scholarly journals Network Intrusion Detection Systems Design: A Machine Learning Approach

2019 ◽  
Author(s):  
Manuel Gonçalves da Silva Neto ◽  
Danielo G. Gomes
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Learning Algorithm ◽  
Detection System ◽  
Systems Design ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
Detection Systems ◽  
Network Intrusion

With the increasing popularization of computer network-based technologies, security has become a daily concern, and intrusion detection systems (IDS) play an essential role in the supervision of computer networks. An employed approach to combat network intrusions is the development of intrusion detection systems via machine learning techniques. The intrusion detection performance of these systems depends highly on the quality of the IDS dataset used in their design and the decision making for the most suitable machine learning algorithm becomes a difficult task. The proposed paper focuses on evaluate and accurate the model of intrusion detection system of different machine learning algorithms on two resampling techniques using the new CICIDS2017 dataset where Decision Trees, MLPs, and Random Forests on Stratified 10-Fold gives high stability in results with Precision, Recall, and F1-Scores of 98% and 99% with low execution times.

scholarly journals Ensemble-Based Online Machine Learning Algorithms for Network Intrusion Detection Systems Using Streaming Data

Information ◽  
2020 ◽  
Vol 11 (6) ◽  
pp. 315
Author(s):  
Nathan Martindale ◽  
Muhammad Ismail ◽  
Douglas A. Talbert
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Intrusion Detection ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems

As new cyberattacks are launched against systems and networks on a daily basis, the ability for network intrusion detection systems to operate efficiently in the big data era has become critically important, particularly as more low-power Internet-of-Things (IoT) devices enter the market. This has motivated research in applying machine learning algorithms that can operate on streams of data, trained online or “live” on only a small amount of data kept in memory at a time, as opposed to the more classical approaches that are trained solely offline on all of the data at once. In this context, one important concept from machine learning for improving detection performance is the idea of “ensembles”, where a collection of machine learning algorithms are combined to compensate for their individual limitations and produce an overall superior algorithm. Unfortunately, existing research lacks proper performance comparison between homogeneous and heterogeneous online ensembles. Hence, this paper investigates several homogeneous and heterogeneous ensembles, proposes three novel online heterogeneous ensembles for intrusion detection, and compares their performance accuracy, run-time complexity, and response to concept drifts. Out of the proposed novel online ensembles, the heterogeneous ensemble consisting of an adaptive random forest of Hoeffding Trees combined with a Hoeffding Adaptive Tree performed the best, by dealing with concept drift in the most effective way. While this scheme is less accurate than a larger size adaptive random forest, it offered a marginally better run-time, which is beneficial for online training.

scholarly journals On evaluation of Network Intrusion Detection Systems: Statistical analysis of CIDDS-001 dataset using Machine Learning Techniques

2019 ◽  
Author(s):  
Abhishek Verma ◽  
Virender Ranga
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Learning Techniques ◽  
Network Intrusion Detection Systems ◽  
Secure Networks

In the era of digital revolution, a huge amount of data is being generated from different networks on a daily basis. Security of this data is of utmost importance. Intrusion Detection Systems are found to be one the best solutions towards detecting intrusions. Network Intrusion Detection Systems are employed as a defence system to secure networks. Various techniques for the effective development of these defence systems have been proposed in the literature. However, the research on the development of datasets used for training and testing purpose of such defence systems is equally concerned. Better datasets improve the online and offline intrusion detection capability of detection model. Benchmark datasets like KDD 99 and NSL-KDD cup 99 obsolete and do not contain network traces of modern attacks like Denial of Service, hence are unsuitable for the evaluation purpose. In this work, a detailed analysis of CIDDS-001 dataset has been done and presented. We have used different well-known machine learning techniques for analysing the complexity of the dataset. Eminent evaluation metrics including Detection Rate, Accuracy, False Positive Rate, Kappa statistics, Root mean squared error have been used to show the performance of employed machine learning techniques.

A Review on Network Intrusion Detection System Using Machine Learning

2020 ◽  
Vol 10 (1) ◽  
Author(s):  
Bello Nazifi Kagara ◽  
Maheyzah Md Siraj
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Current Trend ◽  
Holistic Approach ◽  
Machine Learning Techniques ◽  
Detection Systems ◽  
Network Intrusion ◽  
Daunting Task

The quality or state of being secure is the crucial concern of our daily life usage of any network. However, with the rapid breakthrough in network technology, attacks are becoming more trailblazing than defenses. It is a daunting task to design an effective and reliable intrusion detection system (IDS), while maintaining minimal complexity. The concept of machine learning is considered an important method used in intrusion detection systems to detect irregular network traffic activities. The use of machine learning is the current trend in developing IDS in order to mitigate false positives (FP) and False Negatives (FN) in the anomalous IDS. This paper targets to present a holistic approach to intrusion detection system and the popular machine learning techniques applied on IDS systems, bearing In mind the need to help research scholars in this continuous burgeoning field of Intrusion detection (ID).

scholarly journals On evaluation of Network Intrusion Detection Systems: Statistical analysis of CIDDS-001 dataset using Machine Learning Techniques

2019 ◽  
Author(s):  
Abhishek Verma ◽  
Virender Ranga
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Learning Techniques ◽  
Network Intrusion Detection Systems ◽  
Secure Networks

In the era of digital revolution, a huge amount of data is being generated from different networks on a daily basis. Security of this data is of utmost importance. Intrusion Detection Systems are found to be one the best solutions towards detecting intrusions. Network Intrusion Detection Systems are employed as a defence system to secure networks. Various techniques for the effective development of these defence systems have been proposed in the literature. However, the research on the development of datasets used for training and testing purpose of such defence systems is equally concerned. Better datasets improve the online and offline intrusion detection capability of detection model. Benchmark datasets like KDD 99 and NSL-KDD cup 99 obsolete and do not contain network traces of modern attacks like Denial of Service, hence are unsuitable for the evaluation purpose. In this work, a detailed analysis of CIDDS-001 dataset has been done and presented. We have used different well-known machine learning techniques for analysing the complexity of the dataset. Eminent evaluation metrics including Detection Rate, Accuracy, False Positive Rate, Kappa statistics, Root mean squared error have been used to show the performance of employed machine learning techniques.

scholarly journals Prediction of Network Attacks using Bio-Inspired Machine Learning Algorithm

2020 ◽  
Vol 8 (6) ◽  
pp. 5482-5485
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Computer Science ◽  
Learning Algorithm ◽  
Confusion Matrix ◽  
Machine Learning Algorithms ◽  
Machine Learning Techniques ◽  
Algorithm Engineering ◽  
Machine Learning Algorithm ◽  
Network Intrusion

Most of the times, data is created for the Intrusion Detection System (IDS) only when the set of all real working environments are explored under all the possibilities of attacks, which is an expensive task. Network Intrusion Detection software shields a system and computer network from staff and non-authorized users. The detector’s ultimate task is to build a foreboding classifier (i.e. a model) which would help in distinguishing between friendly and non-friendly connections, known as attacks or intrusions.This problem in network sectors is prevented by predicting whether the connection is attacked or not attacked from the dataset. We are using i.e. KDDCup99 using bio inspired machine learning techniques (like Artificial Neural Network). Bio inspired algorithm is a game changer in computer science. The extent of this field is really magnificent as compared to nature around it, complications of computer science are only a subset of it, opening a new era in next generation computing, modelling and algorithm engineering. The aim is to investigate bio inspired machine learning based techniques for better packet connection transfers forecasting by prediction results in best accuracy and to propose this machine learning-based method to accurately predict the DOS, R2L, U2R, Probe and overall attacks by predicting results in the form of best accuracy from comparing supervised classification machine learning algorithms. Furthermore, to compare and discuss the performance of various ML algorithms from the provided dataset with classification and evaluation report, finding and analysing the confusion matrix and for classifying data from the priority and result shows that the effectiveness of the proposed system i.e. bio inspired machine learning algorithm technique can be put on test with best accuracy along with precision, specificity, sensitivity, F1 Score and Recall

scholarly journals Evaluating the performance of machine learning algorithms for network intrusion detection systems in the internet of things infrastructure

2020 ◽  
Vol 9 (1) ◽  
pp. 14
Author(s):  
Yaser M. Banadaki
Keyword(s):  
Machine Learning ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems

As numerous Internet-of-Things (IoT) devices are deploying on a daily basis, network intrusion detection systems (NIDS) are among the most critical tools to ensure the protection and security of networks against malicious cyberattacks. This paper employs four machine learning algorithms: XGBoost, random forest, decision tree, and gradient boosting, and evaluates their performance in NIDS, considering the accuracy, precision, recall, and F-score. The comparative analysis conducted using the CICIDS2017 dataset reveals that the XGBoost performs better than the other algorithms reaching the predicted accuracy of 99.6% in detecting cyberattacks. XGBoost-based attack detectors also have the largest weighted metrics of F1-score, precision, and recall. The paper also studies the effect of class imbalance and the size of the normal and attack classes. The small numbers of some attacks in training datasets mislead the classifier to bias towards the majority classes resulting in a bottleneck to improving macro recall and macro F1 score. The results assist the network engineers in choosing the most effective machine learning-based NIDS to ensure network security for today’s growing IoT network traffic. 

scholarly journals Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems

2021 ◽  
Author(s):  
Giovanni Apruzzese ◽  
Mauro Andreolini ◽  
Luca Ferretti ◽  
Mirco Marchetti ◽  
Michele Colajanni
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Learning Methods ◽  
Detection Systems ◽  
Machine Learning Methods ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems

The incremental diffusion of machine learning algorithms in supporting cybersecurity is creating novel defensive opportunities but also new types of risks. Multiple researches have shown that machine learning methods are vulnerable to adversarial attacks that create tiny perturbations aimed at decreasing the effectiveness of detecting threats. We observe that existing literature assumes threat models that are inappropriate for realistic cybersecurity scenarios because they consider opponents with complete knowledge about the cyber detector or that can freely interact with the target systems. By focusing on Network Intrusion Detection Systems based on machine learning methods, we identify and model the real capabilities and circumstances that are necessary for an attacker to carry out a feasible and successful adversarial attack. We then apply our model to several adversarial attacks proposed in literature and highlight the limits and merits that can result in actual adversarial attacks. The contributions of this paper can help hardening defensive systems by letting cyber defenders address the most critical and real issues, and can benefit researchers by allowing them to devise novel forms of adversarial attacks based on realistic threat models.

scholarly journals An Approach for the Application of a Dynamic Multi-Class Classifier for Network Intrusion Detection Systems

Electronics ◽  
2020 ◽  
Vol 9 (11) ◽  
pp. 1759
Author(s):  
Xavier Larriva-Novo ◽  
Carmen Sánchez-Zas ◽  
Víctor A. Villagrá ◽  
Mario Vega-Barbas ◽  
Diego Rivera
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intelligent Systems ◽  
Research Work ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Detection Range ◽  
Detection Systems ◽  
Network Intrusion ◽  
Normal Behavior

Currently, the use of machine learning models for developing intrusion detection systems is a technology trend which improvement has been proven. These intelligent systems are trained with labeled datasets, including different types of attacks and the normal behavior of the network. Most of the studies use a unique machine learning model, identifying anomalies related to possible attacks. In other cases, machine learning algorithms are used to identify certain type of attacks. However, recent studies show that certain models are more accurate identifying certain classes of attacks than others. Thus, this study tries to identify which model fits better with each kind of attack in order to define a set of reasoner modules. In addition, this research work proposes to organize these modules to feed a selection system, that is, a dynamic classifier. Finally, the study shows that when using the proposed dynamic classifier model, the detection range increases, improving the detection by each individual model in terms of accuracy.

Sign in / Sign up

Export Citation Format

Share Document