Journal articles on the topic 'Light-based Intrusion classification system'
To see the other types of publications on this topic, follow the link: Light-based Intrusion classification system.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Light-based Intrusion classification system.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Jecheva, Veselina, and Evgeniya Nikolova. "Classification Trees as a Technique for Creating Anomaly-Based Intrusion Detection Systems." Serdica Journal of Computing 3, no. 4 (January 11, 2010): 335–58. http://dx.doi.org/10.55630/sjc.2009.3.335-358.
Full textAbstract:
Intrusion detection is a critical component of security information systems. The intrusion detection process attempts to detect malicious attacks by examining various data collected during processes on the protected system. This paper examines the anomaly-based intrusion detection based on sequences of system calls. The point is to construct a model that describes normal or acceptable system activity using the classification trees approach. The created database is utilized as a basis for distinguishing the intrusive activity from the legal one using string metric algorithms. The major results of the implemented simulation experiments are presented and discussed as well.
2
Sandosh, S., Dr V. Govindasamy, and Dr G. Akila. "Novel Pattern Matching based Alert Classification Approach For Intrusion Detection System." Journal of Advanced Research in Dynamical and Control Systems 11, no. 11-SPECIAL ISSUE (November 29, 2019): 279–89. http://dx.doi.org/10.5373/jardcs/v11sp11/20193032.
Full text
3
Kamble, Arvind, and Virendra S. Malemath. "Adam Improved Rider Optimization-Based Deep Recurrent Neural Network for the Intrusion Detection in Cyber Physical Systems." International Journal of Swarm Intelligence Research 13, no. 3 (July 1, 2022): 1–22. http://dx.doi.org/10.4018/ijsir.304402.
Full textAbstract:
This paper designed the intrusion detection systems for determining the intrusions. Here, Adam Improved rider optimization approach (Adam IROA) is newly developed for detecting the intrusion in intrusion detection. Accordingly, the training of DeepRNN is done by proposed Adam IROA, which is designed by combining the Adam optimization algorithm with IROA. Thus, the newly developed Adam IROA is applied for intrusion detection. Overall, two phases are included in the proposed intrusion detection system, which involves feature selection and classification. Here, the features selection is done using proposed WWIROA to select significant features from the input data. The proposed WWIROA is developed by combining WWO and IROA. The obtained features are fed to the classification module for discovering the intrusions present in the network. Here, the classification is progressed using Adam IROA-based DeepRNN. The proposed Adam IROA-based DeepRNN achieves maximal accuracy of 0.937, maximal sensitivity of 0.952, and maximal specificity of 0.908 based on SCADA dataset.
4
Ahmad, Iftikhar, Qazi Emad Ul Haq, Muhammad Imran, Madini O. Alassafi, and Rayed A. AlGhamdi. "An Efficient Network Intrusion Detection and Classification System." Mathematics 10, no. 3 (February 8, 2022): 530. http://dx.doi.org/10.3390/math10030530.
Full textAbstract:
Intrusion detection in computer networks is of great importance because of its effects on the different communication and security domains. The detection of network intrusion is a challenge. Moreover, network intrusion detection remains a challenging task as a massive amount of data is required to train the state-of-the-art machine learning models to detect network intrusion threats. Many approaches have already been proposed recently on network intrusion detection. However, they face critical challenges owing to the continuous increase in new threats that current systems do not understand. This paper compares multiple techniques to develop a network intrusion detection system. Optimum features are selected from the dataset based on the correlation between the features. Furthermore, we propose an AdaBoost-based approach for network intrusion detection based on these selected features and present its detailed functionality and performance. Unlike most previous studies, which employ the KDD99 dataset, we used a recent and comprehensive UNSW-NB 15 dataset for network anomaly detection. This dataset is a collection of network packets exchanged between hosts. It comprises 49 attributes, including nine types of threats such as DoS, Fuzzers, Exploit, Worm, shellcode, reconnaissance, generic, and analysis Backdoor. In this study, we employ SVM and MLP for comparison. Finally, we propose AdaBoost based on the decision tree classifier to classify normal activity and possible threats. We monitored the network traffic and classified it into either threats or non-threats. The experimental findings showed that our proposed method effectively detects different forms of network intrusions on computer networks and achieves an accuracy of 99.3% on the UNSW-NB15 dataset. The proposed system will be helpful in network security applications and research domains.
5
Mohammed, Bilal, and Ekhlas K. Gbashi. "Intrusion Detection System for NSL-KDD Dataset Based on Deep Learning and Recursive Feature Elimination." Engineering and Technology Journal 39, no. 7 (July 25, 2021): 1069–79. http://dx.doi.org/10.30684/etj.v39i7.1695.
Full textAbstract:
Intrusion detection system is responsible for monitoring the systems and detect attacks, whether on (host or on a network) and identifying attacks that could come to the system and cause damage to them, that’s mean an IDS prevents unauthorized access to systems by giving an alert to the administrator before causing any serious harm. As a reasonable supplement of the firewall, intrusion detection technology can assist systems to deal with offensive, the Intrusions Detection Systems (IDSs) suffers from high false positive which leads to highly bad accuracy rate. So this work is suggested to implement (IDS) by using a Recursive Feature Elimination to select features and use Deep Neural Network (DNN) and Recurrent Neural Network (RNN) for classification, the suggested model gives good results with high accuracy rate reaching 94%, DNN was used in the binary classification to classify either attack or Normal, while RNN was used in the classifications for the five classes (Normal, Dos, Probe, R2L, U2R). The system was implemented by using (NSL-KDD) dataset, which was very efficient for offline analyses systems for IDS.
6
Ali, Rashid, and Supriya Kamthania. "A Comparative Study of Different Relevant Features Hybrid Neural Networks Based Intrusion Detection Systems." Advanced Materials Research 403-408 (November 2011): 4703–10. http://dx.doi.org/10.4028/www.scientific.net/amr.403-408.4703.
Full textAbstract:
Intrusion detection is the task of detecting, preventing and possibly reacting to the attacks and intrusions in a network based computer system. The neural network algorithms are popular for their ability to ’learn’ the so called patterns in a given environment. This feature can be used for intrusion detection, where the neural network can be trained to detect intrusions by recognizing patterns of an intrusion. In this work, we propose and compare the three different Relevant Features Hybrid Neural Networks based intrusion detection systems, where in, we first recognize the most relevant features for a connection record from a benchmark dataset and use these features in training the hybrid neural networks for intrusion detection. Performance of these three systems are evaluated on a well structured KDD CUP 99 dataset using a number of evaluation parameters such as classification rate, false positive rate, false negative rate etc.
7
Ugendhar, A., Babu Illuri, Sridhar Reddy Vulapula, Marepalli Radha, Sukanya K, Fayadh Alenezi, Sara A. Althubiti, and Kemal Polat. "A Novel Intelligent-Based Intrusion Detection System Approach Using Deep Multilayer Classification." Mathematical Problems in Engineering 2022 (May 6, 2022): 1–10. http://dx.doi.org/10.1155/2022/8030510.
Full textAbstract:
Cybersecurity in information technology (IT) infrastructures is one of the most significant and complex issues of the digital era. Increases in network size and associated data have directly affected technological breakthroughs in the Internet and communication areas. Malware attacks are becoming increasingly sophisticated and hazardous as technology advances, making it difficult to detect an incursion. Detecting and mitigating these threats is a significant issue for standard analytic methods. Furthermore, the attackers use complex processes to remain undetected for an extended period. The changing nature and many cyberattacks require a quick, adaptable, and scalable defense system. For the most part, traditional machine learning-based intrusion detection relies on only one algorithm to identify intrusions, which has a low detection rate and cannot handle large amounts of data. To enhance the performance of intrusion detection systems, a new deep multilayer classification approach is developed. This approach comprises five modules: preprocessing, autoencoding, database, classification, and feedback. The classification module uses an autoencoder to decrease the number of dimensions in a reconstruction feature. Our method was tested against a benchmark dataset, NSL-KDD. Compared to other state-of-the-art intrusion detection systems, our methodology has a 96.7% accuracy.
8
Afzal, Shehroz, and Jamil Asim. "Systematic Literature Review over IDPS, Classification and Application in its Different Areas." STATISTICS, COMPUTING AND INTERDISCIPLINARY RESEARCH 3, no. 2 (December 31, 2021): 189–223. http://dx.doi.org/10.52700/scir.v3i2.58.
Full textAbstract:
Cyber-attacks are becoming more sophisticated and thereby presenting increasing challenges in accurately detecting intrusions. Failure to prevent the intrusions could degrade the credibility of security services, e.g. data confidentiality, integrity, and availability. Numerous intrusion detection methods have been proposed in the literature to tackle computer security threats, which can be broadly classified into Signature-based Intrusion Detection Systems (SIDS) and Anomaly-based Intrusion Detection Systems (AIDS). Network security is vital for any organization connected to the Internet. Rock solid network security is a major challenge that can be overcome by strengthening the network against threats such as hackers, malware, botnets, data thieves, etc. Firewalls, antivirus, and intrusion detection systems are used to protect the network. The firewall can control network traffic, but reliance on this type of security alone is not enough. Attackers use open ports such as port 80 of the web server (http) and port 110 of the POP server to infiltrate networks. The Intrusion Detection System (IDS) minimizes security breaches and improves network security by scanning network packets to filter out malicious packets. Real-time detection with prevention using Intrusion Detection and Prevention Systems (IDPS) has elevated network security to an advanced level by strengthening the network against malicious activities. In this Survey paper focuses on Classifying various kinds of IDS with the major types of attacks based on intrusion methods. Presenting a classification of network anomaly IDS evaluation metrics and discussion on the importance of the feature selection. Evaluation of available IDS datasets discussing the challenges of evasion techniques.
9
Afzal, Shehroz, and Jamil Asim. "Systematic Literature Review over IDPS, Classification and Application in its Different Areas." STATISTICS, COMPUTING AND INTERDISCIPLINARY RESEARCH 3, no. 2 (December 31, 2021): 189–223. http://dx.doi.org/10.52700/scir.v3i2.58.
Full textAbstract:
Cyber-attacks are becoming more sophisticated and thereby presenting increasing challenges in accurately detecting intrusions. Failure to prevent the intrusions could degrade the credibility of security services, e.g. data confidentiality, integrity, and availability. Numerous intrusion detection methods have been proposed in the literature to tackle computer security threats, which can be broadly classified into Signature-based Intrusion Detection Systems (SIDS) and Anomaly-based Intrusion Detection Systems (AIDS). Network security is vital for any organization connected to the Internet. Rock solid network security is a major challenge that can be overcome by strengthening the network against threats such as hackers, malware, botnets, data thieves, etc. Firewalls, antivirus, and intrusion detection systems are used to protect the network. The firewall can control network traffic, but reliance on this type of security alone is not enough. Attackers use open ports such as port 80 of the web server (http) and port 110 of the POP server to infiltrate networks. The Intrusion Detection System (IDS) minimizes security breaches and improves network security by scanning network packets to filter out malicious packets. Real-time detection with prevention using Intrusion Detection and Prevention Systems (IDPS) has elevated network security to an advanced level by strengthening the network against malicious activities. In this Survey paper focuses on Classifying various kinds of IDS with the major types of attacks based on intrusion methods. Presenting a classification of network anomaly IDS evaluation metrics and discussion on the importance of the feature selection. Evaluation of available IDS datasets discussing the challenges of evasion techniques.
10
Alzahrani, Mohammed Saeed, and Fawaz Waselallah Alsaade. "Computational Intelligence Approaches in Developing Cyberattack Detection System." Computational Intelligence and Neuroscience 2022 (March 18, 2022): 1–16. http://dx.doi.org/10.1155/2022/4705325.
Full textAbstract:
The Internet plays a fundamental part in relentless correspondence, so its applicability can decrease the impact of intrusions. Intrusions are defined as movements that unfavorably influence the focus of a computer. Intrusions may sacrifice the reputability, integrity, privacy, and accessibility of the assets attacked. A computer security system will be traded off when an intrusion happens. The novelty of the proposed intelligent cybersecurity system is its ability to protect Internet of Things (IoT) devices and any networks from incoming attacks. In this research, various machine learning and deep learning algorithms, namely, the quantum support vector machine (QSVM), k-nearest neighbor (KNN), linear discriminant and quadratic discriminant long short-term memory (LSTM), and autoencoder algorithms, were applied to detect attacks from signature databases. The correlation method was used to select important network features by finding the features with a high-percentage relationship between the dataset features and classes. As a result, nine features were selected. A one-hot encoding method was applied to convert the categorical features into numerical features. The validation of the system was verified by employing the benchmark KDD Cup database. Statistical analysis methods were applied to evaluate the results of the proposed study. Binary and multiple classifications were conducted to classify the normal and attack packets. Experimental results demonstrated that KNN and LSTM algorithms achieved better classification performance for developing intrusion detection systems; the accuracy of KNN and LSTM algorithms for binary classification was 98.55% and 97.28%, whereas the KNN and LSTM attained a high accuracy for multiple classification (98.28% and 970.7%). Finally, the KNN and LSTM algorithms are fitting-based intrusion detection systems.
11
Mulyanto, Mulyanto, Muhamad Faisal, Setya Widyawan Prakosa, and Jenq-Shiou Leu. "Effectiveness of Focal Loss for Minority Classification in Network Intrusion Detection Systems." Symmetry 13, no. 1 (December 22, 2020): 4. http://dx.doi.org/10.3390/sym13010004.
Full textAbstract:
As the rapid development of information and communication technology systems offers limitless access to data, the risk of malicious violations increases. A network intrusion detection system (NIDS) is used to prevent violations, and several algorithms, such as shallow machine learning and deep neural network (DNN), have previously been explored. However, intrusion detection with imbalanced data has usually been neglected. In this paper, a cost-sensitive neural network based on focal loss, called the focal loss network intrusion detection system (FL-NIDS), is proposed to overcome the imbalanced data problem. FL-NIDS was applied using DNN and convolutional neural network (CNN) to evaluate three benchmark intrusion detection datasets that suffer from imbalanced distributions: NSL-KDD, UNSW-NB15, and Bot-IoT. The results showed that the proposed algorithm using FL-NIDS in DNN and CNN architecture increased the detection of intrusions in imbalanced datasets compared to vanilla DNN and CNN in both binary and multiclass classifications.
12
Wang, Li Fang. "Anomaly Intrusion Detection Based on Concept Lattice." Applied Mechanics and Materials 220-223 (November 2012): 2388–92. http://dx.doi.org/10.4028/www.scientific.net/amm.220-223.2388.
Full textAbstract:
In order to identify potential and effective intrusion detection rules, and improve the detection rate of intrusion detection system, this paper combines the concept lattice with intrusion detection technology and proposes a anomaly intrusion detection system based on concept lattice theory. The system first pre-treats those collected data, regulates data and builds concept lattice using the minimal set of attributes which are obtained by attribute reduction. And it analyzes the implication relations between concepts and obtains non-redundant classification rules. The anomaly intrusion detection model based compared with other tests can easily get training data. Experimental results show the model reduces the computation amount to achieve classification, improves the intrusion detection rate and effectively controls the false detection rate.
13
Zhao, Xuemin. "Application of Data Mining Technology in Software Intrusion Detection and Information Processing." Wireless Communications and Mobile Computing 2022 (June 9, 2022): 1–8. http://dx.doi.org/10.1155/2022/3829160.
Full textAbstract:
In order to improve the efficiency of the software intrusion detection system, the author proposes an application based on data mining technology in software intrusion detection and information processing. Apply data mining technology to software intrusion detection; first, analyze and research software intrusion detection technology and data mining technology, including the basic concepts of software intrusion detection, the realization technology of software intrusion detection, the classification of software intrusion detection systems, and the typical software intrusion detection system situation. By detecting and analyzing known intrusion data and using association rules, constructing the inspection system rule base enables the system to learn independently and improve itself and has good scalability, while improving the degree of automation and complete intrusion detection. Experimental results show that under the same test sample, the accuracy of the detection system model designed in this paper is 95.67%, higher than the other three detection systems, and the false alarm rate is lower than other systems, which has certain advantages. It is proved that the system in this paper can help improve the accuracy of software intrusion detection, significantly reduce the false alarm rate and false alarm rate of software intrusion detection, and provide reference for the optimization and improvement of software intrusion detection system and information processing. The system has a certain degree of self-adaptation, which can effectively detect external intrusions.
14
Khattab M. Ali Alheeti, Ali Azawii Abdu Lateef, Abdulkareem Alzahrani, Azhar Imran, and Duaa Al_Dosary. "Cloud Intrusion Detection System Based on SVM." International Journal of Interactive Mobile Technologies (iJIM) 17, no. 11 (June 7, 2023): 101–14. http://dx.doi.org/10.3991/ijim.v17i11.39063.
Full textAbstract:
The demand for better intrusion detection and prevention solutions has elevated due to the current global uptick in hacking and computer network attacks. The Intrusion Detection System (IDS) is essential for spotting network attacks and anomalies, which have increased in size and scope. A detection system has become an effective security method that monitors and investigates security in cloud computing. However, several existing methods have faced issues such as low classification accuracy, high false positive rates, and low true positive rates. To solve these problems, a detection system based on Support Vector Machine (SVM) is proposed in this paper. In this method, the SVM classifier is utilized for network data classification into normal and abnormal behaviors. The Cloud Intrusion Detection Dataset is used to test the effectiveness of the suggested system. The experimental results show which the suggested system can detect abnormal behaviors with high accuracy.
15
Ganapathy, S., P. Yogesh, and A. Kannan. "Intelligent Agent-Based Intrusion Detection System Using Enhanced Multiclass SVM." Computational Intelligence and Neuroscience 2012 (2012): 1–10. http://dx.doi.org/10.1155/2012/850259.
Full textAbstract:
Intrusion detection systems were used in the past along with various techniques to detect intrusions in networks effectively. However, most of these systems are able to detect the intruders only with high false alarm rate. In this paper, we propose a new intelligent agent-based intrusion detection model for mobile ad hoc networks using a combination of attribute selection, outlier detection, and enhanced multiclass SVM classification methods. For this purpose, an effective preprocessing technique is proposed that improves the detection accuracy and reduces the processing time. Moreover, two new algorithms, namely, an Intelligent Agent Weighted Distance Outlier Detection algorithm and an Intelligent Agent-based Enhanced Multiclass Support Vector Machine algorithm are proposed for detecting the intruders in a distributed database environment that uses intelligent agents for trust management and coordination in transaction processing. The experimental results of the proposed model show that this system detects anomalies with low false alarm rate and high-detection rate when tested with KDD Cup 99 data set.
16
Alwan, Karrar, Ahmed AbuEl-Atta, and Hala Zayed. "Feature Selection Models Based on Hybrid Firefly Algorithm with Mutation Operator for Network Intrusion Detection." International Journal of Intelligent Engineering and Systems 14, no. 1 (February 28, 2021): 192–202. http://dx.doi.org/10.22266/ijies2021.0228.19.
Full textAbstract:
Accurate intrusion detection is necessary to preserve network security. However, developing efficient intrusion detection system is a complex problem due to the nonlinear nature of the intrusion attempts, the unpredictable behaviour of network traffic, and the large number features in the problem space. Hence, selecting the most effective and discriminating feature is highly important. Additionally, eliminating irrelevant features can improve the detection accuracy as well as reduce the learning time of machine learning algorithms. However, feature reduction is an NPhard problem. Therefore, several metaheuristics have been employed to determine the most effective feature subset within reasonable time. In this paper, two intrusion detection models are built based on a modified version of the firefly algorithm to achieve the feature selection task. The first and, the second models have been used for binary and multiclass classification, respectively. The modified firefly algorithm employed a mutation operation to avoid trapping into local optima through enhancing the exploration capabilities of the original firefly. The significance of the selected features is evaluated using a Naïve Bayes classifier over a benchmark standard dataset, which contains different types of attacks. The obtained results revealed the superiority of the modified firefly algorithm against the original firefly algorithm in terms of the classification accuracy and the number of selected features under different scenarios. Additionally, the results assured the superiority of the proposed intrusion detection system against other recently proposed systems in both binary classification and multi-classification scenarios. The proposed system has 96.51% and 96.942% detection accuracy in binary classification and multi-classification, respectively. Moreover, the proposed system reduced the number of attributes from 41 to 9 for binary classification and to 10 for multi-classification.
17
Laxkar, Pradeep, and Prasun Chakrabarti. "Comparison of intrusion detection system based on feature extraction." International Journal of Engineering & Technology 7, no. 3.3 (June 8, 2018): 536. http://dx.doi.org/10.14419/ijet.v7i2.33.14829.
Full textAbstract:
In network traffic classification redundant feature and irrelevant features in data create problems. All such types of features time-consuming make slow the process of classification and also affect a classifier to calculate accurate decisions such type of problem caused especially when we deal with big data. In this paper, we compare our proposed algorithm with the other IDS algorithm.
18
Preethi D. and Neelu Khare. "An Intelligent Network Intrusion Detection System Using Particle Swarm Optimization (PSO) and Deep Network Networks (DNN)." International Journal of Swarm Intelligence Research 12, no. 2 (April 2021): 57–73. http://dx.doi.org/10.4018/ijsir.2021040104.
Full textAbstract:
Network intrusion detection system (NIDS) plays a major role in ensuring network security. In this paper, the authors propose a PSO-DNN-based intrusion detection system. The correlation-based feature selection (CFS) applied for feature selection with particle swarm optimization (PSO) as search method and deep neural networks (DNN) for classification of network intrusions. The Adam optimizer is applied for optimizing the learning rate, and softmax classifier is used for classification. The experimentations were duly conducted on the standard benchmark NSL-KDD dataset. The proposed model is validated using 10-fold cross-validation and evaluated using the performance metrics such as accuracy, precision, recall, and F1-score. Also, the results are also compared with DNN and CFS+DNN. The experimental results show that the proposed model performs better compared with other methods considered for comparison.
19
Wang, Qian, Wenfang Zhao, and Jiadong Ren. "Intrusion detection algorithm based on image enhanced convolutional neural network." Journal of Intelligent & Fuzzy Systems 41, no. 1 (August 11, 2021): 2183–94. http://dx.doi.org/10.3233/jifs-210863.
Full textAbstract:
Intrusion Detection System (IDS) can reduce the losses caused by intrusion behaviors and protect users’ information security. The effectiveness of IDS depends on the performance of the algorithm used in identifying intrusions. And traditional machine learning algorithms are limited to deal with the intrusion data with the characteristics of high-dimensionality, nonlinearity and imbalance. Therefore, this paper proposes an Intrusion Detection algorithm based on Image Enhanced Convolutional Neural Network (ID-IE-CNN). Firstly, based on the image processing technology of deep learning, oversampling method is used to increase the amount of original data to achieve data balance. Secondly, the one-dimensional data is converted into two-dimensional image data, the convolutional layer and the pooling layer are used to extract the main features of the image to reduce the data dimensionality. Thirdly, the Tanh function is introduced as an activation function to fit nonlinear data, a fully connected layer is used to integrate local information, and the generalization ability of the prediction model is improved by the Dropout method. Finally, the Softmax classifier is used to predict the behavior of intrusion detection. This paper uses the KDDCup99 data set and compares with other competitive algorithms. Both in the performance of binary classification and multi-classification, ID-IE-CNN is better than the compared algorithms, which verifies its superiority.
20
Alzubi, Omar A., Jafar A. Alzubi, Moutaz Alazab, Adnan Alrabea, Albara Awajan, and Issa Qiqieh. "Optimized Machine Learning-Based Intrusion Detection System for Fog and Edge Computing Environment." Electronics 11, no. 19 (September 22, 2022): 3007. http://dx.doi.org/10.3390/electronics11193007.
Full textAbstract:
As a new paradigm, fog computing (FC) has several characteristics that set it apart from the cloud computing (CC) environment. Fog nodes and edge computing (EC) hosts have limited resources, exposing them to cyberattacks while processing large streams and sending them directly to the cloud. Intrusion detection systems (IDS) can be used to protect against cyberattacks in FC and EC environments, while the large-dimensional features in networking data make processing the massive amount of data difficult, causing lower intrusion detection efficiency. Feature selection is typically used to alleviate the curse of dimensionality and has no discernible effect on classification outcomes. This is the first study to present an Effective Seeker Optimization model in conjunction with a Machine Learning-Enabled Intrusion Detection System (ESOML-IDS) model for the FC and EC environments. The ESOML-IDS model primarily designs a new ESO-based feature selection (FS) approach to choose an optimal subset of features to identify the occurrence of intrusions in the FC and EC environment. We also applied a comprehensive learning particle swarm optimization (CLPSO) with Denoising Autoencoder (DAE) for the detection of intrusions. The development of the ESO algorithm for feature subset selection and the DAE algorithm for parameter optimization results in improved detection efficiency and effectiveness. The experimental results demonstrated the improved outcomes of the ESOML-IDS model over recent approaches.
21
Kumar, Kapil, Arvind Kumar, Vimal Kumar, and Sunil Kumar. "A Hybrid Classification Technique for Enhancing the Effectiveness of Intrusion Detection Systems Using Machine Learning." International Journal of Organizational and Collective Intelligence 12, no. 1 (January 2022): 1–18. http://dx.doi.org/10.4018/ijoci.2022010102.
Full textAbstract:
The objective of this paper is to propose and develop a hybrid intrusion detection system to handle series and non-series data by applying the two different concepts that are named clustering and autocorrelation function in a single architecture. There is a need to propose and build a system that can handle both types of data whether it is series or non-series. Therefore, the authors used two concepts to generate a robust approach to craft a hybrid intrusion detection system. The authors utilize an unsupervised clustering approach that is used to categorize the data based on domain similarity to handle non-series data and another approach is based on autocorrelation function to handle series data. The approach is consumed in single architecture where it carries data as input from both host-based intrusion detection systems and network-based intrusion detection systems. The result shows that the hybrid intrusion detection system is categorizing data based on the optimal number of clusters obtained through the elbow method in clustering.
22
Pamela Vinitha Eric, Mathiyalagan R,. "An Efficient Intrusion Detection System Using Improved Bias Based Convolutional Neural Network Classifier." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 12, no. 6 (April 5, 2021): 2468–82. http://dx.doi.org/10.17762/turcomat.v12i6.5689.
Full textAbstract:
Today’s modern society has faced many challenges due to the rapid digitization and growing number of hackers, which makes the networking-based systems to become a target place for intruders. The attacks may allure the users, and it compromised the whole system and makes the security the biggest challenge. In this regard, the best way to combat the issues is by exploring new ways to defend the network against threats. More recently, Intrusion Detection Systems (IDS) is a key enabling technology in maintaining the novel network security. Indeed, some existing systems utilize Improved Relevance Vector Machine (IVRM) classifier for performing intrusion detection in network-based systems. In this work, feature selection is done by using Gaussian Firefly Algorithm and Improved Relevance Vector Machine (IRVM) based classification is performed according to the selected features. However, for large-scale intrusion dataset, the intrusion detection is not robust; hence, it leads to high attack rates. The proposed system designed an Improved Bias based Convolutional Neural Network (ICNN) for high attack intrusion detection. For embracing high-security factors and enhanced protection, the proposed system performs three phases, such as preprocessing, feature selection, and classification. The first phase employs the KDD dataset and Kalman filtering method followed by feature selection utilizes Inertia Weight based Dragonfly Algorithm (IWDA) and finally identified the intrusion attacks using Improved Bias based Convolutional Neural Network (IBCNN) classifier. In this work, a novel model performed with the KDD dataset. The suggested method evaluated in terms of accuracy, f-measure, recall, and precision for examining performance compared with existing systems.
23
Lee, JooHwa, and KeeHyun Park. "AE-CGAN Model based High Performance Network Intrusion Detection System." Applied Sciences 9, no. 20 (October 10, 2019): 4221. http://dx.doi.org/10.3390/app9204221.
Full textAbstract:
In this paper, a high-performance network intrusion detection system based on deep learning is proposed for situations in which there are significant imbalances between normal and abnormal traffic. Based on the unsupervised learning models autoencoder (AE) and the generative adversarial networks (GAN) model during deep learning, the study aim is to solve the imbalance of data and intrusion detection of high performance. The AE-CGAN (autoencoder-conditional GAN) model is proposed to improve the performance of intrusion detection. This model oversamples rare classes based on the GAN model in order to solve the performance degradation caused by data imbalance after processing the characteristics of the data to a lower level using the autoencoder model. To measure the performance of the AE-CGAN model, data is classified using random forest (RF), a typical machine learning classification algorithm. In this experiment, we used the canadian institute for cybersecurity intrusion detection system (CICIDS)2017 dataset, the latest public dataset of network intrusion detection system (NIDS), and compared the three models to confirm efficacy of the proposed model. We compared the performance of three types of models. These included single-RF, a classification model using only a classification algorithm, AE-RF which is processed by classifying data features, and the AE-CGAN model which is classified after solving the data feature processing and data imbalance. Experimental results showed that the performance of the AE-CGAN model proposed in this paper was the highest. In particular, when the data were unbalanced, the performances of recall and F1 score, which are more accurate performance indicators, were 93.29% and 95.38%, respectively. The AE-CGAN model showed much better performance.
24
Imrana, Yakubu, Yanping Xiang, Liaqat Ali, Zaharawu Abdul-Rauf, Yu-Chen Hu, Seifedine Kadry, and Sangsoon Lim. "χ2-BidLSTM: A Feature Driven Intrusion Detection System Based on χ2 Statistical Model and Bidirectional LSTM." Sensors 22, no. 5 (March 4, 2022): 2018. http://dx.doi.org/10.3390/s22052018.
Full textAbstract:
In a network architecture, an intrusion detection system (IDS) is one of the most commonly used approaches to secure the integrity and availability of critical assets in protected systems. Many existing network intrusion detection systems (NIDS) utilize stand-alone classifier models to classify network traffic as an attack or as normal. Due to the vast data volume, these stand-alone models struggle to reach higher intrusion detection rates with low false alarm rates( FAR). Additionally, irrelevant features in datasets can also increase the running time required to develop a model. However, data can be reduced effectively to an optimal feature set without information loss by employing a dimensionality reduction method, which a classification model then uses for accurate predictions of the various network intrusions. In this study, we propose a novel feature-driven intrusion detection system, namely χ2-BidLSTM, that integrates a χ2 statistical model and bidirectional long short-term memory (BidLSTM). The NSL-KDD dataset is used to train and evaluate the proposed approach. In the first phase, the χ2-BidLSTM system uses a χ2 model to rank all the features, then searches an optimal subset using a forward best search algorithm. In next phase, the optimal set is fed to the BidLSTM model for classification purposes. The experimental results indicate that our proposed χ2-BidLSTM approach achieves a detection accuracy of 95.62% and an F-score of 95.65%, with a low FAR of 2.11% on NSL-KDDTest+. Furthermore, our model obtains an accuracy of 89.55%, an F-score of 89.77%, and an FAR of 2.71% on NSL-KDDTest−21, indicating the superiority of the proposed approach over the standard LSTM method and other existing feature-selection-based NIDS methods.
25
Han, Jonghoo, and Wooguil Pak. "Hierarchical LSTM-Based Network Intrusion Detection System Using Hybrid Classification." Applied Sciences 13, no. 5 (February 27, 2023): 3089. http://dx.doi.org/10.3390/app13053089.
Full textAbstract:
Most existing network intrusion detection systems (NIDSs) perform intrusion detection using only a partial packet data of fixed size, but they suffer to increase the detection rate. In this study, in order to find the cause of a limited detection rate, accurate intrusion detection performance was analyzed by adjusting the amount of information used as features according to the size of the packet and length of the session. The results indicate that the total packet data and all packets in the session should be used for the maximum detection rate. However, existing NIDS cannot be extended to use all packet data of each session because the model could be too large owing to the excessive number of features, hampering realistic training and classification speeds. Therefore, in this paper, we present a novel approach for the classifier of NIDSs. The proposed NIDS can effectively handle the entire packet information using the hierarchical long short-term memory and achieves higher detection accuracy than existing methods. Performance evaluation confirms that detection performance can be greatly improved compared to existing NIDSs that use only partial packet information. The proposed NIDS achieves a detection rate of 95.16% and 99.70% when the existing NIDS show the highest detection rate of 93.49% and 98.31% based on the F1-score using two datasets. The proposed method can improve the limitations of existing NIDS and safeguard the network from malicious users by utilizing information on the entire packet.
26
Kumar, Yadala Prabhu, and Burra Vijaya Babu. "Stabbing of Intrusion with Learning Framework Using Auto Encoder Based Intellectual Enhanced Linear Support Vector Machine for Feature Dimensionality Reduction." Revue d'Intelligence Artificielle 36, no. 5 (December 23, 2022): 737–43. http://dx.doi.org/10.18280/ria.360511.
Full textAbstract:
Using an Intelligent Intrusion Detection System (IIDS) instead of less effective firewalls and other intrusion detection systems can increase network security. The system's overall effectiveness is determined by the accuracy and speed of IIDS' categorization and training algorithms. According to research, Stabbing Intrusion Using Learning Framework (SILF) is an innovative and intelligent method of learning attack features and lowering dimensionality. To improve Enhanced Long Short-Term Memory (ELSTM) prediction accuracy while minimising testing and training time, an auto-encoder approach, which is an efficient learning methodology for feature generation in an unsupervised way is applied. Initial training samples are fed into the classifier to increase the predictability of incursion and classification accuracy. Thus, model efficacy may be achieved linearly while alternative classifier approaches such as conventional SVM, Random Forest (RF), and Naive Bayesian (NB) are investigated and compared. In this research, an efficient Intelligent Intrusion Detection System using Auto Encoder with Enhanced LSTM (IIDS-AE-ELSTM) is proposed for feature dimensionality reduction. Testing and training have shown that the proposed model is more efficient than existing systems in terms of performance measures such as accuracy, precision, recall, and F-measure. A new method to intrusion detection is presented, which increases detection of network intrusions with dimensionality reduction. The Python environment is used in the proposed model to create an efficient dimensionality reduction model for intrusion detection.
27
Preethi D. and Neelu Khare. "EFS-LSTM (Ensemble-Based Feature Selection With LSTM) Classifier for Intrusion Detection System." International Journal of e-Collaboration 16, no. 4 (October 2020): 72–86. http://dx.doi.org/10.4018/ijec.2020100106.
Full textAbstract:
In this article, an EFS-LSTM, a deep recurrent learning model, is proposed for network intrusion detection systems. The EFS-LSTM model uses ensemble-based feature selection (EFS) and LSTM (Long Short Term Memory) for the classification of network intrusions. The EFS combines five feature selection mechanisms namely, information gain, gain ratio, chi-square, correlation-based feature selection, and symmetric uncertainty-based feature selection. The experiments were conducted using the benchmark NSL-KDD dataset and implemented using Tensor flow and python. The EFS-LSTM classifier is evaluated using the classification performance metrics and also compared with all the 41 features without any feature selection as well as with each individual feature selection techniques and classified using LSTM. The performance study showed that the EFS-LSTM model outperforms better with 99.8% accuracy with a higher detection and less false alarm rates.
28
Priyadarsini, Pullagura Indira, and G. Anuradha. "A novel ensemble modeling for intrusion detection system." International Journal of Electrical and Computer Engineering (IJECE) 10, no. 2 (April 1, 2020): 1963. http://dx.doi.org/10.11591/ijece.v10i2.pp1963-1971.
Full textAbstract:
Vast increase in data through internet services has made computer systems more vulnerable and difficult to protect from malicious attacks. Intrusion detection systems (IDSs) must be more potent in monitoring intrusions. Therefore an effectual Intrusion Detection system architecture is built which employs a facile classification model and generates low false alarm rates and high accuracy. Noticeably, IDS endure enormous amounts of data traffic that contain redundant and irrelevant features, which affect the performance of the IDS negatively. Despite good feature selection approaches leads to a reduction of unrelated and redundant features and attain better classification accuracy in IDS. This paper proposes a novel ensemble model for IDS based on two algorithms Fuzzy Ensemble Feature selection (FEFS) and Fusion of Multiple Classifier (FMC). FEFS is a unification of five feature scores. These scores are obtained by using feature-class distance functions. Aggregation is done using fuzzy union operation. On the other hand, the FMC is the fusion of three classifiers. It works based on Ensemble decisive function. Experiments were made on KDD cup 99 data set have shown that our proposed system works superior to well-known methods such as Support Vector Machines (SVMs), K-Nearest Neighbor (KNN) and Artificial Neural Networks (ANNs). Our examinations ensured clearly the prominence of using ensemble methodology for modeling IDSs. And hence our system is robust and efficient.
29
Lodhi, Mala Bharti, Vineet Richhariya, and Mahesh Parmar. "AN IMPLEMENTATION OF IDS IN A HYBRID APPROACH AND KDD CUP DATASET." International Journal of Research -GRANTHAALAYAH 2, no. 3 (December 31, 2014): 1–9. http://dx.doi.org/10.29121/granthaalayah.v2.i3.2014.3055.
Full textAbstract:
Now in these days due to rapidly increasing network applications the data and privacy security in network is a key challenge. In order to provide effective and trustable security for network, intrusion detection systems are helpful. The presented study is based on the IDS system design for network based anomaly detection. Thus this system requires an efficient and appropriate classifier by which the detection rate of intrusions using KDD CPU dataset can be improved. Due to study there is various kind of data mining based, classification and pattern detection techniques are available. These techniques are promising for detecting network traffic pattern more accurately. On the other hand recently developed the hybrid models are providing more accurate classification. Thus a hybrid intrusion system is presented in this proposed work. That provides a significant solution even when the overall learning patterns are not available in database. Therefore, three different data mining algorithm is employed with system. Proposed system consists of K-mean clustering algorithm for finding the relationship among data in order to filter data instances. The implementation of the proposed classification system is performed using MATLAB environment and performance of designed classifier is evaluated. The obtained results from the simulation demonstrate after filtering steps. On the other hand the classification accuracy is adoptable with low number of training cycles with less time and space complexity.
30
Yuhong Wu, Yuhong Wu, and Xiangdong Hu Yuhong Wu. "AMS Intrusion Detection Method Based on Improved Generalized Regression Neural Network." 網際網路技術學刊 24, no. 2 (March 2023): 549–63. http://dx.doi.org/10.53106/160792642023032402029.
Full textAbstract:
<p>The smart grid integrates the computer network with the traditional power system and realizes the intelligentization of the power grid. The Advanced Measurement System (AMS) interconnects the power system with the user, realizes the two-way interaction of data and information between the power supplier and the user, and promotes the development of the smart grid. Therefore, the safe operation of AMS is the key to the development of the smart grid. As smart grids and computer networks become more and more closely connected, the number of cyberattacks on AMS continues to increase. Currently, AMS intrusion detection algorithms based on machine learning are constantly being proposed. Machine learning algorithms have better learning and classification capabilities for small sample data, but when faced with a large amount of high-dimensional data information, the learning ability of machine learning algorithms is reduced, and the generalization ability is reduced. To enhance the AMS intrusion detection algorithm, this paper uses a Generalized Regression Neural Network (GRNN) to identify attack behaviors. GRNN has strong non-linear mapping ability, is suitable for unstable data processing with small data characteristics, has good classification and prediction ability, and has been widely used in power grid systems. Aiming at the existing problems, this paper proposes an upgraded generalized regression neural network AMS intrusion detection method DBN-DOA-GRNN. Based on the feature extraction and dimensionality reduction of the data by DBN, GRNN is used for data with less feature information in learning classification. In addition, to improve the detection effect of the method, the Drosophila Optimization Algorithm (DOA) is used to optimize the parameters of GRNN to reduce the influence of random parameters on the detection results, improve the detection accuracy of this method on small-scale sample data, and thereby improve the detection performance of the AMS intrusion detection algorithm. The proposed method archives an accuracy of 87.61%, 3.10% false alarm rate, and 96.9 precision rate.</p> <p> </p>
31
Kannan, Anand, Karthik Gururajan Venkatesan, Alexandra Stagkopoulou, Sheng Li, Sathyavakeeswaran Krishnan, and Arifur Rahman. "A Novel Cloud Intrusion Detection System Using Feature Selection and Classification." International Journal of Intelligent Information Technologies 11, no. 4 (October 2015): 1–15. http://dx.doi.org/10.4018/ijiit.2015100101.
Full textAbstract:
This paper proposes a new cloud intrusion detection system for detecting the intruders in a traditional hybrid virtualized, cloud environment. The paper introduces an effective feature selection algorithm called Temporal Constraint based on Feature Selection algorithm and also proposes a classification algorithm called hybrid decision tree. This hybrid decision tree has been developed by extending the Enhanced C4.5 algorithm an existing decision tree based classifier. Furthermore, the experiments conducted on the sample Cloud Intrusion Detection Datasets (CIDD) show that the proposed cloud intrusion detection system provides better detection accuracy than the existing work and reduces the false positive rate.
32
Abdulameer, Hasan, Inam Musa, and Noora Salim Al-Sultani. "Three level intrusion detection system based on conditional generative adversarial network." International Journal of Electrical and Computer Engineering (IJECE) 13, no. 2 (April 1, 2023): 2240. http://dx.doi.org/10.11591/ijece.v13i2.pp2240-2258.
Full textAbstract:
<span lang="EN-US">Security threat protection is important in the internet of things (IoT) applications since both the connected device and the captured data can be hacked or hijacked or both at the same time. To tackle the above-mentioned problem, we proposed three-level intrusion detection system conditional generative adversarial network (3LIDS-CGAN) model which includes four phases such as first-level intrusion detection system (IDS), second-level IDS, third-level IDS, and attack type classification. In first-level IDS, features of the incoming packets are extracted by the firewall. Based on the extracted features the packets are classified into three classes such as normal, malicious, and suspicious using support vector machine and golden eagle optimization. Suspicious packets are forwarded to the second-level IDS which classified the suspicious packets as normal or malicious. Here, signature-based intrusions are detected using attack history information, and anomaly-based intrusions are detected using event-based semantic mapping. In third-level IDS, adversary packets are detected using CGAN which automatically learns the adversarial environment and detects adversary packets accurately. Finally, proximal policy optimization is proposed to detect the attack type. Experiments are conducted using the NS-3.26 network simulator and performance is evaluated by various performance metrics which results that the proposed 3LIDS-CGAN model outperforming other existing works.</span>
33
Vishwakarma, Uma, Prof Anurag Jain, and Prof Akriti Jain. "A Review of Feature Reduction in Intrusion Detection System Based on Artificial Immune System and Neural Network." INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 9, no. 3 (July 15, 2013): 1127–33. http://dx.doi.org/10.24297/ijct.v9i3.3338.
Full textAbstract:
Feature reduction plays an important role in intrusion detection system. The large amount of feature in network as well as host data effect the performance of intrusion detection method. Various authors are research proposed a method of intrusion detection based on machine learning approach and neural network approach, but all of these methods lacks in large number of feature attribute in intrusion data. In this paper we discuss its various method of feature reduction using artificial immune system and neural network. Artificial immune system is biological inspired system work as mathematical model for feature reduction process. The neural network well knows optimization technique in other field. In this paper we used neural network as feature reduction process. The feature reduction process reduces feature of intrusion data those are not involved in security threats and attacks such as TCP protocol, UDP protocol and ICMP message protocol. This reduces feature-set of intrusion improve the classification rate of intrusion detection and improve the speed performance of the intrusion detection system. The current research going on fixed and static number of feature reduction, we proposed an automatic and dynamic feature reduction technique using PCNN network.
34
Cai, Yu. "Mobile Agent Based Network Defense System in Enterprise Network." International Journal of Handheld Computing Research 2, no. 1 (January 2011): 41–54. http://dx.doi.org/10.4018/jhcr.2011010103.
Full textAbstract:
Security has become the Achilles’ heel of many organizations in today’s computer-dominated society. In this paper, a configurable intrusion detection and response framework named Mobile Agents based Distributed (MAD) security system was proposed for enterprise network consisting of a large number of mobile and handheld devices. The key idea of MAD is to use autonomous mobile agents as lightweight entities to provide unified interfaces for intrusion detection, intrusion response, information fusion, and dynamic reconfiguration. These lightweight agents can be easily installed and managed on mobile and handheld devices. The MAD framework includes a family of autonomous agents, servers and software modules. An Object-based intrusion modeling language (mLanguage) is proposed to allow easy data sharing and system control. A data fusion engine (mEngine) is used to provide fused results for traffic classification and intrusion identification. To ensure Quality-of-Service (QoS) requirements for end users, adaptive resource allocation scheme is also presented. It is hoped that this project will advance the understanding of complex, interactive, and collaborative distributed systems.
35
Gondal, Farzana Kausar. "Mobile Agent (MA) Based Intrusion Detection Systems (IDS): A Systematic Review." Innovative Computing Review 1, no. 2 (December 26, 2021): 85–102. http://dx.doi.org/10.32350/icr.0102.05.
Full textAbstract:
An Intrusion Detection System (IDS) identifies the attacks by analysing the events, considered undesirable from a security perspective, in systems and networks. It is necessary for organizations to install IDS for the protection of sensitive data due to an increase in the number of incidents related to network security. It is difficult to detect intrusions from a segment that is outside a network as well as an intrusion that originated from inside a distributed network. It should be the responsibility of IDS to analyse a huge amount of data without overloading the networks and monitoring systems. Mobile agents (MA) emerged due to the deficiencies and limitations in centralized IDS. These agents can perform predefined actions by detecting malicious activities. From previously published literature, it was deduced that most of the existing IDS based on MA are not significantly effective due to limited intrusion detection and high detection time. This study categorized existing IDS and available MA-IDS to conduct a strategic review focusing on the classification of each category, that is, data collection modes, architecture, analysis techniques, and security. The limitations and strengths of the discussed IDS are presented/showcased wherever applicable. Additionally, this study suggested ways to improve the efficiency of available MA-IDS in order to secure distributed networks in the future. This overview also includes different implementations of agent based IDS.
INDEX TERMS: data mining, distributed systems, Intrusion Detection System (IDS), Mobile Agents (MA), network security
36
Abuadlla, Yousef, Omran Ben Taher, and Hesham Elzentani. "Flow Based Intrusion Detection System Using Multistage Neural Network." مجلة الجامعة الأسمرية: العلوم التطبيقية 2, no. 2 (December 30, 2017): 87–77. http://dx.doi.org/10.59743/aujas.v2i2.1158.
Full textAbstract:
With the rapid expansion of computer networks during the past decade, security has become a crucial issue for computer systems. And to keep security at highest level, there is an increasing need for effective security monitors such as Network Intrusion Detection System to prevent such illicit. In the recent years many researchers focus their hard work on this field using different approaches to build dependable intrusion detection systems. One of these approaches is Flow-based intrusion detection systems that rely on aggregated network traffic flows. In this paper, Multistage Neural Network intrusion detection system based on aggregated flow data is proposed for detecting and classifying attacks in network traffic. The proposed system detects significant changes in the traffic that could be a possible attack in the first stage of neural network, while the second stage has the ability to recognize an attack, to differentiate one attack from another i.e. classifying attack, and the most important, to detect new attacks with high detection rate and low false negative. Two different neural network structures with the use of different training algorithms have been used in our proposed Intrusion Detection System. The experimental results show that the designed system is promising in terms of accuracy and low probability of false alarms, where the overall accuracy classification rate average is equal to 99.25%.
37
Wu, Yuhong, and Xiangdong Hu. "An Intrusion Detection Method Based on Fully Connected Recurrent Neural Network." Scientific Programming 2022 (September 26, 2022): 1–11. http://dx.doi.org/10.1155/2022/7777211.
Full textAbstract:
Now, the use of deep learning technology to solve the problems of the low multiclassification task detection accuracy and complex feature engineering existing in traditional intrusion detection technology has become a research hotspot. In all kinds of deep learning, recurrent neural networks (RNN) are very important. The RNN processes 41 feature attributes and maps them to a 122-dimensional high-dimensional feature space. To detect multiclassification tasks, this study proposes an intrusion detection method based on fully connected recurrent neural networks and compares its performance with previous machine learning methods on benchmark datasets. The research results show that the intrusion detection system (IDS) model based on fully connected recurrent neural network is very suitable for classification of intrusion detection. Classification methods, especially in multiclassification tasks, have high detection accuracy, significantly improve the detection performance of detection attacks and DoS attacks, and it provides a new research direction for the future attempts of intrusion detection methods for industrial control systems.
38
Pise, Nitin. "APPLICATION OF MACHINE LEARNING FOR INTRUSION DETECTION SYSTEM." INFORMATION TECHNOLOGY IN INDUSTRY 9, no. 1 (March 1, 2021): 314–23. http://dx.doi.org/10.17762/itii.v9i1.134.
Full textAbstract:
Due to Covid-19 pandemic, the most of the organizations have permitted their employees to work from home. Also, it is every essential to have security at the highest level so that information will flow in the safe and trusted environment between the different organizations. There is always threat of misuses and different intrusions for communication of the data securely over the internet. As more and more people are using online transactions for the different purposes, it is found that the cyber attackers have become more active. Three in four organizations have faced the different cyber-attacks in the year 2020. So, the detection of intrusion is very important. The paper introduces the intrusion detection system and describes its classification. It discusses the different contributions to the literature in literature review section. The paper discusses the application of the different feature selection techniques for reducing the number of features, use of the different classification algorithms for the intrusion detection and it shows how machine learning is used effectively. KDD99 benchmark dataset was used to implement and measure the performance of the system and good results are obtained and the performance of the different classifier algorithms was compared. Tree based classifiers such as J48 and ensemble techniques such as random forest give the best performance on KDD99 dataset.
39
Pietro Spadaccino and Francesca Cuomo. "Intrusion detection systems for IoT: Opportunities and challenges offered by edge computing." ITU Journal on Future and Evolving Technologies 3, no. 2 (September 22, 2022): 408–20. http://dx.doi.org/10.52953/wnvi5792.
Full textAbstract:
Key components of current cybersecurity methods are the Intrusion Detection Systems (IDSs), where different techniques and architectures are applied to detect intrusions. IDSs can be based either on cross-checking monitored events with a database of known intrusion experiences, known as signature-based, or on learning the normal behavior of the system and reporting whether anomalous events occur, named anomaly-based. This work is dedicated to the application of IDS to the Internet of Things (IoT) networks, where also edge computing is used to support IDS implementation. Specific attention is given to IDSs which leverage device classification at the edge. New challenges that arise when deploying an IDS in an edge scenario are identified and remedies are proposed.
40
Tian, Yuyang. "Abnormal Traffic Prediction and Classification based on Information Big Data." Highlights in Science, Engineering and Technology 23 (December 3, 2022): 145–53. http://dx.doi.org/10.54097/hset.v23i.3216.
Full textAbstract:
Intrusion Detection System (IDS) is a proactive security technique for detecting and alerting suspicious signals. However, the intrusion method developed as a fast and traditional method for detecting malicious traffic has a lot of shortcomings like low accuracy and low efficiency. To determine the different intrusion methods' features and promote the accuracy of malicious traffic detection, several Machine Learning models for classifying different intrusion methods such as KNN, Naive Bayes, SVM, LightGBM are compared. To further improve the accuracy of the model, ensemble models like Voting, Stacking for comparison are also introduced. Grid Search is used for the best parameters. The accuracy, precision, recall score and F1 score are used as metrics to evaluate the performances of different models. The experimental comparison and analysis show that the integrated learning algorithm based on Stacking has the highest accuracy for malicious traffic detection.
41
Almuhairi, Thani, Ahmad Almarri, and Khalid Hokal. "An Artificial Intelligence-based Intrusion Detection System." Journal of Cybersecurity and Information Management 07, no. 02 (April 1, 2021): 95–111. http://dx.doi.org/10.54216/jcim.07.02.04.
Full textAbstract:
Intrusion detection systems have been used in many systems to avoid malicious attacks. Traditionally, these intrusion detection systems use signature-based classification to detect predefined attacks and monitor the network's overall traffic. These intrusion detection systems often fail when an unseen attack occurs, which does not match with predefined attack signatures, leaving the system hopeless and vulnerable. In addition, as new attacks emerge, we need to update the database of attack signatures, which contains the attack information. This raises concerns because it is almost impossible to define every attack in the database and make the process costly also. Recently, research in conjunction with artificial intelligence and network security has evolved. As a result, it created many possibilities to enable machine learning approaches to detect the new attacks in network traffic. Machine learning has already shown successful results in the domain of recommendation systems, speech recognition, and medical systems. So, in this paper, we utilize machine learning approaches to detect attacks and classify them. This paper uses the CSE-CIC-IDS dataset, which contains normal and malicious attacks samples. Multiple steps are performed to train the network traffic classifier. Finally, the model is deployed for testing on sample data.
42
Duhayyim, Mesfer Al, Khalid A. Alissa, Fatma S. Alrayes, Saud S. Alotaibi, ElSayed M. Tag El Din, Amgad Atta Abdelmageed, Ishfaq Yaseen, and Abdelwahed Motwakel. "Evolutionary-Based Deep Stacked Autoencoder for Intrusion Detection in a Cloud-Based Cyber-Physical System." Applied Sciences 12, no. 14 (July 7, 2022): 6875. http://dx.doi.org/10.3390/app12146875.
Full textAbstract:
As cyberattacks develop in volume and complexity, machine learning (ML) was extremely implemented for managing several cybersecurity attacks and malicious performance. The cyber-physical systems (CPSs) combined the calculation with physical procedures. An embedded computer and network monitor and control the physical procedure, commonly with feedback loops whereas physical procedures affect calculations and conversely, at the same time, ML approaches were vulnerable to data pollution attacks. Improving network security and attaining robustness of ML determined network schemes were the critical problems of the growth of CPS. This study develops a new Stochastic Fractal Search Algorithm with Deep Learning Driven Intrusion Detection system (SFSA-DLIDS) for a cloud-based CPS environment. The presented SFSA-DLIDS technique majorly focuses on the recognition and classification of intrusions for accomplishing security from the CPS environment. The presented SFSA-DLIDS approach primarily performs a min-max data normalization approach to convert the input data to a compatible format. In order to reduce a curse of dimensionality, the SFSA technique is applied to select a subset of features. Furthermore, chicken swarm optimization (CSO) with deep stacked auto encoder (DSAE) technique was utilized for the identification and classification of intrusions. The design of a CSO algorithm majorly focuses on the parameter optimization of the DSAE model and thereby enhances the classifier results. The experimental validation of the SFSA-DLIDS model is tested using a series of experiments. The experimental results depict the promising performance of the SFSA-DLIDS model over the recent models.
43
Abdulrahman, Amer A., and Mahmood K. Ibrahem. "Evaluation of DDoS attacks Detection in a New Intrusion Dataset Based on Classification Algorithms." Iraqi Journal of Information & Communications Technology 1, no. 3 (February 1, 2019): 49–55. http://dx.doi.org/10.31987/ijict.1.3.40.
Full textAbstract:
Intrusion detection system is an imperative role in increasing security and decreasing the harm of the computer security system and information system when using of network. It observes different events in a network or system to decide occurring an intrusion or not and it is used to make strategic decision, security purposes and analyzing directions. This paper describes host based intrusion detection system architecture for DDoS attack, which intelligently detects the intrusion periodically and dynamically by evaluating the intruder group respective to the present node with its neighbors. We analyze a dependable dataset named CICIDS 2017 that contains benign and DDoS attack network flows, which meets certifiable criteria and is openly accessible. It evaluates the performance of a complete arrangement of machine learning algorithms and network traffic features to indicate the best features for detecting the assured attack classes. Our goal is storing the address of destination IP that is utilized to detect an intruder by method of misuse detection.
44
Jiang, Xue Song, Xiu Mei Wei, and Yu Shui Geng. "The Research of Intrusion Detection System Based on ANN on Cloud Platform." Applied Mechanics and Materials 263-266 (December 2012): 2962–65. http://dx.doi.org/10.4028/www.scientific.net/amm.263-266.2962.
Full textAbstract:
Intrusion detection system (IDS) can find the intrusion information before the computer be attacked, and can hold up and response the intrusion in real time. Artificial neural network algorithms play a key role in IDS. The intrusion detection system (ANN) algorithms can analyze the captured data and judge whether the data is intrusion. In this paper we used Back Propagation (BP) network and Radical Basis Function (RBF) network to the IDS. The result of the experiment improve that The RBF neural network is better than BP neural network in the ability of approximation, classification and learning speed. During the procedure there is a large amount of computes. On cloud platform the calculation speed has been greatly increased. So that we can find the invasion more quickly and do the processing works accordingly.
45
Sampath, Nithya, and Dinakaran M. "Flow Based Classification for Specification Based Intrusion Detection in Software Defined Networking." International Journal of Software Innovation 7, no. 2 (April 2019): 1–8. http://dx.doi.org/10.4018/ijsi.2019040101.
Full textAbstract:
Software defined networking assures the space for network management, SDNs will possibly replace traditional networks by decoupling the data plane and control plane which provides security by means of a global visibility of the network state. This separation provides a solution for developing secure framework efficiently. Open flow protocol provides a programmatic control over the network traffic by writing rules, which acts as a network attack defence. A robust framework is proposed for intrusion detection systems by integrating the feature ranking using information gain for minimizing the irrelevant features for SDN, writing fuzzy-association flow rules and supervised learning techniques for effective classification of intruders. The experimental results obtained on the KDD dataset shows that the proposed model performs with a higher accuracy, and generates an effective intrusion detection system and reduces the ratio of attack traffic.
46
Farhana, Kaniz, Maqsudur Rahman, and Md Tofael Ahmed. "An intrusion detection system for packet and flow based networks using deep neural network approach." International Journal of Electrical and Computer Engineering (IJECE) 10, no. 5 (October 1, 2020): 5514. http://dx.doi.org/10.11591/ijece.v10i5.pp5514-5525.
Full textAbstract:
Study on deep neural networks and big data is merging now by several aspects to enhance the capabilities of intrusion detection system (IDS). Many IDS models has been introduced to provide security over big data. This study focuses on the intrusion detection in computer networks using big datasets. The advent of big data has agitated the comprehensive assistance in cyber security by forwarding a brunch of affluent algorithms to classify and analysis patterns and making a better prediction more efficiently. In this study, to detect intrusion a detection model has been propounded applying deep neural networks. We applied the suggested model on the latest data set available at online, formatted with packet based, flow based data and some additional metadata. The data set is labeled and imbalanced with 79 attributes and some classes having much less training samples compared to other classes. The proposed model is build using Keras and Google Tensorflow deep learning environment. Experimental result shows that intrusions are detected with the accuracy over 99% for both binary and multi-class classification with selected best features. Receiver operating characteristics (ROC) and precision-recall curve average score is also 1. The outcome implies that Deep Neural Networks offers a novel research model with great accuracy for intrusion detection model, better than some models presented in the literature.
47
Zhou, Yulin, Lun Xie, and Hang Pan. "Research on a PSO-H-SVM-Based Intrusion Detection Method for Industrial Robotic Arms." Applied Sciences 12, no. 6 (March 8, 2022): 2765. http://dx.doi.org/10.3390/app12062765.
Full textAbstract:
The automation and intelligence of industrial manufacturing is the core of the fourth industrial revolution, and robotic arms and proprietary networked information systems are an integral part of this vision. However, with the benefits come risks that have been overlooked, and robotic arms have become a heavily attacked area. In order to improve the security of the robotic arm system, this paper proposes an intrusion detection method based on a state classification model. The closure operation process of the robotic arm is divided into five consecutive states, while a support vector machine based on the particle swarm optimization algorithm (PSO-H-SVM) classifies the operation state of the robotic arm. In the detection process, the classifier predicts the operation state of the robotic arm in real time, and the detection method determines whether the state transfer meets the logical requirements, and then determines whether the intrusion occurs. In addition, a response mechanism is proposed on the basis of the intrusion detection system to make protection measures for the robotic arm system. Finally, a physical experiment platform was built to test the intrusion detection method. The results showed that the classification accuracy of the PSO-H-SVM algorithm reached 96.02%, and the detection accuracy of the intrusion detection method reached 90%, which verified the effectiveness and reliability of the intrusion detection method.
48
Li, Wenchao, Ping Yi, Yue Wu, Li Pan, and Jianhua Li. "A New Intrusion Detection System Based on KNN Classification Algorithm in Wireless Sensor Network." Journal of Electrical and Computer Engineering 2014 (2014): 1–8. http://dx.doi.org/10.1155/2014/240217.
Full textAbstract:
The Internet of Things has broad application in military field, commerce, environmental monitoring, and many other fields. However, the open nature of the information media and the poor deployment environment have brought great risks to the security of wireless sensor networks, seriously restricting the application of wireless sensor network. Internet of Things composed of wireless sensor network faces security threats mainly from Dos attack, replay attack, integrity attack, false routing information attack, and flooding attack. In this paper, we proposed a new intrusion detection system based onK-nearest neighbor (K-nearest neighbor, referred to as KNN below) classification algorithm in wireless sensor network. This system can separate abnormal nodes from normal nodes by observing their abnormal behaviors, and we analyse parameter selection and error rate of the intrusion detection system. The paper elaborates on the design and implementation of the detection system. This system has achieved efficient, rapid intrusion detection by improving the wireless ad hoc on-demand distance vector routing protocol (Ad hoc On-Demand Distance the Vector Routing, AODV). Finally, the test results show that: the system has high detection accuracy and speed, in accordance with the requirement of wireless sensor network intrusion detection.
49
Hussien et al., Zaid. "Anomaly Detection Approach Based on Deep Neural Network and Dropout." Baghdad Science Journal 17, no. 2(SI) (June 23, 2020): 0701. http://dx.doi.org/10.21123/bsj.2020.17.2(si).0701.
Full textAbstract:
Regarding to the computer system security, the intrusion detection systems are fundamental components for discriminating attacks at the early stage. They monitor and analyze network traffics, looking for abnormal behaviors or attack signatures to detect intrusions in early time. However, many challenges arise while developing flexible and efficient network intrusion detection system (NIDS) for unforeseen attacks with high detection rate. In this paper, deep neural network (DNN) approach was proposed for anomaly detection NIDS. Dropout is the regularized technique used with DNN model to reduce the overfitting. The experimental results applied on NSL_KDD dataset. SoftMax output layer has been used with cross entropy loss function to enforce the proposed model in multiple classification, including five labels, one is normal and four others are attacks (Dos, R2L, U2L and Probe). Accuracy metric was used to evaluate the model performance. The proposed model accuracy achieved to 99.45%. Commonly the recognition time is reduced in the NIDS by using feature selection technique. The proposed DNN classifier implemented with feature selection algorithm, and obtained on accuracy reached to 99.27%.
50
Protić, Danijela. "Intrusion detection based on the artificial immune system." Vojnotehnicki glasnik 68, no. 4 (2020): 790–803. http://dx.doi.org/10.5937/vojtehg68-27954.
Full textAbstract:
Introduction/purpose: The artificial immune system is a computational model inspired by the biological or human immune system. Of particular interest in artificial immune systems is the way the human body reacts to new pathogens and adapts to remain immune for a long period after a disease has been combated, which refers to the recognition of known malicious attacks and the way the immune system identifies self-cells not to be reacted to, which refers to the anomaly detection. Methods: Negative selection, positive selection, clonal selection, immune networks, danger theory, and dendritic cell algorithm are presented. Results: A variety of algorithms and models related to artificial immune systems and two classification principles are presented; one based on the detection of a particular attack and the other based on anomaly detection. Conclusion: Artificial immune systems are often used in intrusion detection since they are accurate and fast. Experiments show that the models can be used in both known attack and anomaly detection. Eager machine learning classifiers show better results in the decision, which is an advantage if runtime is not a significant parameter. Dendritic cell and negative selection algorithms show better results for real-time detection.