scholarly journals Performance Assessment of Supervised Classifiers for Designing Intrusion Detection Systems: A Comprehensive Review and Recommendations for Future Research

Mathematics ◽  
2021 ◽  
Vol 9 (6) ◽  
pp. 690
Author(s):  
Ranjit Panigrahi ◽  
Samarjeet Borah ◽  
Akash Kumar Bhoi ◽  
Muhammad Fazal Ijaz ◽  
Moumita Pramanik ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Performance Measures ◽  
Research Work ◽  
Intrusion Detection Systems ◽  
Misclassification Rate ◽  
Future Research ◽  
Detection Systems ◽  
Network Intrusion ◽  
Supervised Classifiers ◽  
The Ideal

Supervised learning and pattern recognition is a crucial area of research in information retrieval, knowledge engineering, image processing, medical imaging, and intrusion detection. Numerous algorithms have been designed to address such complex application domains. Despite an enormous array of supervised classifiers, researchers are yet to recognize a robust classification mechanism that accurately and quickly classifies the target dataset, especially in the field of intrusion detection systems (IDSs). Most of the existing literature considers the accuracy and false-positive rate for assessing the performance of classification algorithms. The absence of other performance measures, such as model build time, misclassification rate, and precision, should be considered the main limitation for classifier performance evaluation. This paper’s main contribution is to analyze the current literature status in the field of network intrusion detection, highlighting the number of classifiers used, dataset size, performance outputs, inferences, and research gaps. Therefore, fifty-four state-of-the-art classifiers of various different groups, i.e., Bayes, functions, lazy, rule-based, and decision tree, have been analyzed and explored in detail, considering the sixteen most popular performance measures. This research work aims to recognize a robust classifier, which is suitable for consideration as the base learner, while designing a host-based or network-based intrusion detection system. The NSLKDD, ISCXIDS2012, and CICIDS2017 datasets have been used for training and testing purposes. Furthermore, a widespread decision-making algorithm, referred to as Techniques for Order Preference by Similarity to the Ideal Solution (TOPSIS), allocated ranks to the classifiers based on observed performance reading on the concern datasets. The J48Consolidated provided the highest accuracy of 99.868%, a misclassification rate of 0.1319%, and a Kappa value of 0.998. Therefore, this classifier has been proposed as the ideal classifier for designing IDSs.

scholarly journals Recent Advancements in Intrusion Detection Systems for the Internet of Things

2019 ◽  
Vol 2019 ◽  
pp. 1-19 ◽  
Author(s):  
Zeeshan Ali Khan ◽  
Peter Herrmann
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Ad Hoc ◽  
Denial Of Service ◽  
Research Work ◽  
Intrusion Detection Systems ◽  
Future Research ◽  
Detection Systems ◽  
Iot Applications ◽  
Iot Devices

Many Internet of Things (IoT) systems run on tiny connected devices that have to deal with severe processor and energy restrictions. Often, the limited processing resources do not allow the use of standard security mechanisms on the nodes, making IoT applications quite vulnerable to different types of attacks. This holds particularly for intrusion detection systems (IDS) that are usually too resource-heavy to be handled by small IoT devices. Thus, many IoT systems are not sufficiently protected against typical network attacks like Denial-of-Service (DoS) and routing attacks. On the other side, IDSs have already been successfully used in adjacent network types like Mobile Ad hoc Networks (MANET), Wireless Sensor Networks (WSN), and Cyber-Physical Systems (CPS) which, in part, face limitations similar to those of IoT applications. Moreover, there is research work ongoing that promises IDSs that may better fit to the limitations of IoT devices. In this article, we will give an overview about IDSs suited for IoT networks. Besides looking on approaches developed particularly for IoT, we introduce also work for the three similar network types mentioned above and discuss if they are also suitable for IoT systems. In addition, we present some suggestions for future research work that could be useful to make IoT networks more secure.

A Compressive Compilation of Cyber Security for Internet of Energy (IoE)

2022 ◽  
pp. 883-910
Author(s):  
Gustavo Arroyo-Figueroa ◽  
Isai Rojas-Gonzalez ◽  
José Alberto Hernández-Aguilar
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Research Work ◽  
Intrusion Detection Systems ◽  
Electrical Network ◽  
Future Research ◽  
Electrical Grid ◽  
Detection Systems ◽  
Security Challenges

Internet of energy (IoE) is the natural evolution of Smart Grid incorporating the paradigm of internet of things (IoT). This complicated environment has a lot of threats and vulnerabilities, so the security challenges are very complex and specialized. This chapter contains a compilation of the main threats, vulnerabilities, and attacks that can occur in the IoE environment and the critical structure of the electrical grid. The objective is to show the best cybersecurity practices that can support maintaining a safe, reliable, and available electrical network complying with the requirements of availability, integrity, and confidentially of the information. The study includes review of countermeasures, standards, and specialized intrusion detection systems, as mechanisms to solve security problems in IoE. Better understanding of security challenges and solutions in the IoE can be the light on future research work for IoE security.

A Compressive Compilation of Cyber Security for Internet of Energy (IoE)

2020 ◽  
pp. 267-294
Author(s):  
Gustavo Arroyo-Figueroa ◽  
Isai Rojas-Gonzalez ◽  
José Alberto Hernández-Aguilar
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Research Work ◽  
Intrusion Detection Systems ◽  
Electrical Network ◽  
Future Research ◽  
Electrical Grid ◽  
Detection Systems ◽  
Security Challenges

Internet of energy (IoE) is the natural evolution of Smart Grid incorporating the paradigm of internet of things (IoT). This complicated environment has a lot of threats and vulnerabilities, so the security challenges are very complex and specialized. This chapter contains a compilation of the main threats, vulnerabilities, and attacks that can occur in the IoE environment and the critical structure of the electrical grid. The objective is to show the best cybersecurity practices that can support maintaining a safe, reliable, and available electrical network complying with the requirements of availability, integrity, and confidentially of the information. The study includes review of countermeasures, standards, and specialized intrusion detection systems, as mechanisms to solve security problems in IoE. Better understanding of security challenges and solutions in the IoE can be the light on future research work for IoE security.

scholarly journals An Approach for the Application of a Dynamic Multi-Class Classifier for Network Intrusion Detection Systems

Electronics ◽  
2020 ◽  
Vol 9 (11) ◽  
pp. 1759
Author(s):  
Xavier Larriva-Novo ◽  
Carmen Sánchez-Zas ◽  
Víctor A. Villagrá ◽  
Mario Vega-Barbas ◽  
Diego Rivera
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intelligent Systems ◽  
Research Work ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Detection Range ◽  
Detection Systems ◽  
Network Intrusion ◽  
Normal Behavior

Currently, the use of machine learning models for developing intrusion detection systems is a technology trend which improvement has been proven. These intelligent systems are trained with labeled datasets, including different types of attacks and the normal behavior of the network. Most of the studies use a unique machine learning model, identifying anomalies related to possible attacks. In other cases, machine learning algorithms are used to identify certain type of attacks. However, recent studies show that certain models are more accurate identifying certain classes of attacks than others. Thus, this study tries to identify which model fits better with each kind of attack in order to define a set of reasoner modules. In addition, this research work proposes to organize these modules to feed a selection system, that is, a dynamic classifier. Finally, the study shows that when using the proposed dynamic classifier model, the detection range increases, improving the detection by each individual model in terms of accuracy.

Distributed Intrusion Detection Systems

2007 ◽  
pp. 231-238
Author(s):  
Rosalind Deena Kumari ◽  
G. Radhamani
Keyword(s):  
Intrusion Detection ◽  
System Architecture ◽  
Intrusion Detection System ◽  
Detection System ◽  
Research Work ◽  
Intrusion Detection Systems ◽  
Future Research ◽  
Detection Systems ◽  
Distributed Intrusion Detection ◽  
Entire Network

The recent tremendous increase in the malicious usage of the network has made it necessary that an IDS should encapsulate the entire network rather than at a system. This was the inspiration for the birth of a distributed intrusion detection system (DIDS). Different configurations of DIDSs have been actively used and are also rapidly evolving due to the changes in the types of threats. This chapter will give the readers an overview of DIDS and the system architecture. It also highlights on the various agents that are involved in DIDS and the benefits of the system. Finally, directions for future research work are discussed.

scholarly journals Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT

2021 ◽  
Vol 1 (2) ◽  
pp. 252-273
Author(s):  
Pavlos Papadopoulos ◽  
Oliver Thornewill von Essen ◽  
Nikolaos Pitropakis ◽  
Christos Chrysoulas ◽  
Alexios Mylonas ◽  
...  
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Learning Models ◽  
Detection Systems ◽  
Network Intrusion ◽  
Robust Model ◽  
Significant Probability ◽  
Adversarial Examples ◽  
Attack Surface

As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defending approaches are no longer sufficient to detect both known and unknown attacks to high accuracy. Machine learning intrusion detection systems have proven their success in identifying unknown attacks with high precision. Nevertheless, machine learning models are also vulnerable to attacks. Adversarial examples can be used to evaluate the robustness of a designed model before it is deployed. Further, using adversarial examples is critical to creating a robust model designed for an adversarial environment. Our work evaluates both traditional machine learning and deep learning models’ robustness using the Bot-IoT dataset. Our methodology included two main approaches. First, label poisoning, used to cause incorrect classification by the model. Second, the fast gradient sign method, used to evade detection measures. The experiments demonstrated that an attacker could manipulate or circumvent detection with significant probability.

Sign in / Sign up

Export Citation Format

Share Document