scholarly journals Attack-Aware IoT Network Traffic Routing Leveraging Ensemble Learning

Sensors ◽  
2021 ◽  
Vol 22 (1) ◽  
pp. 241
Author(s):  
Qasem Abu Al-Haija ◽  
Ahmad Al-Badawi
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Network Traffic ◽  
Kernel Methods ◽  
Ensemble Methods ◽  
Error Rates ◽  
Identification Accuracy ◽  
Traffic Routing ◽  
Network Intrusion ◽  
Network Methods

Network Intrusion Detection Systems (NIDSs) are indispensable defensive tools against various cyberattacks. Lightweight, multipurpose, and anomaly-based detection NIDSs employ several methods to build profiles for normal and malicious behaviors. In this paper, we design, implement, and evaluate the performance of machine-learning-based NIDS in IoT networks. Specifically, we study six supervised learning methods that belong to three different classes: (1) ensemble methods, (2) neural network methods, and (3) kernel methods. To evaluate the developed NIDSs, we use the distilled-Kitsune-2018 and NSL-KDD datasets, both consisting of a contemporary real-world IoT network traffic subjected to different network attacks. Standard performance evaluation metrics from the machine-learning literature are used to evaluate the identification accuracy, error rates, and inference speed. Our empirical analysis indicates that ensemble methods provide better accuracy and lower error rates compared with neural network and kernel methods. On the other hand, neural network methods provide the highest inference speed which proves their suitability for high-bandwidth networks. We also provide a comparison with state-of-the-art solutions and show that our best results are better than any prior art by 1~20%.

scholarly journals RICNN: A ResNet&Inception convolutional neural network for intrusion detection of abnormal traffic

2021 ◽  
pp. 55-55
Author(s):  
Benhui Xia ◽  
Dezhi Han ◽  
Ximing Yin ◽  
Gao Na
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Convolutional Neural Network ◽  
Detection Rate ◽  
Recognition Rate ◽  
Identification Accuracy ◽  
Detection Accuracy ◽  
Traffic Classification ◽  
High Detection Rate ◽  
Network Intrusion

To secure cloud computing and outsourced data while meeting the requirements of automation, many intrusion detection schemes based on deep learn ing are proposed. Though the detection rate of many network intrusion detection solutions can be quite high nowadays, their identification accuracy on imbalanced abnormal network traffic still remains low. Therefore, this paper proposes a ResNet &Inception-based convolutional neural network (RICNN) model to abnormal traffic classification. RICNN can learn more traffic features through the Inception unit, and the degradation problem of the network is eliminated through the direct map ping unit of ResNet, thus the improvement of the model?s generalization ability can be achievable. In addition, to simplify the network, an improved version of RICNN, which makes it possible to reduce the number of parameters that need to be learnt without degrading identification accuracy, is also proposed in this paper. The experimental results on the dataset CICIDS2017 show that RICNN not only achieves an overall accuracy of 99.386% but also has a high detection rate across different categories, especially for small samples. The comparison experiments show that the recognition rate of RICNN outperforms a variety of CNN models and RNN models, and the best detection accuracy can be achieved.

scholarly journals Lightweight Convolutional Neural Network Based Intrusion Detection System

2020 ◽  
pp. 808-817
Author(s):  
Vinh Pham ◽  
◽  
Eunil Seo ◽  
Tai-Myoung Chung
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Intrusion Detection ◽  
Convolutional Neural Network ◽  
Network Traffic ◽  
Detection System ◽  
Image Data ◽  
Training Data ◽  
Deep Packet Inspection ◽  
Detection Model

Identifying threats contained within encrypted network traffic poses a great challenge to Intrusion Detection Systems (IDS). Because traditional approaches like deep packet inspection could not operate on encrypted network traffic, machine learning-based IDS is a promising solution. However, machine learning-based IDS requires enormous amounts of statistical data based on network traffic flow as input data and also demands high computing power for processing, but is slow in detecting intrusions. We propose a lightweight IDS that transforms raw network traffic into representation images. We begin by inspecting the characteristics of malicious network traffic of the CSE-CIC-IDS2018 dataset. We then adapt methods for effectively representing those characteristics into image data. A Convolutional Neural Network (CNN) based detection model is used to identify malicious traffic underlying within image data. To demonstrate the feasibility of the proposed lightweight IDS, we conduct three simulations on two datasets that contain encrypted traffic with current network attack scenarios. The experiment results show that our proposed IDS is capable of achieving 95% accuracy with a reasonable detection time while requiring relatively small size training data.

scholarly journals CNN based Image Classification Model

2019 ◽  
Vol 8 (11S) ◽  
pp. 1106-1114
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Image Classification ◽  
Error Rates ◽  
Machine Learning Algorithms ◽  
Classification Model ◽  
The Internet ◽  
Network Algorithms ◽  
Media Companies ◽  
Automatic Tagging

Images are the fastest growing content, they contribute significantly to the amount of data generated on the internet every day. Image classification is a challenging problem that social media companies work on vigorously to enhance the user’s experience with the interface. The recent advances in the field of machine learning and computer vision enables personalized suggestions and automatic tagging of images. Convolutional neural network is a hot research topic these days in the field of machine learning. With the help of immensely dense labelled data available on the internet the networks can be trained to recognize the differentiating features among images under the same label. New neural network algorithms are developed frequently that outperform the state-of-art machine learning algorithms. Recent algorithms have managed to produce error rates as low as 3.1%. In this paper the architecture of important CNN algorithms that have gained attention are discussed, analyzed and compared and the concept of transfer learning is used to classify different breeds of dogs..

scholarly journals A Hybrid Meta-Learner Technique for Credit Scoring of Banks’ Customers

2017 ◽  
Vol 7 (5) ◽  
pp. 2073-2082 ◽  
Author(s):  
A. G. Armaki ◽  
M. F. Fallah ◽  
M. Alborzi ◽  
A. Mohammadzadeh
Keyword(s):  
Machine Learning ◽  
Hybrid Model ◽  
Credit Scoring ◽  
Clustering Algorithms ◽  
Real Life ◽  
Ensemble Methods ◽  
Scoring Systems ◽  
Error Rates ◽  
Machine Learning Algorithms ◽  
Machine Learning Techniques

Financial institutions are exposed to credit risk due to issuance of consumer loans. Thus, developing reliable credit scoring systems is very crucial for them. Since, machine learning techniques have demonstrated their applicability and merit, they have been extensively used in credit scoring literature. Recent studies concentrating on hybrid models through merging various machine learning algorithms have revealed compelling results. There are two types of hybridization methods namely traditional and ensemble methods. This study combines both of them and comes up with a hybrid meta-learner model. The structure of the model is based on the traditional hybrid model of ‘classification + clustering’ in which the stacking ensemble method is employed in the classification part. Moreover, this paper compares several versions of the proposed hybrid model by using various combinations of classification and clustering algorithms. Hence, it helps us to identify which hybrid model can achieve the best performance for credit scoring purposes. Using four real-life credit datasets, the experimental results show that the model of (KNN-NN-SVMPSO)-(DL)-(DBSCAN) delivers the highest prediction accuracy and the lowest error rates.

scholarly journals Analysis of deep learning models for network anomaly detection in Internet of Things

2021 ◽  
pp. 28-37
Author(s):  
Diana Gaifilina ◽  
Igor Kotenko
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Deep Learning ◽  
Internet Of Things ◽  
Anomaly Detection ◽  
Recurrent Neural Network ◽  
Network Traffic ◽  
Learning Models ◽  
Network Anomaly Detection ◽  
Machine Learning Models

Introduction: The article discusses the problem of choosing deep learning models for detecting anomalies in Internet of Things (IoT) network traffic. This problem is associated with the necessity to analyze a large number of security events in order to identify the abnormal behavior of smart devices. A powerful technology for analyzing such data is machine learning and, in particular, deep learning. Purpose: Development of recommendations for the selection of deep learning models for anomaly detection in IoT network traffic. Results: The main results of the research are comparative analysis of deep learning models, and recommendations on the use of deep learning models for anomaly detection in IoT network traffic. Multilayer perceptron, convolutional neural network, recurrent neural network, long short-term memory, gated recurrent units, and combined convolutional-recurrent neural network were considered the basic deep learning models. Additionally, the authors analyzed the following traditional machine learning models: naive Bayesian classifier, support vector machines, logistic regression, k-nearest neighbors, boosting, and random forest. The following metrics were used as indicators of anomaly detection efficiency: accuracy, precision, recall, and F-measure, as well as the time spent on training the model. The constructed models demonstrated a higher accuracy rate for anomaly detection in large heterogeneous traffic typical for IoT, as compared to conventional machine learning methods. The authors found that with an increase in the number of neural network layers, the completeness of detecting anomalous connections rises. This has a positive effect on the recognition of unknown anomalies, but increases the number of false positives. In some cases, preparing traditional machine learning models takes less time. This is due to the fact that the application of deep learning methods requires more resources and computing power. Practical relevance: The results obtained can be used to build systems for network anomaly detection in Internet of Things traffic.

scholarly journals Network intrusion detection using oversampling technique and machine learning algorithms

2022 ◽  
Vol 8 ◽  
pp. e820
Author(s):  
Hafiza Anisa Ahmed ◽  
Anum Hameed ◽  
Narmeen Zakaria Bawany
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Network Security ◽  
Intrusion Detection ◽  
Network Traffic ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Network Intrusion Detection ◽  
Classification Models ◽  
Network Intrusion

The expeditious growth of the World Wide Web and the rampant flow of network traffic have resulted in a continuous increase of network security threats. Cyber attackers seek to exploit vulnerabilities in network architecture to steal valuable information or disrupt computer resources. Network Intrusion Detection System (NIDS) is used to effectively detect various attacks, thus providing timely protection to network resources from these attacks. To implement NIDS, a stream of supervised and unsupervised machine learning approaches is applied to detect irregularities in network traffic and to address network security issues. Such NIDSs are trained using various datasets that include attack traces. However, due to the advancement in modern-day attacks, these systems are unable to detect the emerging threats. Therefore, NIDS needs to be trained and developed with a modern comprehensive dataset which contains contemporary common and attack activities. This paper presents a framework in which different machine learning classification schemes are employed to detect various types of network attack categories. Five machine learning algorithms: Random Forest, Decision Tree, Logistic Regression, K-Nearest Neighbors and Artificial Neural Networks, are used for attack detection. This study uses a dataset published by the University of New South Wales (UNSW-NB15), a relatively new dataset that contains a large amount of network traffic data with nine categories of network attacks. The results show that the classification models achieved the highest accuracy of 89.29% by applying the Random Forest algorithm. Further improvement in the accuracy of classification models is observed when Synthetic Minority Oversampling Technique (SMOTE) is applied to address the class imbalance problem. After applying the SMOTE, the Random Forest classifier showed an accuracy of 95.1% with 24 selected features from the Principal Component Analysis method.

scholarly journals Identification Author of Source Code by Machine Learning Methods

2019 ◽  
Vol 18 (3) ◽  
pp. 742-766 ◽  
Author(s):  
Anna Kurtukova ◽  
Alexander Romanov
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Support Vector Machine ◽  
Source Code ◽  
Educational Process ◽  
Machine Learning Algorithms ◽  
Identification Accuracy ◽  
Support Vector ◽  
Hybrid Neural Network ◽  
Source Codes

The paper is devoted to the analysis of the problem of determining the source code author , which is of interest to researchers in the field of information security, computer forensics, assessment of the quality of the educational process, protection of intellectual property. The paper presents a detailed analysis of modern solutions to the problem. The authors suggest two new identification techniques based on machine learning algorithms: support vector machine, fast correlation filter and informative features; the technique based on hybrid convolutional recurrent neural network. The experimental database includes samples of source codes written in Java, C ++, Python, PHP, JavaScript, C, C # and Ruby. The data was obtained using a web service for hosting IT-projects – Github. The total number of source codes exceeds 150 thousand samples. The average length of each of them is 850 characters. The case size is 542 authors. The experiments were conducted with source codes written in the most popular programming languages. Accuracy of the developed techniques for different numbers of authors was assessed using 10-fold cross-validation. An additional series of experiments was conducted with the number of authors from 2 to 50 for the most popular Java programming language. The graphs of the relationship between identification accuracy and case size are plotted. The analysis of result showed that the method based on hybrid neural network gives 97% accuracy, and it’s at the present time the best-known result. The technique based on the support vector machine made it possible to achieve 96% accuracy. The difference between the results of the hybrid neural network and the support vector machine was approximately 5%.

scholarly journals Signal Modulation Identification Based on Deep Learning in FBMC/OQAM Systems

2021 ◽  
Vol 2021 ◽  
pp. 1-6
Author(s):  
Jing Chen ◽  
Jianzhong Guo ◽  
Xin Shan ◽  
Dejin Kong
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Deep Learning ◽  
Filter Bank ◽  
Identification Accuracy ◽  
Correct Classification ◽  
Signal Modulation ◽  
Modulation Identification ◽  
Filter Bank Multicarrier ◽  
Conventional Methods

Signal modulation identification (SMI) has always been one of hot issues in filter-bank multicarrier with offset quadrature amplitude modulation (FBMC/OQAM), which is usually implemented by the machine learning-based feature extraction. However, it is difficult for conventional methods to extract the signal feature, resulting in a limited probability of correct classification (PCC). To tackle this problem, we put forward a novel SMI method based on deep learning to identify FBMC/OQAM signals in this paper. It is noted that the block repetition is employed in the FBMC/OQAM system to achieve the imaginary interference cancelation. In the proposed deep learning-based SMI technique, the in-phase and quadrature samples of FBMC/OQAM signals are trained by the convolutional neural network. Subsequently, the dropout layer is designed to prevent overfilling and improve the identification accuracy. To evaluate the proposed scheme, extensive experiments are conducted by employing datasets with different modulations. The results show that the proposed method can achieve better accuracy than conventional methods.

scholarly journals Performance of Machine Learning-Based Multi-Model Voting Ensemble Methods for Network Threat Detection in Agriculture 4.0

Sensors ◽  
2021 ◽  
Vol 21 (22) ◽  
pp. 7475
Author(s):  
Nikolaos Peppes ◽  
Emmanouil Daskalakis ◽  
Theodoros Alexakis ◽  
Evgenia Adamopoulou ◽  
Konstantinos Demestichas
Keyword(s):  
Machine Learning ◽  
Information And Communication Technologies ◽  
Network Traffic ◽  
Research Work ◽  
Ensemble Methods ◽  
Stochastic Gradient Descent ◽  
Support Vector ◽  
Agricultural Revolution ◽  
Network Traffic Classification ◽  
The Individual

The upcoming agricultural revolution, known as Agriculture 4.0, integrates cutting-edge Information and Communication Technologies in existing operations. Various cyber threats related to the aforementioned integration have attracted increasing interest from security researchers. Network traffic analysis and classification based on Machine Learning (ML) methodologies can play a vital role in tackling such threats. Towards this direction, this research work presents and evaluates different ML classifiers for network traffic classification, i.e., K-Nearest Neighbors (KNN), Support Vector Classification (SVC), Decision Tree (DT), Random Forest (RF) and Stochastic Gradient Descent (SGD), as well as a hard voting and a soft voting ensemble model of these classifiers. In the context of this research work, three variations of the NSL-KDD dataset were utilized, i.e., initial dataset, undersampled dataset and oversampled dataset. The performance of the individual ML algorithms was evaluated in all three dataset variations and was compared to the performance of the voting ensemble methods. In most cases, both the hard and the soft voting models were found to perform better in terms of accuracy compared to the individual models.

Sign in / Sign up

Export Citation Format

Share Document