Quantifying the Attack Detection Accuracy of Intrusion Detection Systems in Virtualized Environments

2016 ◽  
Author(s):  
Aleksandar Milenkoski ◽  
K. R. Jayaram ◽  
Nuno Antunes ◽  
Marco Vieira ◽  
Samuel Kounev
Keyword(s):  
Intrusion Detection ◽  
Attack Detection ◽  
Intrusion Detection Systems ◽  
Detection Accuracy ◽  
Detection Systems

scholarly journals A Review of Performance, Energy and Privacy of Intrusion Detection Systems for IoT

Electronics ◽  
2020 ◽  
Vol 9 (4) ◽  
pp. 629 ◽  
Author(s):  
Junaid Arshad ◽  
Muhammad Ajmal Azad ◽  
Roohi Amad ◽  
Khaled Salah ◽  
Mamoun Alazab ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Resource Constraints ◽  
Extensive Study ◽  
Intrusion Detection Systems ◽  
Detection Accuracy ◽  
Trade Off ◽  
Detection Systems ◽  
Computational Overhead ◽  
Significant Research ◽  
And Performance

Internet of Things (IoT) forms the foundation of next generation infrastructures, enabling development of future cities that are inherently sustainable. Intrusion detection for such paradigms is a non-trivial challenge which has attracted further significance due to extraordinary growth in the volume and variety of security threats for such systems. However, due to unique characteristics of such systems i.e., battery power, bandwidth and processor overheads and network dynamics, intrusion detection for IoT is a challenge, which requires taking into account the trade-off between detection accuracy and performance overheads. In this context, we are focused at highlighting this trade-off and its significance to achieve effective intrusion detection for IoT. Specifically, this paper presents a comprehensive study of existing intrusion detection systems for IoT systems in three aspects: computational overhead, energy consumption and privacy implications. Through extensive study of existing intrusion detection approaches, we have identified open challenges to achieve effective intrusion detection for IoT infrastructures. These include resource constraints, attack complexity, experimentation rigor and unavailability of relevant security data. Further, this paper is envisaged to highlight contributions and limitations of the state-of-the-art within intrusion detection for IoT, and aid the research community to advance it by identifying significant research directions.

scholarly journals Network Attacks Detection by Hierarchical Neural Network

2015 ◽  
Vol 4 (2) ◽  
pp. 119-132
Author(s):  
Mohammad Masoud Javidi
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Single Agent ◽  
Attack Detection ◽  
Intrusion Detection Systems ◽  
Training Dataset ◽  
Detection Systems ◽  
Combination Of Classifiers

Intrusion detection is an emerging area of research in the computer security and net-works with the growing usage of internet in everyday life. Most intrusion detection systems (IDSs) mostly use a single classifier algorithm to classify the network traffic data as normal behavior or anomalous. However, these single classifier systems fail to provide the best possible attack detection rate with low false alarm rate. In this paper,we propose to use a hybrid intelligent approach using a combination of classifiers in order to make the decision intelligently, so that the overall performance of the resul-tant model is enhanced. The general procedure in this is to follow the supervised or un-supervised data filtering with classifier or cluster first on the whole training dataset and then the output are applied to another classifier to classify the data. In this re- search, we applied Neural Network with Supervised and Unsupervised Learning in order to implement the intrusion detection system. Moreover, in this project, we used the method of Parallelization with real time application of the system processors to detect the systems intrusions.Using this method enhanced the speed of the intrusion detection. In order to train and test the neural network, NSLKDD database was used. Creating some different intrusion detection systems, each of which considered as a single agent, we precisely proceeded with the signature-based intrusion detection of the network.In the proposed design, the attacks have been classified into 4 groups and each group is detected by an Agent equipped with intrusion detection system (IDS).These agents act independently and report the intrusion or non-intrusion in the system; the results achieved by the agents will be studied in the Final Analyst and at last the analyst reports that whether there has been an intrusion in the system or not.Keywords: Intrusion Detection, Multi-layer Perceptron, False Positives, Signature- based intrusion detection, Decision tree, Nave Bayes Classifier

scholarly journals Black Hole attack Detection using Fuzzy based Intrusion Detection Systems in MANET

2019 ◽  
Vol 151 ◽  
pp. 1176-1181 ◽  
Author(s):  
Houda Moudni ◽  
Mohamed Er-rouidi ◽  
Hicham Mouncif ◽  
Benachir El Hadadi
Keyword(s):  
Black Hole ◽  
Intrusion Detection ◽  
Attack Detection ◽  
Intrusion Detection Systems ◽  
Black Hole Attack ◽  
Detection Systems

Intrusion Detection Systems Alerts Reduction

2018 ◽  
pp. 255-275 ◽  
Author(s):  
Aymen Akremi ◽  
Hassen Sallay ◽  
Mohsen Rouached
Keyword(s):  
Intrusion Detection ◽  
High Speed ◽  
Detection System ◽  
Search Space ◽  
Relevant Information ◽  
Intrusion Detection Systems ◽  
Detection Accuracy ◽  
Detection Systems ◽  
Rules Set ◽  
Intrusion Alerts

Investigators search usually for any kind of events related directly to an investigation case to both limit the search space and propose new hypotheses about the suspect. Intrusion detection system (IDS) provide relevant information to the forensics experts since it detects the attacks and gathers automatically several pertinent features of the network in the attack moment. Thus, IDS should be very effective in term of detection accuracy of new unknown attacks signatures, and without generating huge number of false alerts in high speed networks. This tradeoff between keeping high detection accuracy without generating false alerts is today a big challenge. As an effort to deal with false alerts generation, the authors propose new intrusion alert classifier, named Alert Miner (AM), to classify efficiently in near real-time the intrusion alerts in HSN. AM uses an outlier detection technique based on an adaptive deduced association rules set to classify the alerts automatically and without human assistance.

scholarly journals Intelligent Cyber Attack Detection and Classification for Network-Based Intrusion Detection Systems

2021 ◽  
Vol 11 (4) ◽  
pp. 1674
Author(s):  
Nuno Oliveira ◽  
Isabel Praça ◽  
Eva Maia ◽  
Orlando Sousa
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Information And Communication Technologies ◽  
Network Traffic ◽  
Short Term Memory ◽  
Attack Detection ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
Cyber Attack ◽  
Detection Systems

With the latest advances in information and communication technologies, greater amounts of sensitive user and corporate information are shared continuously across the network, making it susceptible to an attack that can compromise data confidentiality, integrity, and availability. Intrusion Detection Systems (IDS) are important security mechanisms that can perform the timely detection of malicious events through the inspection of network traffic or host-based logs. Many machine learning techniques have proven to be successful at conducting anomaly detection throughout the years, but only a few considered the sequential nature of data. This work proposes a sequential approach and evaluates the performance of a Random Forest (RF), a Multi-Layer Perceptron (MLP), and a Long-Short Term Memory (LSTM) on the CIDDS-001 dataset. The resulting performance measures of this particular approach are compared with the ones obtained from a more traditional one, which only considers individual flow information, in order to determine which methodology best suits the concerned scenario. The experimental outcomes suggest that anomaly detection can be better addressed from a sequential perspective. The LSTM is a highly reliable model for acquiring sequential patterns in network traffic data, achieving an accuracy of 99.94% and an f1-score of 91.66%.

scholarly journals An Ensemble of a Prediction and Learning Mechanism for Improving Accuracy of Anomaly Detection in Network Intrusion Environments

2021 ◽  
Vol 13 (18) ◽  
pp. 10057
Author(s):  
Imran ◽  
Faisal Jamil ◽  
Dohyeun Kim
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
The Internet ◽  
Detection Accuracy ◽  
Learning Mechanism ◽  
Detection Systems ◽  
Network Applications ◽  
Network Intrusion

The connectivity of our surrounding objects to the internet plays a tremendous role in our daily lives. Many network applications have been developed in every domain of life, including business, healthcare, smart homes, and smart cities, to name a few. As these network applications provide a wide range of services for large user groups, the network intruders are prone to developing intrusion skills for attack and malicious compliance. Therefore, safeguarding network applications and things connected to the internet has always been a point of interest for researchers. Many studies propose solutions for intrusion detection systems and intrusion prevention systems. Network communities have produced benchmark datasets available for researchers to improve the accuracy of intrusion detection systems. The scientific community has presented data mining and machine learning-based mechanisms to detect intrusion with high classification accuracy. This paper presents an intrusion detection system based on the ensemble of prediction and learning mechanisms to improve anomaly detection accuracy in a network intrusion environment. The learning mechanism is based on automated machine learning, and the prediction model is based on the Kalman filter. Performance analysis of the proposed intrusion detection system is evaluated using publicly available intrusion datasets UNSW-NB15 and CICIDS2017. The proposed model-based intrusion detection accuracy for the UNSW-NB15 dataset is 98.801 percent, and the CICIDS2017 dataset is 97.02 percent. The performance comparison results show that the proposed ensemble model-based intrusion detection significantly improves the intrusion detection accuracy.

scholarly journals Data Mining Techniques for Providing Network Security through Intrusion Detection Systems: a Survey

2018 ◽  
Vol 7 (1) ◽  
pp. 7
Author(s):  
Prabhu Kavin B ◽  
Ganapathy S
Keyword(s):  
Data Mining ◽  
Network Security ◽  
Intrusion Detection ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Detection Accuracy ◽  
Data Mining Techniques ◽  
Detection Systems ◽  
Data Mining Algorithms ◽  
Soft Computing Techniques

Intrusion Detection Systems are playing major role in network security in this internet world. Many researchers have been introduced number of intrusion detection systems in the past. Even though, no system was detected all kind of attacks and achieved better detection accuracy. Most of the intrusion detection systems are used data mining techniques such as clustering, outlier detection, classification, classification through learning techniques. Most of the researchers have been applied soft computing techniques for making effective decision over the network dataset for enhancing the detection accuracy in Intrusion Detection System. Few researchers also applied artificial intelligence techniques along with data mining algorithms for making dynamic decision. This paper discusses about the number of intrusion detection systems that are proposed for providing network security. Finally, comparative analysis made between the existing systems and suggested some new ideas for enhancing the performance of the existing systems.

Sign in / Sign up

Export Citation Format

Share Document