle computer security threats, which can be broadly classified into Signature-based Intrusion Detection Systems (SIDS) and Anomaly-based Intrusion Detection Systems (AIDS). Network security is vital for any organization connected to the Internet. Rock solid network security is a major challenge that can be overcome by strengthening the network against threats such as hackers, malware, botnets, data thieves, etc. Firewalls, antivirus, and intrusion detection systems are used to protect the network. The firewall can control network traffic, but reliance on this type of security alone is not enough. Attackers use open ports such as port 80 of the web server (http) and port 110 of the POP server to infiltrate networks. The Intrusion Detection System (IDS) minimizes security breaches and improves network security by scanning network packets to filter out malicious packets. Real-time detection with prevention using Intrusion Detection and Prevention Systems (IDPS) has elevated network security to an advanced level by strengthening the network against malicious activities. In this Survey paper focuses on Classifying various kinds of IDS with the major types of attacks based on intrusion methods. Presenting a classification of network anomaly IDS evaluation metrics and discussion on the importance of the feature selection. Evaluation of available IDS datasets discussing the challenges of evasion techniques.
37
Jacobus, Agustinus, and Edi Winarko. "Penerapan Metode Support Vector Machine pada Sistem Deteksi Intrusi secara Real-time." IJCCS (Indonesian Journal of Computing and Cybernetics Systems) 8, no. 1 (January 31, 2014): 13. http://dx.doi.org/10.22146/ijccs.3491.
Full textAbstract:
AbstrakSistem deteksi intrusi adalah sebuah sistem yang dapat mendeteksi serangan atau intrusi dalam sebuah jaringan atau sistem komputer, umum pendeteksian intrusi dilakukan dengan membandingkan pola lalu lintas jaringan dengan pola serangan yang diketahui atau mencari pola tidak normal dari lalu lintas jaringan. Pertumbuhan aktivitas internet meningkatkan jumlah paket data yang harus dianalisis untuk membangun pola serangan ataupun normal, situasi ini menyebabkan kemungkinan bahwa sistem tidak dapat mendeteksi serangan dengan teknik yang baru, sehingga dibutuhkan sebuah sistem yang dapat membangun pola atau model secara otomatis.Penelitian ini memiliki tujuan untuk membangun sistem deteksi intrusi dengan kemampuan membuat sebuah model secara otomatis dan dapat mendeteksi intrusi dalam lingkungan real-time, dengan menggunakan metode support vector machine sebagai salah satu metode data mining untuk mengklasifikasikan audit data lalu lintas jaringan dalam 3 kelas, yaitu: normal, probe, dan DoS. Data audit dibuat dari preprocessing rekaman paket data jaringan yang dihasilkan oleh Tshark.Berdasar hasil pengujian, sistem dapat membantu sistem administrator untuk membangun model atau pola secara otomatis dengan tingkat akurasi dan deteksi serangan yang tinggi serta tingkat false positive yang rendah. Sistem juga dapat berjalan pada lingkungan real-time. Kata kunci— deteksi intrusi, klasifikasi, preprocessing, support vector machine AbstractIntrusion detection system is a system for detecting attacks or intrusions in a network or computer system, generally intrusion detection is done with comparing network traffic pattern with known attack pattern or with finding unnormal pattern of network traffic. The raise of internet activity has increase the number of packet data that must be analyzed for build the attack or normal pattern, this situation led to the possibility that the system can not detect the intrusion with a new technique, so it needs a system that can automaticaly build a pattern or model.This research have a goal to build an intrusion detection system with ability to create a model automaticaly and can detect the intrusion in real-time environment with using support vector machine method as a one of data mining method for classifying network traffic audit data in 3 classes, namely: normal, probe, and DoS. Audit data was established from preprocessing of network packet capture files that obtained from Tshark. Based on the test result, the system can help system administrator to build a model or pattern automaticaly with high accuracy, high attack detection rate, and low false positive rate. The system also can run in real-time environment. Keywords— intrusion detection, classification, preprocessing, support vector machine
38
Tao, Ran, Li Yang, Lu Peng, and Bin Li. "A Host-Based Intrusion Detection System Using Architectural Features to Improve Sophisticated Denial-of-Service Attack Detections." International Journal of Information Security and Privacy 4, no. 1 (January 2010): 18–31. http://dx.doi.org/10.4018/jisp.2010010102.
Full textAbstract:
Application features like port numbers are used by Network-based Intrusion Detection Systems (NIDSs) to detect attacks coming from networks. System calls and the operating system related information are used by Host-based Intrusion Detection Systems (HIDSs) to detect intrusions toward a host. However, the relationship between hardware architecture events and Denial-of-Service (DoS) attacks has not been well revealed. When increasingly sophisticated intrusions emerge, some attacks are able to bypass both the application and the operating system level feature monitors. Therefore, a more effective solution is required to enhance existing HIDSs. In this article, the authors identify the following hardware architecture features: Instruction Count, Cache Miss, Bus Traffic and integrate them into a HIDS framework based on a modern statistical Gradient Boosting Trees model. Through the integration of application, operating system and architecture level features, the proposed HIDS demonstrates a significant improvement of the detection rate in terms of sophisticated DoS intrusions.
39
Qazi, Emad Ul Haq, Muhammad Hamza Faheem, and Tanveer Zia. "HDLNIDS: Hybrid Deep-Learning-Based Network Intrusion Detection System." Applied Sciences 13, no. 8 (April 14, 2023): 4921. http://dx.doi.org/10.3390/app13084921.
Full textAbstract:
Attacks on networks are currently the most pressing issue confronting modern society. Network risks affect all networks, from small to large. An intrusion detection system must be present for detecting and mitigating hostile attacks inside networks. Machine Learning and Deep Learning are currently used in several sectors, particularly the security of information, to design efficient intrusion detection systems. These systems can quickly and accurately identify threats. However, because malicious threats emerge and evolve regularly, networks need an advanced security solution. Hence, building an intrusion detection system that is both effective and intelligent is one of the most cognizant research issues. There are several public datasets available for research on intrusion detection. Because of the complexity of attacks and the continually evolving detection of an attack method, publicly available intrusion databases must be updated frequently. A convolutional recurrent neural network is employed in this study to construct a deep-learning-based hybrid intrusion detection system that detects attacks over a network. To boost the efficiency of the intrusion detection system and predictability, the convolutional neural network performs the convolution to collect local features, while a deep-layered recurrent neural network extracts the features in the proposed Hybrid Deep-Learning-Based Network Intrusion Detection System (HDLNIDS). Experiments are conducted using publicly accessible benchmark CICIDS-2018 data, to determine the effectiveness of the proposed system. The findings of the research demonstrate that the proposed HDLNIDS outperforms current intrusion detection approaches with an average accuracy of 98.90% in detecting malicious attacks.
40
Dr. P. Gokulakrishnan, Dr. N. Dhanalakshmi, Dr S. Satheesbabu,. "THE SURVEILLANCE OF INTRUSION DETECTION SYSTEMS AND APPROACHES." INFORMATION TECHNOLOGY IN INDUSTRY 9, no. 1 (March 17, 2021): 1135–50. http://dx.doi.org/10.17762/itii.v9i1.247.
Full textAbstract:
With the widespread evolution of new technologies and services, Internet has experienced explosive growth across the market that actively increases the impact of attacks where the attackers continuously find vulnerabilities and attack the system In an information system, intrusions are the activities that violate the security policy of the system. At this instant, it is fundamental to impenetrable the pc gadget which has end up the important problem over the few years so as to observe and forestall attacks. Intrusion detection is a necessary device to display networks for attacks or intrusions and document these intrusions in order to take an action. While Intrusion detection structures are ubiquitous defenses in current networks, there is no rigorous methodology to measure or enhance the effectiveness of the system. This paper is aimed to facilitate the extraordinary kinds of Intrusion detection systems, merits, demerits and the overall performance measurements that are desired. To determine these metrics, we evaluate previous empirical evaluations. We additionally existing the set of hurdles that have blocked the measurements and lookup associated in the direction of enhancing dimension competencies has been supplied.
41
Khraisat, Gondal, Vamplew, Kamruzzaman, and Alazab. "A novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks." Electronics 8, no. 11 (October 23, 2019): 1210. http://dx.doi.org/10.3390/electronics8111210.
Full textAbstract:
The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack to the end nodes. Due to the large number and diverse types of IoT devices, it is a challenging task to protect the IoT infrastructure using a traditional intrusion detection system. To protect IoT devices, a novel ensemble Hybrid Intrusion Detection System (HIDS) is proposed by combining a C5 classifier and One Class Support Vector Machine classifier. HIDS combines the advantages of Signature Intrusion Detection System (SIDS) and Anomaly-based Intrusion Detection System (AIDS). The aim of this framework is to detect both the well-known intrusions and zero-day attacks with high detection accuracy and low false-alarm rates. The proposed HIDS is evaluated using the Bot-IoT dataset, which includes legitimate IoT network traffic and several types of attacks. Experiments show that the proposed hybrid IDS provide higher detection rate and lower false positive rate compared to the SIDS and AIDS techniques.
42
Rathod, Yagnik. "A PREVENTIVE APPROACH USING THE DATA MINING OF TRANSACTION AUDIT LOG FOR DATABASE INTRUSION DETECTION." Journal of Research in Engineering and Applied Sciences 7, no. 3 (February 25, 2023): 391–96. http://dx.doi.org/10.46565/jreas.202273391-396.
Full textAbstract:
Information is a key component in today’s global business environment. An organization, institute, or business firm uses various database management systems for managing its crucial information. The security mechanism provides by DBMS is not enough to prevent intruders or detect anomalous behavior. Unauthorized users and sometimes authorized users to execute malicious commands intentionally or by mistake, cannot be detected and prevented by a typical security mechanism. Intrusion detection system finds intrusive action and attempts by detecting the behavior of user’s action. Security features can be enhanced by adding intrusive detection technology to the Database management system. Data mining is to identify valid, novel, potentially useful, and ultimately understandable patterns in massive data. It is required to apply data mining techniques to detect various intrusions. In this paper mechanism based on data mining is discussed to detect malicious action in DBMS.
43
Mane, Prof Dipali. "Machine Learning Algorithms for Intrusion Detection in Cybersecurity." International Journal for Research in Applied Science and Engineering Technology 11, no. 5 (May 31, 2023): 6315–21. http://dx.doi.org/10.22214/ijraset.2023.52788.
Full textAbstract:
Abstract: Computer networks and virtual machine security are very necessary in today’s time. An Intrusion Detection System (IDS) is a security mechanism designed to monitor computer networks or systems for malicious activities or unauthorized access attempts. The primary function of an IDS is to detect and respond to potential security breaches in real time. Tasks performed by an IDS are anomaly detection, Signature detection, security alert generation, etc… Various researchers are actively working on different ideas for increasing the performance of the IDS. We have used a machine-learning approach for intrusion detection. We have used SVM, Random Forests, and Decision trees for detecting intrusions.
44
Manikandan, Deepa, and Jayaseelan Dhilipan. "Machine learning approach for intrusion detection system using dimensionality reduction." Indonesian Journal of Electrical Engineering and Computer Science 34, no. 1 (April 1, 2024): 430. http://dx.doi.org/10.11591/ijeecs.v34.i1.pp430-440.
Full textAbstract:
As cyberspace has emerged, security in all the domains like networks, cloud, and databases has become a greater concern in real-time distributed systems. Existing systems for detecting intrusions (IDS) are having challenges coping with constantly changing threats. The proposed model, DR-DBMS (dimensionality reduction in database management systems), creates a unique strategy that combines supervised machine learning algorithms, dimensionality reduction approaches and advanced rule-based classifiers to improve intrusion detection accuracy in terms of different types of attacks. According to simulation results, the DR-DBMS system detected the intrusion attack in 0.07 seconds and with a smaller number of features using the dimensionality reduction and feature selection techniques efficiently.
45
Kalaivani, A., and R. Pugazendi. "A Review on Intrusion Detection System and its Techniques." Data Analytics and Artificial Intelligence 3, no. 2 (February 1, 2023): 132–37. http://dx.doi.org/10.46632/daai/3/2/24.
Full textAbstract:
Technology development has brought so many threats and hazards at a very high rate in the recent years. The development of application, software tools and its usage in all the fields has brought the awareness about the security. Many mechanisms are used as the security tool such as firewalls, antivirus, spam filters and anti-malware for the security purposes to protect their system and network. Intrusion detection system is a very powerful security system to detect any abnormal or unauthorised access to the system and to the network. This paper is about the study of the importance of intrusion detection, classification of intrusion detection system (IDS), its datasets and usage in various applications. The intrusion detection system has got many developments through its datasets, new technologies and methods but as the technologies increases, the threats of attacking the system and data breaches also increases, so in order to overcome this problem a hybrid framework for the intrusion detection has to be developed to detect the intrusions from the intruder.
46
A. M., Riyad, M. S. Irfan Ahmed, and R. L. Raheemaa Khan. "An adaptive distributed Intrusion detection system architecture using multi agents." International Journal of Electrical and Computer Engineering (IJECE) 9, no. 6 (December 1, 2019): 4951. http://dx.doi.org/10.11591/ijece.v9i6.pp4951-4960.
Full textAbstract:
Intrusion detection systems are used for monitoring the network data, analyze them and find the intrusions if any. The major issues with these systems are the time taken for analysis, transfer of bulk data from one part of the network to another, high false positives and adaptability to the future threats. These issues are addressed here by devising a framework for intrusion detection. Here, various types of co-operating agents are distributed in the network for monitoring, analyzing, detecting and reporting. Analysis and detection agents are the mobile agents which are the primary detection modules for detecting intrusions. Their mobility eliminates the transfer of bulk data for processing. An algorithm named territory is proposed to avoid interference of one analysis agent with another one. A communication layout of the analysis and detection module with other modules is depicted. The inter-agent communication reduces the false positives significantly. It also facilitates the identification of distributed types of attacks. The co-ordinator agents log various events and summarize the activities in its network. It also communicates with co-ordinator agents of other networks. The system is highly scalable by increasing the number of various agents if needed. Centralized processing is avoided here to evade single point of failure. We created a prototype and the experiments done gave very promising results showing the effectiveness of the system.
47
Verma, Anil, Enish Paneru, and Bishal Baaniya. "Anomaly-Based Network Intrusion Detection System." Journal of Lumbini Engineering College 4, no. 1 (December 7, 2022): 38–42. http://dx.doi.org/10.3126/lecj.v4i1.49364.
Full textAbstract:
Network security has been a really hot topic since the inception of the internet in the early ’80s. With millions of people entrusting their life savings in the hands of an organization, it is really necessary to keep the network intruders out of the system. The most alarming thing is that - even today, many organizations are detecting these intrusions through manual labour. Many researchers have proven that these intrusions have a certain pattern i.e. they can be detected with an Artificial Intelligence (AI) based system with enough training which can prove to be a really an effective substitute for manual labour. This paper explains the current trends in Network Intrusion Detection and the technologies that have been implemented to detect them. CICIDS2017 dataset containing around 3 million data points was used in this experiment. K-Nearest Neighbours (KNN) and Random Forest algorithms are used as the AI tools and their performance has also been compared.
48
Kukushkina, Nadezhda, and Aleksey Novokhrestov. "Development of the laboratory bench for studying intrusion detection systems." Digital technology security, no. 4 (December 27, 2021): 37–53. http://dx.doi.org/10.17212/2782-2230-2021-4-37-53.
Full textAbstract:
The research object of this article is network-based and host-based intrusion detection systems. The aim of the study is to obtain an overview of intrusion detection systems, as well as to build a constructive version of a virtual laboratory bench intended for teaching students (studying the test characteristics of intrusion detection systems). The article provides a brief reference on intrusion detection systems, taking into account the classification by the method of monitoring and the technology of detecting attacks. Today, intrusion detection system is a necessary element of a comprehensive network protection system for both small and large organizations. They improve network security by protecting against external and internal intruders. Therefore, the need to acquire skills in installing, configuring and administering intrusion detection systems is an important part of training information security specialists, which necessitates continuous updating and modernization of training tools. In this paper, we propose a virtual laboratory bench designed to study intrusion detection systems. Its architecture and functioning parameters are described. In order to select an intrusion detection system for a virtual laboratory bench, a comparative analysis of free and commercial intrusion detection systems on the market was carried out. Network-based and host-based intrusion detection systems were considered separately. For both types, their advantages and disadvantages are described. As a result, the functions and operation mechanism are described for the intrusion detection system selected based on the analysis results. In addition, examples of custom rules for handling security events are discussed.
49
Ahmad, Iftikhar, Qazi Emad Ul Haq, Muhammad Imran, Madini O. Alassafi, and Rayed A. AlGhamdi. "An Efficient Network Intrusion Detection and Classification System." Mathematics 10, no. 3 (February 8, 2022): 530. http://dx.doi.org/10.3390/math10030530.
Full textAbstract:
Intrusion detection in computer networks is of great importance because of its effects on the different communication and security domains. The detection of network intrusion is a challenge. Moreover, network intrusion detection remains a challenging task as a massive amount of data is required to train the state-of-the-art machine learning models to detect network intrusion threats. Many approaches have already been proposed recently on network intrusion detection. However, they face critical challenges owing to the continuous increase in new threats that current systems do not understand. This paper compares multiple techniques to develop a network intrusion detection system. Optimum features are selected from the dataset based on the correlation between the features. Furthermore, we propose an AdaBoost-based approach for network intrusion detection based on these selected features and present its detailed functionality and performance. Unlike most previous studies, which employ the KDD99 dataset, we used a recent and comprehensive UNSW-NB 15 dataset for network anomaly detection. This dataset is a collection of network packets exchanged between hosts. It comprises 49 attributes, including nine types of threats such as DoS, Fuzzers, Exploit, Worm, shellcode, reconnaissance, generic, and analysis Backdoor. In this study, we employ SVM and MLP for comparison. Finally, we propose AdaBoost based on the decision tree classifier to classify normal activity and possible threats. We monitored the network traffic and classified it into either threats or non-threats. The experimental findings showed that our proposed method effectively detects different forms of network intrusions on computer networks and achieves an accuracy of 99.3% on the UNSW-NB15 dataset. The proposed system will be helpful in network security applications and research domains.
50
Protić, Danijela, and Miomir Stanković. "Detection of Anomalies in the Computer Network Behaviour." European Journal of Engineering and Formal Sciences 4, no. 1 (February 21, 2020): 7. http://dx.doi.org/10.26417/ejef.v4i1.p7-13.
Full textAbstract:
The goal of anomaly-based intrusion detection is to build a system which monitors computer network behaviour and generates alerts if either a known attack or an anomaly is detected. Anomaly-based intrusion detection system detects intrusions based on a reference model which identifies normal behaviour of the computer network and flags an anomaly. Basic challenges in anomaly-based detection are difficulties to identify a ‘normal’ network behaviour and complexity of the dataset needed to train the intrusion detection system. Supervised machine learning can be used to train the binary classifiers in order to recognize the notion of normality. In this paper we present an algorithm for feature selection and instances normalization which reduces the Kyoto 2006+ dataset in order to increase accuracy and decrease time for training, testing and validating intrusion detection systems based on five models: k-Nearest Neighbour (k-NN), weighted k-NN (wk-NN), Support Vector Machine (SVM), Decision Tree, and Feedforward Neural Network (FNN).