Relevant bibliographies by topics / NSL-KDD / Journal articles
To see the other types of publications on this topic, follow the link: NSL-KDD.

Journal articles on the topic 'NSL-KDD'

Author: Grafiati
Published: 4 June 2021
Last updated: 16 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'NSL-KDD.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Bala, Ritu. "A REVIEW ON KDD CUP99 AND NSL-KDD DATASET." International Journal of Advanced Research in Computer Science 10, no. 2 (April 20, 2019): 64–67. http://dx.doi.org/10.26483/ijarcs.v10i2.6395.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Protić, Danijela. "Review of KDD Cup '99, NSL-KDD and Kyoto 2006+ datasets." Vojnotehnicki glasnik 66, no. 3 (2018): 580–96. http://dx.doi.org/10.5937/vojtehg66-16670.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Sonawane, Sandip. "Rule Based Learning Intrusion Detection System Using KDD and NSL KDD Dataset." Prestige International Journal of Management & IT - Sanchayan 04, no. 02 (December 15, 2015): 135–45. http://dx.doi.org/10.37922/pijmit.2015.v04i02.009.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Prasetyo, Arief, Luqman Affandi, and Dedi Arpandi. "IMPLEMENTASI METODE NAIVE BAYES UNTUK INTRUSION DETECTION SYSTEM (IDS)." Jurnal Informatika Polinema 4, no. 4 (August 1, 2018): 280. http://dx.doi.org/10.33795/jip.v4i4.220.

Full text
Abstract:
IDS berfungsi untuk mengidentifikasi traffic atau lalu-lintas data pada sebuah jaringan komputer dimana IDS dapat menentukan apakah traffic aman, mencurigakan atau bahkan terindikasi merupakan serangan. Permasalahan muncul ketika ada aktifitas-aktifitas yang mencurigakan atau bahkan aktifitas tersebut merupakan serangan namun tidak terdaftar pada rule atau aturan yang diinputkan sehingga hal itu sangat membahayakan sebuah jaringan komputer. Tujuan dari penellitian ini adalah membangun sistem deteksi pola serangan baru menggunakan metode naive bayes untuk mengatasi serangan-serangan baru yang muncul, dan yang belum terdaftar pada signature serta untuk meningkatkan akurasi pendeteksian serangan-serangan baru pada Intruison Detection System (IDS). Data yang digunakan pada penelitian ini adalah data NSL-KDD, NSL-KDD telah menyediakan data training dan data testing untuk proses penelitian klasifikasi serangan. Dari data NSL-KDD akan dilakukan klasifikasi serangan menggunakan metode naive bayes agar serangan-serangan baru dapat terklasifikasi. Penelitian yang menggunakan metode naive bayes ini telah berhasil melakukan klasifikasi serangan-serangan baru dengan akurasi kebenaran adalah sebesar 81-84,67 %.
APA, Harvard, Vancouver, ISO, and other styles
5

Mahmood, Hafza A. "Network Intrusion Detection System (NIDS) in Cloud Environment based on Hidden Naïve Bayes Multiclass Classifier." Al-Mustansiriyah Journal of Science 28, no. 2 (April 11, 2018): 134. http://dx.doi.org/10.23851/mjs.v28i2.508.

Full text
Abstract:
Cloud Environment is next generation internet based computing system that supplies customiza-ble services to the end user to work or access to the various cloud applications. In order to provide security and decrease the damage of information system, network and computer system it is im-portant to provide intrusion detection system (IDS. Now Cloud environment are under threads from network intrusions, as one of most prevalent and offensive means Denial of Service (DoS) attacks that cause dangerous impact on cloud computing systems. This paper propose Hidden naïve Bayes (HNB) Classifier to handle DoS attacks which is a data mining (DM) model used to relaxes the conditional independence assumption of Naïve Bayes classifier (NB), proposed sys-tem used HNB Classifier supported with discretization and feature selection where select the best feature enhance the performance of the system and reduce consuming time. To evaluate the per-formance of proposal system, KDD 99 CUP and NSL KDD Datasets has been used. The experi-mental results show that the HNB classifier improves the performance of NIDS in terms of accu-racy and detecting DoS attacks, where the accuracy of detect DoS is 100% in three test KDD cup 99 dataset by used only 12 feature that selected by use gain ratio while in NSL KDD Dataset the accuracy of detect DoS attack is 90 % in three Experimental NSL KDD dataset by select 10 fea-ture only.
APA, Harvard, Vancouver, ISO, and other styles
6

Sharma, Srishti, Yogita Gigras, Rita Chhikara, and Anuradha Dhull. "Analysis of NSL KDD Dataset Using Classification Algorithms for Intrusion Detection System." Recent Patents on Engineering 13, no. 2 (May 27, 2019): 142–47. http://dx.doi.org/10.2174/1872212112666180402122150.

Full text
Abstract:
Background: Intrusion detection systems are responsible for detecting anomalies and network attacks. Building of an effective IDS depends upon the readily available dataset. This dataset is used to train and test intelligent IDS. In this research, NSL KDD dataset (an improvement over original KDD Cup 1999 dataset) is used as KDD’99 contains huge amount of redundant records, which makes it difficult to process the data accurately. Methods: The classification techniques applied on this dataset to analyze the data are decision trees like J48, Random Forest and Random Trees. Results: On comparison of these three classification algorithms, Random Forest was proved to produce the best results and therefore, Random Forest classification method was used to further analyze the data. The results are analyzed and depicted in this paper with the help of feature/attribute selection by applying all the possible combinations. Conclusion: There are total of eight significant attributes selected after applying various attribute selection methods on NSL KDD dataset.
APA, Harvard, Vancouver, ISO, and other styles
7

Shukla, Alok Kumar, and Pradeep Singh. "Building an Effective Approach toward Intrusion Detection Using Ensemble Feature Selection." International Journal of Information Security and Privacy 13, no. 3 (July 2019): 31–47. http://dx.doi.org/10.4018/ijisp.201907010102.

Full text
Abstract:
The duplicate and insignificant features present in the data set to cause a long-term problem in the classification of network or web traffic. The insignificant features not only decrease the classification performance but also prevent a classifier from making accurate decisions, exclusively when substantial volumes of data are managed. In this article, the author introduced an ensemble feature selection (EFS) technique, where multiple homogeneous feature selection (FS) methods are combined to choose the optimal subset of relevant and non-redundant features. An intrusion detection system, named support vector machine-based IDS (SVM-IDS), is prompted using the feature selected by the proposed method. The SVM-IDS performance is evaluated using two benchmark datasets of intrusion detection, including KDD Cup 99 and NSL-KDD. Our proposed method provided more significant features for SVM-IDS and compared with the other state-of-the-art methods. The experimental results demonstrate that proposed method achieves a maximum accuracy as 98.95% in KDD Cup 99 data set and 98.12% in the NSL-KDD data set.
APA, Harvard, Vancouver, ISO, and other styles
8

Dr.R.Venkatesh, Kavitha S, Dr Uma Maheswari N,. "Network Anomaly Detection for NSL-KDD Dataset Using Deep Learning." INFORMATION TECHNOLOGY IN INDUSTRY 9, no. 2 (March 31, 2021): 821–27. http://dx.doi.org/10.17762/itii.v9i2.419.

Full text
Abstract:
Deep learning based intrusion detection cyber security methods gained increased popularity. The essential element to provide protection to the ICT infrastructure is the intrusion detection systems (IDSs). Intelligent solutions are necessary to control the complexity and increase in the new attack types. The intelligent system (DL/ML) has been widely used with its benefits to effectively deal with complex and great dimensional data. The IDS has various attack types like known, unknown, zero day attacks are attractive to and detected using unsupervised machine learning techniques. A novel methodology has been proposed that combines the benefits of Isolation forest (One Class) Support Vector Machine (OCSVM) with active learning method to detect threats without any prior knowledge. The NSL-KDD dataset has been used to evaluate the various DL methods with active learning method. The results show that this method performs better than other techniques. The design methodology inspires the efforts to emerging anomaly detection.
APA, Harvard, Vancouver, ISO, and other styles
9

Muhuri, Pramita Sree, Prosenjit Chatterjee, Xiaohong Yuan, Kaushik Roy, and Albert Esterline. "Using a Long Short-Term Memory Recurrent Neural Network (LSTM-RNN) to Classify Network Attacks." Information 11, no. 5 (May 1, 2020): 243. http://dx.doi.org/10.3390/info11050243.

Full text
Abstract:
An intrusion detection system (IDS) identifies whether the network traffic behavior is normal or abnormal or identifies the attack types. Recently, deep learning has emerged as a successful approach in IDSs, having a high accuracy rate with its distinctive learning mechanism. In this research, we developed a new method for intrusion detection to classify the NSL-KDD dataset by combining a genetic algorithm (GA) for optimal feature selection and long short-term memory (LSTM) with a recurrent neural network (RNN). We found that using LSTM-RNN classifiers with the optimal feature set improves intrusion detection. The performance of the IDS was analyzed by calculating the accuracy, recall, precision, f-score, and confusion matrix. The NSL-KDD dataset was used to analyze the performances of the classifiers. An LSTM-RNN was used to classify the NSL-KDD datasets into binary (normal and abnormal) and multi-class (Normal, DoS, Probing, U2R, and R2L) sets. The results indicate that applying the GA increases the classification accuracy of LSTM-RNN in both binary and multi-class classification. The results of the LSTM-RNN classifier were also compared with the results using a support vector machine (SVM) and random forest (RF). For multi-class classification, the classification accuracy of LSTM-RNN with the GA model is much higher than SVM and RF. For binary classification, the classification accuracy of LSTM-RNN is similar to that of RF and higher than that of SVM.
APA, Harvard, Vancouver, ISO, and other styles
10

Choudhary, Sarika, and Nishtha Kesswani. "Analysis of KDD-Cup’99, NSL-KDD and UNSW-NB15 Datasets using Deep Learning in IoT." Procedia Computer Science 167 (2020): 1561–73. http://dx.doi.org/10.1016/j.procs.2020.03.367.

Full text
APA, Harvard, Vancouver, ISO, and other styles
11

Albahar, Marwan Ali, and Muhammad Binsawad. "Deep Autoencoders and Feedforward Networks Based on a New Regularization for Anomaly Detection." Security and Communication Networks 2020 (July 10, 2020): 1–9. http://dx.doi.org/10.1155/2020/7086367.

Full text
Abstract:
Anomaly detection is a problem with roots dating back over 30 years. The NSL-KDD dataset has become the convention for testing and comparing new or improved models in this domain. In the field of network intrusion detection, the UNSW-NB15 dataset has recently gained significant attention over the NSL-KDD because it contains more modern attacks. In the present paper, we outline two cutting-edge architectures that push the boundaries of model accuracy for these datasets, both framed in the context of anomaly detection and intrusion classification. We summarize training methodologies, hyperparameters, regularization, and other aspects of model architecture. Moreover, we also utilize the standard deviation of weight values to design a new regularization technique. Then, we embed it on both models and report the models’ performance. Finally, we detail potential improvements aimed at increasing models’ accuracy.
APA, Harvard, Vancouver, ISO, and other styles
12

Ma, Manfu, Wei Deng, Hongtong Liu, and Xinmiao Yun. "An Intrusion Detection Model based on Hybrid Classification algorithm." MATEC Web of Conferences 246 (2018): 03027. http://dx.doi.org/10.1051/matecconf/201824603027.

Full text
Abstract:
Due to using the single classification algorithm can not meet the performance requirements of intrusion detection, combined with the numerical value of KNN and the advantage of naive Bayes in the structure of data, an intrusion detection model KNN-NB based on KNN and Naive Bayes hybrid classification algorithm is proposed. The model first preprocesses the NSL-KDD intrusion detection data set. And then by exploiting the advantages of KNN algorithm in data values, the model calculates the distance between the samples according to the feature items and selects the K sample data with the smallest distance. Finally, by naive Bayes to get the final result. The experimental results on the NSL-KDD dataset show that the KNN-NB algorithm can meet the requirement of balanced performance than the traditional KNN and Naive Bayes algorithm in term of accuracy, sensitivity, false detection rate, specificity, and missed detection rate.
APA, Harvard, Vancouver, ISO, and other styles
13

Ravipati, Rama Devi, and Munther Abualkibash. "A SURVEY ON DIFFERENT MACHINE LEARNING ALGORITHMS AND WEAK CLASSIFIERS BASED ON KDD AND NSL-KDD DATASETS." International Journal of Artificial Intelligence & Applications 10, no. 03 (May 30, 2019): 01–11. http://dx.doi.org/10.5121/ijaia.2019.10301.

Full text
APA, Harvard, Vancouver, ISO, and other styles
14

Khalil Alanezi, Mafaz, and Najlaa Aldabagh. "Application of Immune Complement Algorithm to NSL-KDD Intrusion Detection Dataset." AL-Rafidain Journal of Computer Sciences and Mathematics 9, no. 2 (December 1, 2012): 109–23. http://dx.doi.org/10.33899/csmj.2012.163705.

Full text
APA, Harvard, Vancouver, ISO, and other styles
15

Hussain, Jamal, and Aishwarya Mishra. "Performance Analysis of Some Neural Network Algorithms using NSL-KDD Dataset." International Journal of Computer Trends and Technology 50, no. 1 (August 25, 2017): 43–49. http://dx.doi.org/10.14445/22312803/ijctt-v50p107.

Full text
APA, Harvard, Vancouver, ISO, and other styles
16

Mohammadi, Shahriar, and Amin Namadchian. "A New Deep Learning Approach for Anomaly Base IDS using Memetic Classifier." International Journal of Computers Communications & Control 12, no. 5 (September 10, 2017): 677. http://dx.doi.org/10.15837/ijccc.2017.5.2972.

Full text
Abstract:
A model of an intrusion-detection system capable of detecting attack in computer networks is described. The model is based on deep learning approach to learn best features of network connections and Memetic algorithm as final classifier for detection of abnormal traffic.One of the problems in intrusion detection systems is large scale of features. Which makes typical methods data mining method were ineffective in this area. Deep learning algorithms succeed in image and video mining which has high dimensionality of features. It seems to use them to solve the large scale of features problem of intrusion detection systems is possible. The model is offered in this paper which tries to use deep learning for detecting best features.An evaluation algorithm is used for produce final classifier that work well in multi density environments.We use NSL-KDD and Kdd99 dataset to evaluate our model, our findings showed 98.11 detection rate. NSL-KDD estimation shows the proposed model has succeeded to classify 92.72% R2L attack group.
APA, Harvard, Vancouver, ISO, and other styles
17

Gurung, Sandeep, Mirnal Kanti Ghose, and Aroj Subedi. "Deep Learning Approach on Network Intrusion Detection System using NSL-KDD Dataset." International Journal of Computer Network and Information Security 11, no. 3 (March 8, 2019): 8–14. http://dx.doi.org/10.5815/ijcnis.2019.03.02.

Full text
APA, Harvard, Vancouver, ISO, and other styles
18

Su, Tongtong, Huazhi Sun, Jinqi Zhu, Sheng Wang, and Yabo Li. "BAT: Deep Learning Methods on Network Intrusion Detection Using NSL-KDD Dataset." IEEE Access 8 (2020): 29575–85. http://dx.doi.org/10.1109/access.2020.2972627.

Full text
APA, Harvard, Vancouver, ISO, and other styles
19

Rama Devi, Ravipati, and Munther Abualkibash. "Intrusion Detection System Classification Using Different Machine Learning Algorithms on KDD-99 and NSL-KDD Datasets - A Review Paper." International Journal of Computer Science and Information Technology 11, no. 03 (June 29, 2019): 65–80. http://dx.doi.org/10.5121/ijcsit.2019.11306.

Full text
APA, Harvard, Vancouver, ISO, and other styles
20

Serinelli, Benedetto Marco, Anastasija Collen, and Niels Alexander Nijdam. "Training Guidance with KDD Cup 1999 and NSL-KDD Data Sets of ANIDINR: Anomaly-Based Network Intrusion Detection System." Procedia Computer Science 175 (2020): 560–65. http://dx.doi.org/10.1016/j.procs.2020.07.080.

Full text
APA, Harvard, Vancouver, ISO, and other styles
21

Et. al., Gaddam Venugopal,. "A Comparative Analysis on Hybrid SVM for Network Intrusion Detection System." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 12, no. 2 (April 11, 2021): 2674–79. http://dx.doi.org/10.17762/turcomat.v12i2.2290.

Full text
Abstract:
Rapid growth in technology, not only makes smoother the life style, but also reveals a lot of security issues. Day by day changing of attack types distractsnot only organizations, companies but also the people who are using network services for their daily needs.Intrusion Detection Systems (IDS) have been developed to avoid financial losses caused by network attacks. KDD CUP 99, NSL-KDD, KYOTO 2006+, CIDDS-01 etc., some of the Intrusion Datasets available for researchers to test and develop their IDS models. In this paper, an attempt is made to compare the effect of various SVM Kernel based models and Hybrid kernel based models etc., on CIDDS-01 dataset. Results were drawn.
APA, Harvard, Vancouver, ISO, and other styles
22

Solanki, Surbhi, Chetan Gupta, and Kalpana Rai. "A Survey on Machine Learning based Intrusion Detection System on NSL-KDD Dataset." International Journal of Computer Applications 176, no. 30 (June 18, 2020): 36–39. http://dx.doi.org/10.5120/ijca2020920343.

Full text
APA, Harvard, Vancouver, ISO, and other styles
23

Raj, Shiladitya, Megha Jain*, and Dr Pradeep Chouksey. "A Network Intrusion Detection System Based on Categorical Boosting Technique using NSL-KDD." Indian Journal of Cryptography and Network Security 1, no. 2 (November 10, 2021): 1–4. http://dx.doi.org/10.35940/ijcns.b1411.111221.

Full text
Abstract:
Massive volumes of network traffic & data are generated by common technology including the Internet of Things, cloud computing & social networking. Intrusion Detection Systems are therefore required to track the network which dynamically analyses incoming traffic. The purpose of the IDS is to carry out attacks inspection or provide security management with desirable help along with intrusion data. To date, several approaches to intrusion detection have been suggested to anticipate network malicious traffic. The NSL-KDD dataset is being applied in the paper to test intrusion detection machine learning algorithms. We research the potential viability of ELM by evaluating the advantages and disadvantages of ELM. In the preceding part on this issue, we noted that ELM does not degrade the generalisation potential in the expectation sense by selecting the activation function correctly. In this paper, we initiate a separate analysis & demonstrate that the randomness of ELM often contributes to some negative effects. For this reason, we have employed a new technique of machine learning for overcoming the problems of ELM by using the Categorical Boosting technique (CATBoost).
APA, Harvard, Vancouver, ISO, and other styles
24

Alom, Zahangir, Venkata Ramesh Bontupalli, and Tarek M. Taha. "Intrusion Detection Using Deep Belief Network and Extreme Learning Machine." International Journal of Monitoring and Surveillance Technologies Research 3, no. 2 (April 2015): 35–56. http://dx.doi.org/10.4018/ijmstr.2015040103.

Full text
Abstract:
Security threats for computer networks have increased dramatically over the last decade, becoming bolder and more brazen. There is a strong need for effective Intrusion Detection Systems (IDS) that are designed to interpret intrusion attempts in incoming network traffic intelligently. In this paper, the authors explored the capabilities of Deep Belief Networks (DBN) – one of the most influential deep learning approach – in performing intrusion detection after training with the NSL-KDD dataset. Additionally, they examined the impact of using Extreme Learning Machine (ELM) and Regularized ELM on the same dataset to evaluate the performance against DBN and Support Vector Machine (SVM) approaches. The trained system identifies any type of unknown attack in the dataset examined. In addition to detecting attacks, the proposed system also classifies them into five groups. The implementation with DBN and SVM give a testing accuracy of about 97.5% and 88.33% respectively with 40% of training data selected from the NSL-KDD dataset. On the other hand, the experimental results show around 98.20% and 98.26% testing accuracy respectively for ELM and RELM after reducing the data dimensions from 41 to 9 essential features with 40% training data. ELM and RELM perform better in terms of testing accuracy upon comparison with DBN and SVM.
APA, Harvard, Vancouver, ISO, and other styles
25

Rincy N, Thomas, and Roopam Gupta. "Design and Development of an Efficient Network Intrusion Detection System Using Machine Learning Techniques." Wireless Communications and Mobile Computing 2021 (June 26, 2021): 1–35. http://dx.doi.org/10.1155/2021/9974270.

Full text
Abstract:
Today’s internets are made up of nearly half a million different networks. In any network connection, identifying the attacks by their types is a difficult task as different attacks may have various connections, and their number may vary from a few to hundreds of network connections. To solve this problem, a novel hybrid network IDS called NID-Shield is proposed in the manuscript that classifies the dataset according to different attack types. Furthermore, the attack names found in attack types are classified individually helping considerably in predicting the vulnerability of individual attacks in various networks. The hybrid NID-Shield NIDS applies the efficient feature subset selection technique called CAPPER and distinct machine learning methods. The UNSW-NB15 and NSL-KDD datasets are utilized for the evaluation of metrics. Machine learning algorithms are applied for training the reduced accurate and highly merit feature subsets obtained from CAPPER and then assessed by the cross-validation method for the reduced attributes. Various performance metrics show that the hybrid NID-Shield NIDS applied with the CAPPER approach achieves a good accuracy rate and low FPR on the UNSW-NB15 and NSL-KDD datasets and shows good performance results when analyzed with various approaches found in existing literature studies.
APA, Harvard, Vancouver, ISO, and other styles
26

P, Muneeshwari, and Kishanthini M. "A New Framework for Anomaly Detection in NSL-KDD Dataset using Hybrid Neuro-Weighted Genetic Algorithm." Journal of Computational Science and Intelligent Technologies 1, no. 1 (2020): 29–36. http://dx.doi.org/10.53409/mnaa.jcsit1105.

Full text
Abstract:
There are an increasing number of security threats to the Internet and computer networks. For new kinds of attacks constantly emerging, a major challenge is the development of versatile and innovative security-oriented approaches. Anomaly-based network intrusion detection techniques are in this sense a valuable tool for defending target devices and networks from malicious activities. With testing dataset, this work was able to use the NSL-KDD data collection, the binary and multiclass problems. With that inspiration, data mining techniques are used to offer an automated platform for network attack detection. The system is based on the Hybrid Genetic Neuro-Weighted Algorithm (HNWGA).In this weighted genetic algorithm is used for the selection of features and in this work a neuro-genetic fuzzy classification algorithm has been proposed which is used to identify malicious users by classifying user behaviors. The main benefit of this proposed framework is that it reduces the attacks by highly accurate detection of intruders and minimizes false positives. The evaluation of the performance is performed in NSL-KDD dataset. The experimental result shows of that the proposed work attains better accuracy when compared to previous methods. Such type of IDS systems are used in the identification and response to malicious traffic / activities to improve extremely accuracy.
APA, Harvard, Vancouver, ISO, and other styles
27

Prakash N Kalavadekar, Mr, and Dr Shirish S. Sane. "Effect of Mutation and Crossover Probabilities on Genetic Algorithm and Signature Based Intrusion Detection System." International Journal of Engineering & Technology 7, no. 4.19 (November 27, 2018): 1011. http://dx.doi.org/10.14419/ijet.v7i4.19.28277.

Full text
Abstract:
Conventional methods of intrusion prevention like firewalls, cryptography techniques or access management schemes, have not provided complete protection to computer systems and networks from refined malwares and attacks. Intrusion Detection Systems (IDS) are giving the right solution to the current issues and became an important part of any security management system to detect these threats and will not generate widespread harm. The basic goal of IDS is to detect attacks and their nature that may harm the computer system. Several different approaches for intrusion detection have been reported in the literature. The signature based concept using genetic algorithm as features selection and, J48 as classifier to detect attack is proposed in this paper. The system was evaluated on KDD Cup 99, NSL-KDD and Kyoto 2006+ datasets.
APA, Harvard, Vancouver, ISO, and other styles
28

Journal, Baghdad Science. "Developing an Immune Negative Selection Algorithm for Intrusion Detection in NSL-KDD data Set." Baghdad Science Journal 13, no. 2 (June 5, 2016): 278–90. http://dx.doi.org/10.21123/bsj.13.2.278-290.

Full text
Abstract:
With the development of communication technologies for mobile devices and electronic communications, and went to the world of e-government, e-commerce and e-banking. It became necessary to control these activities from exposure to intrusion or misuse and to provide protection to them, so it's important to design powerful and efficient systems-do-this-purpose. It this paper it has been used several varieties of algorithm selection passive immune algorithm selection passive with real values, algorithm selection with passive detectors with a radius fixed, algorithm selection with passive detectors, variable- sized intrusion detection network type misuse where the algorithm generates a set of detectors to distinguish the self-samples. Practical Experiments showed the process to achieve a high rate of detection in the system designer using data NSL-KDD with 12 field without vulnerability to change the radius of the detector or change the number of reagents were obtained as the ratio between detection (0.984, 0.998, 0.999) and the ratio between a false alarm (0.003, 0.002, 0.001). Contrary to the results of experiments conducted on data NSL-KDD with 41 field contact, which affected the rate of detection by changing the radius and the number of the detector as it has been to get the proportion of uncovered between (0.44, 0.824, 0.992) and the percentage of false alarm between (0.5, 0.175, 0.003).
APA, Harvard, Vancouver, ISO, and other styles
29

Alkahtani, Hasan, Theyazn H. H. Aldhyani, and Mohammed Al-Yaari. "Adaptive Anomaly Detection Framework Model Objects in Cyberspace." Applied Bionics and Biomechanics 2020 (December 9, 2020): 1–14. http://dx.doi.org/10.1155/2020/6660489.

Full text
Abstract:
Telecommunication has registered strong and rapid growth in the past decade. Accordingly, the monitoring of computers and networks is too complicated for network administrators. Hence, network security represents one of the biggest serious challenges that can be faced by network security communities. Taking into consideration the fact that e-banking, e-commerce, and business data will be shared on the computer network, these data may face a threat from intrusion. The purpose of this research is to propose a methodology that will lead to a high level and sustainable protection against cyberattacks. In particular, an adaptive anomaly detection framework model was developed using deep and machine learning algorithms to manage automatically-configured application-level firewalls. The standard network datasets were used to evaluate the proposed model which is designed for improving the cybersecurity system. The deep learning based on Long-Short Term Memory Recurrent Neural Network (LSTM-RNN) and machine learning algorithms namely Support Vector Machine (SVM), K-Nearest Neighbor (K-NN) algorithms were implemented to classify the Denial-of-Service attack (DoS) and Distributed Denial-of-Service (DDoS) attacks. The information gain method was applied to select the relevant features from the network dataset. These network features were significant to improve the classification algorithm. The system was used to classify DoS and DDoS attacks in four stand datasets namely KDD cup 199, NSL-KDD, ISCX, and ICI-ID2017. The empirical results indicate that the deep learning based on the LSTM-RNN algorithm has obtained the highest accuracy. The proposed system based on the LSTM-RNN algorithm produced the highest testing accuracy rate of 99.51% and 99.91% with respect to KDD Cup’99, NSL-KDD, ISCX, and ICI-Id2017 datasets, respectively. A comparative result analysis between the machine learning algorithms, namely SVM and KNN, and the deep learning algorithms based on the LSTM-RNN model is presented. Finally, it is concluded that the LSTM-RNN model is efficient and effective to improve the cybersecurity system for detecting anomaly-based cybersecurity.
APA, Harvard, Vancouver, ISO, and other styles
30

Hindy, Hanan, Robert Atkinson, Christos Tachtatzis, Jean-Noël Colin, Ethan Bayne, and Xavier Bellekens. "Utilising Deep Learning Techniques for Effective Zero-Day Attack Detection." Electronics 9, no. 10 (October 14, 2020): 1684. http://dx.doi.org/10.3390/electronics9101684.

Full text
Abstract:
Machine Learning (ML) and Deep Learning (DL) have been used for building Intrusion Detection Systems (IDS). The increase in both the number and sheer variety of new cyber-attacks poses a tremendous challenge for IDS solutions that rely on a database of historical attack signatures. Therefore, the industrial pull for robust IDSs that are capable of flagging zero-day attacks is growing. Current outlier-based zero-day detection research suffers from high false-negative rates, thus limiting their practical use and performance. This paper proposes an autoencoder implementation for detecting zero-day attacks. The aim is to build an IDS model with high recall while keeping the miss rate (false-negatives) to an acceptable minimum. Two well-known IDS datasets are used for evaluation—CICIDS2017 and NSL-KDD. In order to demonstrate the efficacy of our model, we compare its results against a One-Class Support Vector Machine (SVM). The manuscript highlights the performance of a One-Class SVM when zero-day attacks are distinctive from normal behaviour. The proposed model benefits greatly from autoencoders encoding-decoding capabilities. The results show that autoencoders are well-suited at detecting complex zero-day attacks. The results demonstrate a zero-day detection accuracy of 89–99% for the NSL-KDD dataset and 75–98% for the CICIDS2017 dataset. Finally, the paper outlines the observed trade-off between recall and fallout.
APA, Harvard, Vancouver, ISO, and other styles
31

Ibrahim, Naglaa, and Hana Usman. "Analysis of Basic Compounds in a Network Intrusion Detection System using NSL-KDD Data." AL-Rafidain Journal of Computer Sciences and Mathematics 10, no. 1 (March 15, 2013): 251–61. http://dx.doi.org/10.33899/csmj.2013.163456.

Full text
APA, Harvard, Vancouver, ISO, and other styles
32

Seong, Teh Boon, Vasaki Ponnusamy, Noor Zaman Jhanjhi, Robithoh Annur, and M. N. Talib. "A comparative analysis on traditional wired datasets and the need for wireless datasets for IoT wireless intrusion detection." Indonesian Journal of Electrical Engineering and Computer Science 22, no. 2 (May 1, 2021): 1165. http://dx.doi.org/10.11591/ijeecs.v22.i2.pp1165-1176.

Full text
Abstract:
<span>IoT networks mostly rely on wireless mediums for communication, and due to that, they are very susceptible to intrusions. And due to the tiny nature, processing complexity, and limited storage capacities, IoT networks require very reliable intrusion detection systems (IDS). Although there are many IDS types of research available in the literature, most of these systems are suitable for wired network environments, and the benchmark datasets used for these research works are mostly relying on wired datasets such as KDD Cup’99 and NSL-KDD. IoT and wireless networks are distinct in nature as wireless networks give more emphasis on the data link layer and physical layer. These concerns are not given much attention in traditional wired datasets in the body of knowledge. Therefore, in this research, an IDS system is developed using a newly available IoT wireless dataset (NaBIoT) in the literature with the datasets focusing much on the common IoT related attacks, and related layers are taken into consideration. The IDS system developed is evaluated by comparing with various machine learning algorithms in terms of evaluation metrics such as accuracy, F1 score, false positive, and false negative. Moreover, the IoT wireless dataset is compared against the traditional NSL-KDD datasets to evaluate the need for IoT wireless datasets. The NaBIoT datasets show its effectiveness in detecting wireless intrusions. Besides that, the simulation is performed with different combinations of features to conclude that certain features are primary in detecting attacks, and IDS does not require all the features to perform detection. This can reduce the detection time mainly for machine learning and creating the models. This research results have proposed some of the critically important features to be used and eliminating not such important features. </span>
APA, Harvard, Vancouver, ISO, and other styles
33

Ghosh, Partha, Meghna Bardhan, Nilabhra Roy Chowdhury, and Santanu Phadikar. "IDS Using Reinforcement Learning Automata for Preserving Security in Cloud Environment." International Journal of Information System Modeling and Design 8, no. 4 (October 2017): 21–37. http://dx.doi.org/10.4018/ijismd.2017100102.

Full text
Abstract:
Cloud computing relies on sharing computing resources. With high availability and accessibility of resources, cloud computing is under the threat of major cyber-attacks. To detect attacks and preserve security in cloud environment, having an efficient intrusion detection system (IDS) is required. In this article, an effective and efficient IDS is proposed to maintain high level security of data in cloud. The authors have incorporated Reinforcement Learning Automata with their proposed IDS while detecting and classifying attacks. Using learning automata an effective rule set is generated with the proposed algorithm from vast training set to improve the learning process at reduced computation cost and time. After which, the proposed reinforcement learning algorithm helps in classification of attacks accurately using the reinforcement signal. This proposed model was experimented with NSL-KDD as well as KDD 10% dataset and have proved its robustness by detecting attacks more accurately being an IDS.
APA, Harvard, Vancouver, ISO, and other styles
34

Kejia, Shen, Hamid Parvin, Sultan Noman Qasem, Bui Anh Tuan, and Kim-Hung Pho. "A classification model based on svm and fuzzy rough set for network intrusion detection." Journal of Intelligent & Fuzzy Systems 39, no. 5 (November 19, 2020): 6801–17. http://dx.doi.org/10.3233/jifs-191621.

Full text
Abstract:
Intrusion Detection Systems (IDS) are designed to provide security into computer networks. Different classification models such as Support Vector Machine (SVM) has been successfully applied on the network data. Meanwhile, the extension or improvement of the current models using prototype selection simultaneous with their training phase is crucial due to the serious inefficacies during training (i.e. learning overhead). This paper introduces an improved model for prototype selection. Applying proposed prototype selection along with SVM classification model increases attack discovery rate. In this article, we use fuzzy rough sets theory (FRST) for prototype selection to enhance SVM in intrusion detection. Testing and evaluation of the proposed IDS have been mainly performed on NSL-KDD dataset as a refined version of KDD-CUP99. Experimentations indicate that the proposed IDS outperforms the basic and simple IDSs and modern IDSs in terms of precision, recall, and accuracy rate.
APA, Harvard, Vancouver, ISO, and other styles
35

Liu, Guojie, and Jianbiao Zhang. "CNID: Research of Network Intrusion Detection Based on Convolutional Neural Network." Discrete Dynamics in Nature and Society 2020 (May 21, 2020): 1–11. http://dx.doi.org/10.1155/2020/4705982.

Full text
Abstract:
Network intrusion detection system can effectively detect network attack behaviour, which is very important to network security. In this paper, a multiclassification network intrusion detection model based on convolutional neural network is proposed, and the algorithm is optimized. First, the data is preprocessed, the original one-dimensional network intrusion data is converted into two-dimensional data, and then the effective features are learned using optimized convolutional neural networks, and, finally, the final test results are produced in conjunction with the Softmax classifier. In this paper, KDD-CUP 99 and NSL-KDD standard network intrusion detection dataset were used to carry out the multiclassification network intrusion detection experiment; the experimental results show that the multiclassification network intrusion detection model proposed in this paper improves the accuracy and check rate, reduces the false positive rate, and also obtains better test results for the detection of unknown attacks.
APA, Harvard, Vancouver, ISO, and other styles
36

Ibrahim, Naglaa, and Hana Usman. "Application of the Genetic Algorithm in the Network Intrusion Detection System Using NSL-KDD Data." AL-Rafidain Journal of Computer Sciences and Mathematics 10, no. 2 (July 1, 2013): 145–58. http://dx.doi.org/10.33899/csmj.2013.163491.

Full text
APA, Harvard, Vancouver, ISO, and other styles
37

Mohammed, Bilal, and Ekhlas K. Gbashi. "Intrusion Detection System for NSL-KDD Dataset Based on Deep Learning and Recursive Feature Elimination." Engineering and Technology Journal 39, no. 7 (July 25, 2021): 1069–79. http://dx.doi.org/10.30684/etj.v39i7.1695.

Full text
Abstract:
Intrusion detection system is responsible for monitoring the systems and detect attacks, whether on (host or on a network) and identifying attacks that could come to the system and cause damage to them, that’s mean an IDS prevents unauthorized access to systems by giving an alert to the administrator before causing any serious harm. As a reasonable supplement of the firewall, intrusion detection technology can assist systems to deal with offensive, the Intrusions Detection Systems (IDSs) suffers from high false positive which leads to highly bad accuracy rate. So this work is suggested to implement (IDS) by using a Recursive Feature Elimination to select features and use Deep Neural Network (DNN) and Recurrent Neural Network (RNN) for classification, the suggested model gives good results with high accuracy rate reaching 94%, DNN was used in the binary classification to classify either attack or Normal, while RNN was used in the classifications for the five classes (Normal, Dos, Probe, R2L, U2R). The system was implemented by using (NSL-KDD) dataset, which was very efficient for offline analyses systems for IDS.
APA, Harvard, Vancouver, ISO, and other styles
38

Olanrewaju, Oyenike Mary, Faith Oluwatosin Echobu, and Abubakar Mogaji. "MODELLING OF AN INTRUSION DETECTION SYSTEM USING C4.5 MACHINE LEARNING ALGORITHM." FUDMA JOURNAL OF SCIENCES 4, no. 4 (June 14, 2021): 454–59. http://dx.doi.org/10.33003/fjs-2020-0404-502.

Full text
Abstract:
The increasing growth of wireless networking and new mobile computing devices has caused boundaries between trusted and malicious users to be blurred. The shift in security priorities from the network perimeter to information protection and user resources security is an open area for research which is concerned with the protection of user information’s confidentiality, integrity and availability. Intrusion detection systems are programs or software applications embedded in sophisticated devices to monitor the activities on networks or systems for security, policy or protocol violation or malicious activities detection. In this work, an intrusion detection model was proposed using C4.5 algorithm which was implemented with WEKA tool and RAPID MINER. The model showed good performance when trained and tested with validation techniques. Implementation of the proposed model was conducted on the Network Security Laboratory Knowledge Discovery in Databases (NSL-KDD) dataset, an improved version of KDD 99 dataset, which showed that the proposed model approach has an average detection rate of 99.62% and reduced false alarm rate of 0.38%.
APA, Harvard, Vancouver, ISO, and other styles
39

Xiao, Yuelei, and Xing Xiao. "An Intrusion Detection System Based on a Simplified Residual Network." Information 10, no. 11 (November 18, 2019): 356. http://dx.doi.org/10.3390/info10110356.

Full text
Abstract:
Residual networks (ResNets) are prone to over-fitting for low-dimensional and small-scale datasets. And the existing intrusion detection systems (IDSs) fail to provide better performance, especially for remote-to-local (R2L) and user-to-root (U2R) attacks. To overcome these problems, a simplified residual network (S-ResNet) is proposed in this paper, which consists of several cascaded, simplified residual blocks. Compared with the original residual block, the simplified residual block deletes a weight layer and two batch normalization (BN) layers, adds a pooling layer, and replaces the rectified linear unit (ReLU) function with the parametric rectified linear unit (PReLU) function. Based on the S-ResNet, a novel IDS was proposed in this paper, which includes a data preprocessing module, a random oversampling module, a S-Resnet layer, a full connection layer and a Softmax layer. The experimental results on the NSL-KDD dataset show that the IDS based on the S-ResNet has a higher accuracy, recall and F1-score than the equal scale ResNet-based IDS, especially for R2L and U2R attacks. And the former has faster convergence velocity than the latter. It proves that the S-ResNet reduces the complexity of the network and effectively prevents over-fitting; thus, it is more suitable for low-dimensional and small-scale datasets than ResNet. Furthermore, the experimental results on the NSL-KDD datasets also show that the IDS based on the S-ResNet achieves better performance in terms of accuracy and recall compared to the existing IDSs, especially for R2L and U2R attacks.
APA, Harvard, Vancouver, ISO, and other styles
40

Li, Xin, Peng Yi, Wei Wei, Yiming Jiang, and Le Tian. "LNNLS-KH: A Feature Selection Method for Network Intrusion Detection." Security and Communication Networks 2021 (January 6, 2021): 1–22. http://dx.doi.org/10.1155/2021/8830431.

Full text
Abstract:
As an important part of intrusion detection, feature selection plays a significant role in improving the performance of intrusion detection. Krill herd (KH) algorithm is an efficient swarm intelligence algorithm with excellent performance in data mining. To solve the problem of low efficiency and high false positive rate in intrusion detection caused by increasing high-dimensional data, an improved krill swarm algorithm based on linear nearest neighbor lasso step (LNNLS-KH) is proposed for feature selection of network intrusion detection. The number of selected features and classification accuracy are introduced into fitness evaluation function of LNNLS-KH algorithm, and the physical diffusion motion of the krill individuals is transformed by a nonlinear method. Meanwhile, the linear nearest neighbor lasso step optimization is performed on the updated krill herd position in order to derive the global optimal solution. Experiments show that the LNNLS-KH algorithm retains 7 features in NSL-KDD dataset and 10.2 features in CICIDS2017 dataset on average, which effectively eliminates redundant features while ensuring high detection accuracy. Compared with the CMPSO, ACO, KH, and IKH algorithms, it reduces features by 44%, 42.86%, 34.88%, and 24.32% in NSL-KDD dataset, and 57.85%, 52.34%, 27.14%, and 25% in CICIDS2017 dataset, respectively. The classification accuracy increased by 10.03% and 5.39%, and the detection rate increased by 8.63% and 5.45%. Time of intrusion detection decreased by 12.41% and 4.03% on average. Furthermore, LNNLS-KH algorithm quickly jumps out of the local optimal solution and shows good performance in the optimal fitness iteration curve, convergence speed, and false positive rate of detection.
APA, Harvard, Vancouver, ISO, and other styles
41

Awotunde, Joseph Bamidele, Chinmay Chakraborty, and Abidemi Emmanuel Adeniyi. "Intrusion Detection in Industrial Internet of Things Network-Based on Deep Learning Model with Rule-Based Feature Selection." Wireless Communications and Mobile Computing 2021 (September 2, 2021): 1–17. http://dx.doi.org/10.1155/2021/7154587.

Full text
Abstract:
The Industrial Internet of Things (IIoT) is a recent research area that links digital equipment and services to physical systems. The IIoT has been used to generate large quantities of data from multiple sensors, and the device has encountered several issues. The IIoT has faced various forms of cyberattacks that jeopardize its capacity to supply organizations with seamless operations. Such risks result in financial and reputational damages for businesses, as well as the theft of sensitive information. Hence, several Network Intrusion Detection Systems (NIDSs) have been developed to fight and protect IIoT systems, but the collections of information that can be used in the development of an intelligent NIDS are a difficult task; thus, there are serious challenges in detecting existing and new attacks. Therefore, the study provides a deep learning-based intrusion detection paradigm for IIoT with hybrid rule-based feature selection to train and verify information captured from TCP/IP packets. The training process was implemented using a hybrid rule-based feature selection and deep feedforward neural network model. The proposed scheme was tested utilizing two well-known network datasets, NSL-KDD and UNSW-NB15. The suggested method beats other relevant methods in terms of accuracy, detection rate, and FPR by 99.0%, 99.0%, and 1.0%, respectively, for the NSL-KDD dataset, and 98.9%, 99.9%, and 1.1%, respectively, for the UNSW-NB15 dataset, according to the results of the performance comparison. Finally, simulation experiments using various evaluation metrics revealed that the suggested method is appropriate for IIOT intrusion network attack classification.
APA, Harvard, Vancouver, ISO, and other styles
42

Ahmim, Ahmed, and Nacira Ghoualmi Zine. "A new hierarchical intrusion detection system based on a binary tree of classifiers." Information & Computer Security 23, no. 1 (March 9, 2015): 31–57. http://dx.doi.org/10.1108/ics-04-2013-0031.

Full text
Abstract:
Purpose – The purpose of this paper is to build a new hierarchical intrusion detection system (IDS) based on a binary tree of different types of classifiers. The proposed IDS model must possess the following characteristics: combine a high detection rate and a low false alarm rate, and classify any connection in a specific category of network connection. Design/methodology/approach – To build the binary tree, the authors cluster the different categories of network connections hierarchically based on the proportion of false-positives and false-negatives generated between each of the two categories. The built model is a binary tree with multi-levels. At first, the authors use the best classifier in the classification of the network connections in category A and category G2 that clusters the rest of the categories. Then, in the second level, they use the best classifier in the classification of G2 network connections in category B and category G3 that represents the different categories clustered in G2 without category B. This process is repeated until the last two categories of network connections. Note that one of these categories represents the normal connection, and the rest represent the different types of abnormal connections. Findings – The experimentation on the labeled data set for flow-based intrusion detection, NSL-KDD and KDD’99 shows the high performance of the authors' model compared to the results obtained by some well-known classifiers and recent IDS models. The experiments’ results show that the authors' model gives a low false alarm rate and the highest detection rate. Moreover, the model is more accurate than some well-known classifiers like SVM, C4.5 decision tree, MLP neural network and naïve Bayes with accuracy equal to 83.26 per cent on NSL-KDD and equal to 99.92 per cent on the labeled data set for flow-based intrusion detection. As well, it is more accurate than the best of related works and recent IDS models with accuracy equal to 95.72 per cent on KDD’99. Originality/value – This paper proposes a novel hierarchical IDS based on a binary tree of classifiers, where different types of classifiers are used to create a high-performance model. Therefore, it confirms the capacity of the hierarchical model to combine a high detection rate and a low false alarm rate.
APA, Harvard, Vancouver, ISO, and other styles
43

Putra, Dharma, and I. Gusti Agung Gede Arya Kadnyanana. "Implementation of Feature Selection using Information Gain Algorithm and Discretization with NSL-KDD Intrusion Detection System." JELIKU (Jurnal Elektronik Ilmu Komputer Udayana) 9, no. 3 (February 18, 2021): 359. http://dx.doi.org/10.24843/jlk.2021.v09.i03.p06.

Full text
Abstract:
Feature selection is one of the research on data mining for datasets that have relatively many attributes. Eliminating some attributes that are irrelevant to the label class will be able to improve the performance of the classification algorithm. The Information Gain algorithm is one of the algorithms for searching for features that are irrelevant to the label class. This algorithm uses wrapper techniques to eliminate irrelevant attributes. This research aims to implement feature selection using the Information Gain algorithm against the NSL KDD intrusion detection dataset which has a large number of relative attributes. The dataset of the selected attribute will be performed by a classification algorithm so that an attribute reduction can improve the compute process and improve the accuracy of the algorithm model used.
APA, Harvard, Vancouver, ISO, and other styles
44

Ahsan, Mostofa, Rahul Gomes, Md Minhaz Chowdhury, and Kendall E. Nygard. "Enhancing Machine Learning Prediction in Cybersecurity Using Dynamic Feature Selector." Journal of Cybersecurity and Privacy 1, no. 1 (March 21, 2021): 199–218. http://dx.doi.org/10.3390/jcp1010011.

Full text
Abstract:
Machine learning algorithms are becoming very efficient in intrusion detection systems with their real time response and adaptive learning process. A robust machine learning model can be deployed for anomaly detection by using a comprehensive dataset with multiple attack types. Nowadays datasets contain many attributes. Such high dimensionality of datasets poses a significant challenge to information extraction in terms of time and space complexity. Moreover, having so many attributes may be a hindrance towards creation of a decision boundary due to noise in the dataset. Large scale data with redundant or insignificant features increases the computational time and often decreases goodness of fit which is a critical issue in cybersecurity. In this research, we have proposed and implemented an efficient feature selection algorithm to filter insignificant variables. Our proposed Dynamic Feature Selector (DFS) uses statistical analysis and feature importance tests to reduce model complexity and improve prediction accuracy. To evaluate DFS, we conducted experiments on two datasets used for cybersecurity research namely Network Security Laboratory (NSL-KDD) and University of New South Wales (UNSW-NB15). In the meta-learning stage, four algorithms were compared namely Bidirectional Long Short-Term Memory (Bi-LSTM), Gated Recurrent Units, Random Forest and a proposed Convolutional Neural Network and Long Short-Term Memory (CNN-LSTM) for accuracy estimation. For NSL-KDD, experiments revealed an increment in accuracy from 99.54% to 99.64% while reducing feature size of one-hot encoded features from 123 to 50. In UNSW-NB15 we observed an increase in accuracy from 90.98% to 92.46% while reducing feature size from 196 to 47. The proposed approach is thus able to achieve higher accuracy while significantly lowering number of features required for processing.
APA, Harvard, Vancouver, ISO, and other styles
45

Farahani, Gholamreza. "Feature Selection Based on Cross-Correlation for the Intrusion Detection System." Security and Communication Networks 2020 (September 22, 2020): 1–17. http://dx.doi.org/10.1155/2020/8875404.

Full text
Abstract:
One of the important issues in the computer networks is security. Therefore, trusted communication of information in computer networks is a critical point. To have a safe communication, it is necessary that, in addition to the prevention mechanisms, intrusion detection systems (IDSs) are used. There are various approaches to utilize intrusion detection, but any of these systems is not complete. In this paper, a new cross-correlation-based feature selection (CCFS) method is proposed and compared with the cuttlefish algorithm (CFA) and mutual information-based feature selection (MIFS) features with use of four different classifiers: support vector machine (SVM), naive Bayes (NB), decision tree (DT), and K-nearest neighbor (KNN). The experimental results on the KDD Cup 99, NSL-KDD, AWID, and CIC-IDS2017 datasets show that the proposed method has a better performance in accuracy, precision, recall, and F1-score criteria in comparison with the other two methods in different classifiers. Also, the results on different classifiers show that the usage of the DT classifier for the proposed method is the best.
APA, Harvard, Vancouver, ISO, and other styles
46

Alzahrani, Abdulsalam O., and Mohammed J. F. Alenazi. "Designing a Network Intrusion Detection System Based on Machine Learning for Software Defined Networks." Future Internet 13, no. 5 (April 28, 2021): 111. http://dx.doi.org/10.3390/fi13050111.

Full text
Abstract:
Software-defined Networking (SDN) has recently developed and been put forward as a promising and encouraging solution for future internet architecture. Managed, the centralized and controlled network has become more flexible and visible using SDN. On the other hand, these advantages bring us a more vulnerable environment and dangerous threats, causing network breakdowns, systems paralysis, online banking frauds and robberies. These issues have a significantly destructive impact on organizations, companies or even economies. Accuracy, high performance and real-time systems are essential to achieve this goal successfully. Extending intelligent machine learning algorithms in a network intrusion detection system (NIDS) through a software-defined network (SDN) has attracted considerable attention in the last decade. Big data availability, the diversity of data analysis techniques, and the massive improvement in the machine learning algorithms enable the building of an effective, reliable and dependable system for detecting different types of attacks that frequently target networks. This study demonstrates the use of machine learning algorithms for traffic monitoring to detect malicious behavior in the network as part of NIDS in the SDN controller. Different classical and advanced tree-based machine learning techniques, Decision Tree, Random Forest and XGBoost are chosen to demonstrate attack detection. The NSL-KDD dataset is used for training and testing the proposed methods; it is considered a benchmarking dataset for several state-of-the-art approaches in NIDS. Several advanced preprocessing techniques are performed on the dataset in order to extract the best form of the data, which produces outstanding results compared to other systems. Using just five out of 41 features of NSL-KDD, a multi-class classification task is conducted by detecting whether there is an attack and classifying the type of attack (DDoS, PROBE, R2L, and U2R), accomplishing an accuracy of 95.95%.
APA, Harvard, Vancouver, ISO, and other styles
47

Meira, Jorge. "Comparative Results with Unsupervised Techniques in Cyber Attack Novelty Detection." Proceedings 2, no. 18 (September 17, 2018): 1191. http://dx.doi.org/10.3390/proceedings2181191.

Full text
Abstract:
Intrusion detection is a major necessity in current times. Computer systems are constantly being victims of malicious attacks. These attacks keep on exploring new technics that are undetected by current Intrusion Detection Systems (IDS), because most IDS focus on detecting signatures of previously known attacks. This work explores some unsupervised learning algorithms that have the potential of identifying previously unknown attacks, by performing outlier detection. The algorithms explored are one class based: the Autoencoder Neural Network, K-Means, Nearest Neighbor and Isolation Forest. There algorithms were used to analyze two publicly available datasets, the NSL-KDD and ISCX, and compare the results obtained from each algorithm to perceive their performance in novelty detection.
APA, Harvard, Vancouver, ISO, and other styles
48

Tama, Bayu Adhi, and Kyung-Hyune Rhee. "An Integration of PSO-based Feature Selection and Random Forest for Anomaly Detection in IoT Network." MATEC Web of Conferences 159 (2018): 01053. http://dx.doi.org/10.1051/matecconf/201815901053.

Full text
Abstract:
The most challenging research topic in the field of intrusion detection system (IDS) is anomaly detection. It is able to repeal any peculiar activities in the network by contrasting them with normal patterns. This paper proposes an efficient random forest (RF) model with particle swarm optimization (PSO)-based feature selection for IDS. The performance model is evaluated on a well-known benchmarking dataset, i.e. NSL-KDD in terms of accuracy, precision, recall, and false alarm rate(FAR) metrics. Furthermore, we evaluate the significance differencesbetween the proposed model and other classifiers, i.e. rotation forest (RoF)and deep neural network (DNN) using statistical significance test. Basedon the statistical tests, the proposed model significantly outperforms otherclassifiers involved in the experiment.
APA, Harvard, Vancouver, ISO, and other styles
49

Saraeian, Shideh, and Mahya Mohammadi Golchi. "Application of Deep Learning Technique in an Intrusion Detection System." International Journal of Computational Intelligence and Applications 19, no. 02 (June 2020): 2050016. http://dx.doi.org/10.1142/s1469026820500169.

Full text
Abstract:
Comprehensive development of computer networks causes the increment of Distributed Denial of Service (DDoS) attacks. These types of attacks can easily restrict communication and computing. Among all the previous researches, the accuracy of the attack detection has not been properly addressed. In this study, deep learning technique is used in a hybrid network-based Intrusion Detection System (IDS) to detect intrusion on network. The performance of the proposed technique is evaluated on the NSL-KDD and ISCXIDS 2012 datasets. We performed traffic visual analysis using Wireshark tool and did some experimentations to prove the superiority of the proposed method. The results have shown that our proposed method achieved higher accuracy in comparison with other useful machine learning techniques.
APA, Harvard, Vancouver, ISO, and other styles
50

Shen, Limin, Zhongkui Sun, Lei Chen, and Jiayin Feng. "Application of High-Dimensional Outlier Mining Based on the Maximum Frequent Pattern Factor in Intrusion Detection." Mathematical Problems in Engineering 2021 (June 21, 2021): 1–10. http://dx.doi.org/10.1155/2021/9234084.

Full text
Abstract:
As the Internet applications are growing rapidly, the intrusion detection system is widely used to detect network intrusion effectively. Aiming at the high-dimensional characteristics of data in the intrusion detection system, but the traditional frequent-pattern-based outlier mining algorithm has the problems of difficulty in obtaining complete frequent patterns and high time complexity, the outlier set is further analysed to get the attack pattern of intrusion detection. The NSL-KDD dataset and UNSW-NB15 dataset are used for evaluating the proposed approach by conducting some experiments. The experiment results show that the method has good performance in detection rate, false alarm rate, and recall rate and effectively reduces the time complexity.
APA, Harvard, Vancouver, ISO, and other styles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography