RECENT RESEARCH ARTICLES IN INTRUSION DETECTION

International Journal of Network Security & Its Applications (IJNSA)

ISSN 0974 – 9330 (Online); 0975 – 2307 (Print)

http://airccse.org/journal/ijnsa.html

A SURVEY ON SECURITY IN WIRELESS SENSOR NETWORKS

Waleed Al Shehri

Department of Computer Science, King Abdul-Aziz University, Jeddah, Saudi Arabia

ABSTRACT

The emergence of wireless sensor networks (WSNs) can be considered one of the most important revolutions in the field of information and communications technology (ICT). Recently, there has been a dramatic increase in the use of WSN applications such as surveillance systems, battleground applications, object tracking, habitat monitoring, forest fire detection and patient monitoring. Due to limitations of sensor nodes in terms of energy, storage and computational ability, many security issues have arisen in such applications. As a result, many solutions and approaches have been proposed for different attacks and vulnerabilities to achieve security requirements. This paper surveys different security approaches for WSNs, examining various types of attacks and corresponding techniques for tackling these. The strengths and weaknesses for each technique are also discussed at the conclusion of this paper.

KEYWORDS

Wireless sensor networks; network security; cryptography; intrusion detection;

For More Details : http://aircconline.com/ijnsa/V9N1/9117ijnsa03.pdf

Volume Link : http://airccse.org/journal/jnsa17_current.html 

REFERENCES

[1] Kifayat, K., et al., Security in wireless sensor networks, in Handbook of Information and Communication Security. 2010, Springer. p. 513-552.

[2] Arampatzis, T., J. Lygeros, and S. Manesis. A survey of applications of wireless sensors and wireless sensor networks. in Proceedings of the 2005 IEEE International Symposium on, Mediterrean Conference on Control and Automation Intelligent Control, 2005. 2005. IEEE.

[3] Ko, J., et al., Wireless sensor networks for healthcare. Proceedings of the IEEE, 2010. 98(11): p.1947-1960.

[4] Panda, M. Data security in wireless sensor networks via AES algorithm. in Intelligent Systems and Control (ISCO), 2015 IEEE 9th International Conference on. 2015. IEEE.

[5] Sekhar, V.C. and M. Sarvabhatla. Security in wireless sensor networks with public key techniques. In Computer Communication and Informatics (ICCCI), 2012 International Conference on. 2012. IEEE.

[6] Praveena, A. and S. Smys. Efficient cryptographic approach for data security in wireless sensor networks using MES VU. in Intelligent Systems and Control (ISCO), 2016 10th International Conference on. 2016. IEEE.

[7] Jain, A., K. Kant, and M. Tripathy. Security solutions for wireless sensor networks. in 2012 Second International Conference on Advanced Computing & Communication Technologies. 2012. IEEE.

[8] Navin, A.H., et al. Encrypted Tag by Using Data-Oriented Random Number Generator to Increase Security in Wireless Sensor Network. in Computational Intelligence and Communication Networks (CICN), 2010 International Conference on. 2010. IEEE.

[9] Biswas, K., V. Muthukkumarasamy, and K. Singh, An encryption scheme using chaotic map and genetic operations for wireless sensor networks. IEEE Sensors Journal, 2015. 15(5): p. 2801-2809.

[10] Celestine, J., et al. An energy efficient flooding protocol for enhanced security in Wireless Sensor Networks. in Systems, Applications and Technology Conference (LISAT), 2015 IEEE Long Island.2015. IEEE.

[11] Prathap, U., P.D. Shenoy, and K. Venugopal. CMNTS: Catching malicious nodes with trust support in wireless sensor networks. in Region 10 Symposium (TENSYMP), 2016 IEEE. 2016. IEEE.

[12] Markert, J. and M. Massoth. Honeypot framework for wireless sensor networks. in Proceedings of International Conference on Advances in Mobile Computing & Multimedia. 2013. ACM.

[13] Abduvaliyev, A., et al., On the vital areas of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys & Tutorials, 2013. 15(3): p. 1223-1237.

AUTHORS

Waleed Al Shehri received his bachelor degree in computer science from King Abdulaziz University, Jeddah, Saudi Arabia(2005), MSc degree in information technology form Macquarie university, Sydney, Australia (2011) and now doing a PhD in computer science. His current research interests in cloud computing, big data and software engineering. Currently working in the Department of IT in Royal Saudi Air Force (RSAF). 

EFFECTIVENESS AND WEAKNESS OF QUANTIFIED/AUTOMATED ANOMALY BASED IDS

HidemaTanaka

National Defense Academy of Japan Hashirimizu 1-10-20 Yokosuka, Kanagawa Japan 239-8686.

ABSTRACT

We shall discuss new problems of quantification/automation of anomaly-based Intrusion Detection System(IDS). We shall analyze effectiveness and weakness using our proposal method as an example, and derive new attack scenario. Development of anomaly-based IDS is necessary for correspondence to a high network attack, however, we shall show that it makes new different problems at the same time. In this paper, we shall discuss some attack scenario which makes invalidate our detection. As the result, we conclude that it is difficult to prevent such attacks technically, and security requirements for operation side become serious.

KEYWORDS

Anomaly-based intrusion detection system, Automated IDS, Discrete Fourier Transform, Spectrum analysis, Kyoto2006+ dataset

For More Details : http://aircconline.com/ijnsa/V9N6/9617ijnsa01.pdf

Volume Link : http://airccse.org/journal/jnsa17_current.html

REFERENCES

[1] G.Bruneau. The history and evaluation of intrusion detection. SANS Institute Reading Room, https://www.sans.org/reading-room/whitepapers/detection/history-evolution-intrusion-detection-344, 2001.

[2] M.A.Alia, A.A.Hnaif, H.K.Al-Anie, K.A.Maria, A.M.Manasrah and M.I. Sarwar. A novel header matching algorithm for intrusion detection systems International Journal of Network Security and Its Applications. vol.3, No.4, 2011.

[3] A.V.Aho and M.J.Corasick. Efficient string matching: An aid to bibliographic search. Communications of the ACM, vol.18(6), pp.333-340, 1975.

[4] P.Barford, J.Kline, D.Plonka and A.Ron. A signal analysis of network traffic anomalies. In Proceedings of Internet Measurement Workshop, pp.71-82, 2002.

[5] B.Commentz-Walter. A string matching algorithm fast on the average. InProceedings of International Colloquium on Automata, Languages and Programming (ICALP), pp.118- 132, 1979.

[6] E.Chimedtseren, K.Iwai, H.Tanaka and T.Kurokawa. Intrusion detection system using Discrete Fourier Transform. In Proceedings of Seventh IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA2014)pp.1-5, 2014.

[7] F.J.Harris. On the use of windows for harmonic analysis with the discrete Fourier transform. In Proceedings of the IEEE, vol.66, no.1, pp.51-83, 1978.

[8] S.S.Kim, A.L.Narasimha Reddy and M.Vannucci. Detecting traffic anomalies through aggregate analysis of packet header data. In Networking 2004 Springer Lecture Notes in Computer Science 3042, pp.1057-1059, 2004.

[9] C.Kreibich and J.Crowcroft. Honeycomb: Creating intrusion detection signatures using honeypots. ACM SIGCOMM Computer Communication Review vol.34(1), pp.51-56, 2004.

[10] K.Imai,S.AokiandT.Miyamoto. Anomaly detection based on clustering of network traffic characteristics considering results go signature base IDS evaluation. ICISS Technical Report vol.489, no.114, pp.7-12, 2015.

[11] M.Sato, H.Yamaki and H.Takakura. Unknown attacks detection using feature extraction from anomaly-based ids alerts. In Applications and the Internet (SAINT), 2012 IEEE/IPSJ 12th International Symposium on IEEE, 2012 pp. 273-277, 2012.

[12] K.Skinner and A.Valdes. Adaptive model based monitoring for cyber-attack detection In Recent Advances in Intrusion Detection 2000 Springer Lecture Notes in Computer Science 1907, pp.80-92, 2000.

[13] J.Song, H.Takakura, Y.Okabe, M.Eto, D.Inoue, and K.Nakao. Statistical analysis of honey pot data and building of Kyoto 2006+ dataset for NIDS evaluation. In Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security ACM, 2011, pp.29-36, 2011.

[14] Y.Tsuge and H.Tanaka. Intrusion detection system using discrete Fourier transform with window function International Journal of Network Security & Its Applications (IJNSA) Vol.8, No.2, pp.23-34, 2016.

[15] Y.Tsuge and H.Tanaka. Intrusion detection system with spectrum quantification analysis International Journal of Cyber-Security and Digital Forensics (IJCSDF) 5(4), pp.197- 207, 2016.

[16] S.K.Wagh, V.K.Pachghare and S.R.Kolhe. Survey: Learning techniques for intrusion detection system. International Journal of Advance Foundation and Research in Computer vol.1, issue 2, pp.21- 28, 2014.

[17] K.Wang and S.J.Stolfo. Anomalous payload based network intrusion detection. In International Workshop on Recent Advances in Intrusion Detection (RAID) Springer Lecture Notes in ComputerScience 3224, pp.203-222, 2004.

[18] M.Zhou and S.D.Lang. A frequency-based approach to intrusion detection. In Proceedings of the Workshop on Network Security Threats and Countermeasures 2003.

[19] Traffic Data from Kyoto University’s Honeypots. http://www.takakura.com/Kyoto data/.

[20] The bro network security monitor. https://www.bro.org/.

[21] Logsurfer. https://www.cert.dfn.de/eng/logsurf/.

[22] OSTINATO Network Traffic Generator and Analyzer. http://ostinato.org.

[23] Snort. https://www.snort.org/.

[24] Swatch. https://www.swatch.sourceforge.net/.

[25] wireshark. https://www.wireshark.org/download.html.

AUTHOR 

Hidema Tanka is an associate professor of National Defense Academy Japan. His main research area is analysis of cryptographic algorithm, code theory, information security and cyber warfare. and its domestic laws.

PERFORMANCE EVALUATION OF J48 AND BAYES ALGORITHMS FOR INTRUSION DETECTION SYSTEM

1Uzair Bashir & 2Manzoor Chachoo

1Mewar University,Chittorgarh, Rajasthan,India 2University of Kashmir,Srinagar, India

ABSTRACT

Recent advances in the field of Artificial Intelligence has urged many security experts to follow this novel area. Extensive work has already been done, and much more efforts are being put to use the techniques of AI to improve the real time security. With lot of algorithms and techniques already in the market, it has become quite difficult to choose a particular algorithm,judging the fact that none proves to be accurate and efficient than the others. During the detailed study of major machine learning algorithms, we found certain algorithms more accurate than the other. In this paper, we have chosen two different techniques of differentiating the normal traffic from the intrusions. The results show J48 more efficient and accurate than the Naïve Bayes algorithm.

INDEX TERMS

Intrusion, IPV4, techniques, Bayes, Tree, Classification.

For More Details : http://aircconline.com/ijnsa/V9N4/9417ijnsa01.pdf

Volume Link : http://airccse.org/journal/jnsa17_current.html

REFERENCES

[1] CONNOLLY, P. J., 2001. Security protects bottom line. InfoWorld, Vol. 23, No. 15, p. 47

[2] SAKURAI, K., & Kim, T. H. (2008). A Trend in IDS researches. 보안공학연구논문지제권제호년월 (Journal of Security Engineering), 5(4), 8.

[3] Lazarevic, A., Ertoz, L., Kumar, V., Ozgur, A., & Srivastava, J. (2003). A comparative study of anomaly detection schemes in network intrusion detection. Proc. SIAM.

[4] Mathew, D. (2002). Choosing an intrusion detection system that best suits your organization. GSEC Practical v1. 4b, available at: www. Sans. org/reading_room/whitepapers/detection

[5] Brown, D. J., Suckow, B., & Wang, T. (2002). A survey of intrusion detection systems. Department of Computer Science, University of California, San Diego.

[6] Grandison, T., & Terzi, E. (2009). Intrusion Detection Technology.

[7] Beigh, B. M., & Peer, M. A. (2011). Intrusion Detection and Prevention System: Classification and Quick.

[8] Kovacich, G. L. (2003). The Information Systems Security Officer’s Guide: Establishing and managing an information protection program. Butterworth-Heinemann.

[9] Huang, Y. A., & Lee, W. (2003, October). A cooperative intrusion detection system for ad hoc networks. In Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks (pp. 135-147). ACM.

[10] Cavusoglu, H., Mishra, B., &Raghunathan, S. (2004). A model for evaluating IT security investments. Communications of the ACM, 47(7), 87-92.

[11] Banerjee, U., & Arya, K. V. (2013). Optimizing Operating Cost of an Intrusion Detection System. International Journal of Communications, Network and System Sciences, 6(1).

[12] Cohen, G., Meiseles, M., &Reshef, E. (2012). U.S. Patent No. 8,099,760. Washington, DC: U.S. Patent and Trademark Office

[13] Amoroso, E., &Kwapniewski, R. (1998, December). A selection criteria for intrusion detection systems. In Computer Security Applications Conference, 1998. Proceedings. 14th Annual (pp. 280-288). IEEE.

[14] Chaudhary, A., V. N. Tiwari, and A. Kumar. “Analysis of fuzzy logic based intrusion detection systems in mobile ad hoc networks.” BharatiVidyapeeth’s Institute of Computer Applications and Management (BVICAM) 6.1 (2014): 690-696.

[15] Beigh, Bilal Maqbool. “One-stop: A novel hybrid model for intrusion detection system.”Computing for Sustainable Global Development (INDIACom), 2014 International Conference on. IEEE, 2014.

[16] Mitra, Sulata, and ArkadeepGoswami. “Load Balancing in Integrated MANET, WLAN and Cellular Network.” BharatiVidyapeeth’s Institute of Computer Applications and Management (2011): 304.

[17] Witten, Ian H., and Eibe Frank. Data Mining: Practical machine learning tools and techniques. Morgan Kaufmann, 2005.

[18] Moskovitch, Robert, et al. “Improving the detection of unknown computer worms activity using active learning.” KI 2007: Advances in Artificial Intelligence. Springer Berlin Heidelberg, 2007. 489-493.

[19] Kotsiantis, Sotiris B., I. Zaharakis, and P. Pintelas. “Supervised machine learning: A review of classification techniques.” (2007): 3-24.

[20] Han, Hui, et al. “Two supervised learning approaches for name disambiguation in author citations.” Digital Libraries, 2004. Proceedings of the 2004 Joint ACM/IEEE Conference on. IEEE, 2004.

[21] Irani, Keki B. “Multi-interval discretization of continuous-valued attributes for classification learning.” (1993).

[22] Govindarajan, M. “Hybrid Intrusion Detection Using Ensemble of Classification Methods.” International Journal of Computer Network & Information Security 6.2 (2014).

 [23] Beigh, Bilal Maqbool. “A New Classification Scheme for Intrusion Detection Systems.” International Journal of Computer Network and Information Security (IJCNIS) 6.8 (2014): 56.

[24] Kenkre, Poonam Sinai, AnushaPai, and Louella Colaco. “Real time intrusion detection and prevention system.” Proceedings of the 3rd International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA) 2014. Springer International Publishing, 2015.

[25] Singh, Jayveer, and Manisha J. Nene. “A survey on machine learning techniques for intrusion detection systems.” International Journal of Advanced Research in Computer and Communication Engineering 2.11 (2013): 4349-4355.

[26] Wagh, Sharmila, et al. “Effective Framework of J48 Algorithm using Semi-Supervised Approach for Intrusion Detection.” International Journal of Computer Applications 94.12 (2014).

BENCHMARKS FOR EVALUATING ANOMALY-BASED INTRUSION DETECTION SOLUTIONS

Nicholas J. Miller and Mehrdad Aliasgari

Department of Computer Engineering and Computer Science, California State University, Long Beach, Long Beach 90840, USA.

ABSTRACT

Anomaly-based Intrusion Detection Systems (IDS) have gained increased popularity over time. There are many proposed anomaly-based systems using different Machine Learning (ML) algorithms and techniques, however there is no standard benchmark to compare them based on quantifiable measures. In this paper, we propose a benchmark that measures both accuracy and performance to produce objective metrics that can be used in the evaluation of each algorithm implementation. We then use this benchmark to compare accuracy as well as the performance of four different Anomaly-based IDS solutions based on various ML algorithms. The algorithms include Naive Bayes, Support Vector Machines, Neural Networks, and K-means Clustering. The benchmark evaluation is performed on the popular NSL-KDD dataset. The experimental results show the differences in accuracy and performance between these Anomaly-based IDS solutions on the dataset. The results also demonstrate how this benchmark can be used to create useful metrics for such comparisons.

 KEYWORDS

Anomaly-based Detection, Intrusion Detection, Benchmarks

For More Details : http://aircconline.com/ijnsa/V10N5/10518ijnsa01.pdf

Volume Link : http://airccse.org/journal/jnsa18_current.html

REFERENCES

[1] S. Morgan, “Ransomware Damage 2015,” 2017, [Online]. Available: report-2017-5-billion/.Costs 5 Billion in 2017, Up from 350 Million in https://cybersecurityventures.com/ransomware-damage-

[2] V. Charypar, “The End of the Cloud is Coming,” 2017, [Online]. Available: https://venturebeat.com/2017/11/04/the-end-of-the-cloud-is-coming/

[3] N. Scaife, H. Carter, P. Traynor, and K. R. Butler, “Cryptolock (and Drop it): Stopping Ran-somware Attacks on User Data,” in Proc. Intl. Conf. on Distributed Computing Systems, 2016, pp. 303–312.

[4] P. Garcia-Teodoro, J. Diaz-Verdejo, G. Maciá-Fernández, and E. Vázquez, “Anomaly-Based Network Intrusion Detection: Techniques, Systems and Challenges,” Computers & Security, vol. 28, no. 1-2, pp. 18–28, 2009.

[5] A. L. Buczak and E. Guven, “A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection,” IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153– 1176, 2016.

[6] A. Shiravi, H. Shiravi, M. Tavallaee, and A. A. Ghorbani, “Toward Developing a Systematic Approach to Generate Benchmark Datasets for Intrusion Detection,” Computers & Security, vol. 31, no. 3, pp. 357–374, 2012.

[7] D. H. Deshmukh, T. Ghorpade, and P. Padiya, “Intrusion Detection System by Improved Preprocessing Methods and Naïve Bayes Classifier Using NSL-KDD 99 Dataset,” in Proc. Intl. Conf. on Electronics and Communication Systems, 2014, pp. 1–7.

[8] M. S. Pervez and D. M. Farid, “Feature Selection and Intrusion Classification in NSL-KDD Cup 99 Dataset Employing SVMs,” in Proc. Intl. Conf. on Software, Knowledge, Information Manage-ment and Applications, 2014, pp. 1–6.

[9] D. Novikov, R. V. Yampolskiy, and L. Reznik, “Traffic Analysis Based Identification of Attacks.” IJCSA, vol. 5, no. 2, pp. 69–88, 2008.

[10] S. Mukherjee and N. Sharma, “Intrusion Detection Using Naive Bayes Classifier with Feature Reduction,” Procedia Technology, vol. 4, pp. 119–128, 2012.

[11] A. Lazarevic, L. Ertoz, V. Kumar, A. Ozgur, and J. Srivastava, “A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection,” in Proc. Intl. Conf. on Data Mining, 2003, pp. 25–36.

[12] L. Dhanabal and S. Shantharajah, “A Study on NSL-KDD Dataset for Intrusion Detection Sys-tem Based on Classification Algorithms,” International Journal of Advanced Research in Computer and Communication Engineering, vol. 4, no. 6, pp. 446–452, 2015.

[13] D. Damopoulos, S. A. Menesidou, G. Kambourakis, M. Papadaki, N. Clarke, and S. Gritzalis, “Evaluation of Anomaly-based IDS for Mobile Devices Using Machine Learning Classifiers,” Security and Communication Networks, vol. 5, no. 1, pp. 3–14, 2012.

[14] V. Kumar, H. Chauhan, and D. Panwar, “K-Means Clustering Approach to Analyze NSL-KDD Intrusion Detection Dataset,” International Journal of Soft Computing and Engineering, vol. 3, no. 4, pp. 1–4, 2013.

[15] R. A. Calix and R. Sankaran, “Feature Ranking and Support Vector Machines Classification Analysis of the NSL-KDD Intrusion Detection Corpus.” in FLAIRS Conference, 2013, pp. 292–295.

[16] R. Jain and N. Abouzakhar, “A Comparative Study of Hidden Markov Model and Support Vec-tor Machine in Anomaly Intrusion Detection,” Journal of Internet Technology and Secured Trans-actions (JITST), vol. 2, no. 1/2, p. 3, 2013.

[17] A. Javaid, Q. Niyaz, W. Sun, and M. Alam, “A Deep Learning Approach for Network Intrusion Detection System,” in Proc. 9th EAI Intl. Conf. on Bio-inspired Information and Communications Technologies, 2016, pp. 21–26.

[18] J. Stolfo, W. Fan, W. Lee, A. Prodromidis, and P. K. Chan, “Cost-based Modeling and Evaluation for Data Mining with Application to Fraud and Intrusion Detection,” Results from the JAM Project by Salvatore, pp. 1–15, 2000.

[19] J. McHugh, “Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory,” ACM Transactions on Information and System Security (TISSEC), vol. 3, no. 4, pp. 262–294, 2000.

[20] University of New Brunswick, “NSL-KDD Dataset,” [Online].  Available: http://www.unb.ca/cic/research/datasets/nsl.html.

[21] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A Detailed Analysis of the KDD CUP 99 Data Set,” in IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009, pp. 1–6.

[22] R. A. Maxion and K. M. Tan, “Benchmarking Anomaly-Based Detection Systems,” in Proc.Intl.Conf. on Dependable Systems and Networks, 2000, pp. 623–630.

[23] S. Revathi and A. Malathi, “A Detailed Analysis on NSL-KDD Dataset Using Various Machine Learning Techniques for Intrusion Detection,” International Journal of Engineering Research and Technology. ESRSA Publications, no. 12, pp. 1848–1853, 2013.

[24] N. Moustafa and J. Slay, “The UNSW-NB15 Data Set Description,” 2016, [Online]. Available: https://www.unsw.adfa.edu.au/australian-centre-for-cyber-security/cybersecurity/ADFANB15-Datasets/

[25] C. T. Giménez, A. P. Villegas, and G. Á. Marañón, “HTTP DATASET CSIC 2010,” 2012, [On-line]. Available: http://www.isi.csic.es/dataset/.

[26] P. G. Jeya, M. Ravichandran, and C. Ravichandran, “Efficient Classifier for R2L and U2R At-tacks,” International Journal of Computer Applications, vol. 45, no. 21, p. 29, 2012.

[27] University of Wisconsin-Madison, “A Basic Introduction To Neural Networks,” [Online]. Avail-able: http://pages.cs.wisc.edu/ bolo/shipyard/neural/local.html.

[28] R. Xu and D. Wunsch, “Survey of Clustering Algorithms,” IEEE Transactions on Neural Networks, vol. 16, no. 3, pp. 645–678, 2005.

[29] ASUS, “ASUS Chromebook C300 | Laptops,” [Online].  Available: https://www.asus.com/us/Laptops/ASUS_Chromebook_C300/specifications/.

[30] K. Hinum, “Qualcomm Snapdragon 820 MSM8996 SoC,” 2015, [Online]. Available: https://www.notebookcheck.net/Qualcomm-Snapdragon-820-MSM8996-SoC.156150.0.html.

[31] Apple, “iPhone X – Technical Specifications,” [Online]. Available: https://www.apple.com/iphone-x/specs/.

[32] Pandas, “Python Data Analysis Library,” [Online]. Available: https://pandas.pydata.org/.

[33] Scikit-learn, “Machine Learning in Python,” [Online]. Available: http://scikit-learn.org/stable/.

[34] Canonical, “Ubuntu,” 2018, [Online]. Available: https://www.ubuntu.com/.

[35] N. Miller, “Anomaly IDS Benchmark,” 2018, [Online]. Available: https://github.com/AnomalyIDSBench mark/.

[36] D. Goldberg, “What Every Computer Scientist Should Know About Floating-point Arithmetic,”ACM Computing Surveys (CSUR), vol. 23, no. 1, pp. 5–48, 1991.

[37] N. J. Miller, “Benchmarks for evaluating anomaly-based intrusion detection solutions,” Master Thesis, California State University, Long Beach, 2018. [Online]. Available: https://search.proquest.com/docview/2040857774

CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SET

Shaker El-Sappagh, Ahmed Saad Mohammed, Tarek Ahmed AlSheshtawy

Faculty of Computers & Informatics, Benha University, Egypt.

ABSTRACT

 In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that various procedures should be utilized to handle several of network attacks.

KEYWORDS

Intrusion Detection, Data Mining, KDD CUP 99, False Alarms

For More Details : http://aircconline.com/ijnsa/V11N3/11319ijnsa02.pdf

Volume Link : http://airccse.org/journal/jnsa19_current.html

REFERENCES

[1] Aleksandar Lazarevic, Levent Ertoz, Vipin Kumar, Aysel Ozgur, Jaideep Srivastava, “A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection

[2] Denning D. E, An intrusion-detection model, IEEE Transactions on Software Engineering, vol. SE13, no. 2, pp.222-232.

[3] Zesheng C., L. Gao and K. Kwiat, “Modeling the Spread of Active Worms, Twenty Second Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), vol. 3,pp:1890-1900, 2003.

[4] W. Lee and S. J. Stolfo, “Data Mining Approaches for Intrusion Detection”, the 7th USENIX Security Symposium, San Antonio, TX, January 1998.

[5] Moradi M., Zulkernine M., 2003, “A Neural Network Based System for Intrusion Detection and Classification of Attack”, Natural Science and Engineering Research Council Canada (NSERC).

[6] Symantec Enterprise.: Internet Security Threat Report 2016. https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf. [accessed 18.03.17].

[7] Arman Tajbakhsh, Mohammad Rahmati, and Abdolreza Mirzaei, “Intrusion detection using fuzzy association rules“, Applied Soft Computing ASOC509, Elsevier B.V, 2008.

[8] J.Hu, Host-Based Anomaly IDS. Springer Handbook of Information and Communication Security, Springer Verlag, 2010, ISBN978-3-642-04116-7 (Print), 978-3-642-04117-4 (Online)

[9] H Wang, J Cao, and Y Zhang, ”A flexible payment scheme and its role-based access control”, IEEE Transactions on knowledge and Data Engineering, vo. 17, no. 3, 425–436, 2005.

[10] Y. Zhang, Y. Shen, H. Wang, Y. Zhang, X. Jiang, “On Secure Wireless Communications for Service Oriented Computing,” IEEE Transactions on Services Computing, no.1, pp. 1.

[11] D. Wang, Z. Zhang, P. Wang, J. Yan, and X. Huang, ”Targeted Online Password Guessing: An Underestimated Threat,” ACM Conference on Computer and Communications Security, pp. 1242-1254, 2016

[12] K.K. Gupta, B. Nath and R. Kotagiri, “Layered Approach Using Conditional Random Fields for Intrusion Detection,” IEEE Transactions on Dependable and Secure Computing, vol. 7, no. 1, pp. 35–49, 2010.

[13] Warrender C., Forrest S. and Pearl M.,“Detecting Intrusions Using System Calls: Alternative Data Models”, in IEEE symposium on security and privacy, pp:133-145, 1999.

[14] Wenke L. and S. J.Stolfo, “A Framework for Constructing Features and Models for Intrusion Detection Systems”, ACM transactions on Information and system security (TISSEC), vol.3, Issue 4, Nov 2000.

[15] Agarwal R., Joshi M.V., “PNrule: A New Framework for Learning Classifier Models in Data Mining”, Tech. Report, Dept. of Computer Science, University of Minnesota, 2000.

[16] Daniel B., J.Couto, S.Jajodia, and N.Wu, “ADAM: A Test Bed for Exploring the Use of Data Mining in Intrusion Detection”, SIGMOD, vol30, no.4, pp: 15-24, 2001.

[17] Abraham T. , “IDDM: Intrusion Detection Using Data Mining Techniques”, Technical report DSTO electronics and surveillance research laboratory, Salisbury, Australia, May 2001.

[18] Zheng Z., J. Li, C.N. Manikapoulos, J.Jorgenson, J.ucles, “HIDE: A Hierarchical Network Intrusion Detection System Using Statistical Pre-Processing and Neural Network Classification”, IEEE workshop proceedings on Information assurance and security, pp:85-90, 2001.

[19] Xu X., “Adaptive Intrusion Detection Based on Machine Learning: Feature Extraction, Classifier Construction and equential Pattern Prediction”, International Journal of Web Services Practices 2(1-2), pp:49–58, 2006.

[20] Li Y., Guo L., “An Active Learning Based TCM-KNN Algorithm for Supervised Network Intrusion Detection”, In: 26 th Computers and Security, pp: 459–467, October 2007.

[21] Mrutyunjaya P. and M. Ranjan Patra, ” Evaluating Machine Learning Algorithms for Detecting Network Intrusions”, International Journal of Recent Trends in Engineering, vol. 1, no.1, May 2009.

[22] Mohammed M Mazid, M. Shawkat Ali, Kevin S. Tickle,“A Comparison Between Rule Based and Association Rule Mining Algorithms “, Third International Conference on Network and System Security, 2009.

[23] Sathyabama S., Irfan Ahmed M., Saravanan A,”Network Intrusion Detection Using Clustering: A Data Mining Approach”, International Journal of Computer Application (0975-8887), vol. 30, no. 4, Sep. 2011.

[24] Chihab Y. , Ouhman A., Erritali m. and Ouahidi B.,2013,”Detection & Classification of Internet Intrusion Based on the Combination of Random Forest and Naïve Bayes “, International Journal of Engineering and Technology (IJET), 2013

[25] Keerthika G. and Priya D. S.,”Feature Subset Evaluation and Classification using Naive Bayes Classifier“, Journal of Network Communications and Emerging Technologies (JNCET) Volume 1, Issue 1, March (2015) 2015

[26] Tesfahun A. and D.Bhaskari L., ,”Effective Hybrid Intrusion Detection System: A Layered Approach”, IJCNIS, vol.7, no.3, pp.35-41, 2015

[27] Aggarwal P. and Sharma S.K.,” An Empirical Comparison of Classifiers to Analyze Intrusion Detection”, Proc. of Fifth International Conference an Advanced Computing and Communication Technologies, 2015.

[28] Mukund Y. and Nayak S., ‘Improving false alarm rate in intrusion detection systems using Hadoop’, 21-24 Sept, International Conference. Vol.3 , 2016

[29] Gupta D., Singhal S, Malik S. and Singha., Network intrusion detection system using various data mining techniques, IEEE publication, 2016.

[30] Akashdeep Sharma ,Ishfaq Manzoor, Neeraj Kumar, A Feature Reduced Intrusion Detection System Using ANN Classifier, Expert Systems With Applications (2017)

[31] E. Kabir, J. Hu, H. Wang, G. Zhuo, A novel statistical technique forintrusion detection systems, Future Generation Computer Systems (2017)

[32] L. Duan and Y. Xiao, “An Intrusion Detection Model Based on Fuzzy C-means Algorithm,”, 8th International Conference on Electronics Information and Emergency Communication (ICEIEC), Beijing, pp. 120-123. (2018)

[33] Wang, Zheng. “Deep learning-based intrusion detection with adversaries.” IEEE Access 6 , 38367- 38384.(2018):

[34] Raheem Esraa and Saleh Alomari ,”An Adaptive Intrusion Detection System by using Decision Tree Osamah Adil“, Journal of AL-Qadisiyah for computer science and mathematics Vol.10 No.2,(2018).

[35] Chen M.S., Han J and Yu Philip S., Data Mining: An Overview from a Database Perspective, IEEE Transactions on Knowledge and Data Engineering, vol.8,No.6,1996,pp.866-883.

[36] Christine Dartigue, Hyun IK Jang, Wenjun Zeng, A New data-mining based approach for network Intrusion detection, Proc. of Seventh Annual Communication Networks and Services Research Conference, 2009, pp.372-377.

[37] Foster Provost, Tom Fawcett, Robust Classification for Imprecise Environment, 2000, pp.1-38, Kluwer Academic Publishers.

[38] Chawla N.V, Bowyer K.W, Hall L.O, Kegelmeyer W.P, Smote: Synthetic minority oversampling technique, Journal of Artificial Intelligence Research, vol.16, 2002, pp.321–357.

[39] Dewan Md. Farid, Nouria Harbi, Mohammad Zahidur Rahman , Combining Naive Bayes and Decision Tree for Adaptive Intrusion Detection, Proc. of Intl. Journal of Network Security & Its Applications (IJNSA), Volume 2, Number 2, 2010, pp.12-25.

[40] Domingos P. and Pazzani M., Beyond Independence: Conditions for the optimality of the simple Bayesian Classifier, In proceedings of the 13 th. Conference on Machine Learning, 1996, pp.105-110.

[41] Yeung D. Y. and Chow C., “Prazen-window Network Intrusion Detectors”, In: 16th International Conference on Pattern Recognition, Quebec, Canada, pp:11–15, August 2002.

[42] Yeung D. Y. and Chow C., “Prazen-window Network Intrusion Detectors”, In: 16 th International Conference on Pattern Recognition, Quebec, Canada, pp:11–15, August 2002

[43] Witten I. H. and Frank E., “ Data Mining: Practical Machine Learning Tools and Techniques”, 2nd edn. Morgan Kaufmann, San Francisco, 2005.

[44] Huy A. N., D. Choi ,”Application of Data Mining to Network Intrusion Detection: Classifier Selection Model”, pp:1, 2008.

[45] Mohammed M Mazid, M. Shawkat Ali, Kevin S. Tickle,“A Comparison Between Rule Based and Association Rule Mining Algorithms “, Third International Conference on Network and System Security, 2009.

[46] Kusum K. Bharti, S. Shukla and S. Jain , “Intrusion detection using clustering”, vol.1, issue 2, 3, 4, pp.6, 2010.

[47] Amanpreet C., G. Mishra, G. Kumar, “Survey on Data Mining Techniques in Intrusion Detection” , vol: 2, issue.7, pp:2, 2011.

AUTHORS

Shaker El-Sappagh received the bachelor’s degree in computer sciencfromthe Information Systems Department, Faculty of Computers and Information, Cairo University, Egypt, in 1997,the master’s degree from Cairo University, in 2007,and the Ph.D. degree in computer science from the Information Systems Department, Faculty of Computers and Information, Mansura University,Mansura, Egypt, in 2015. In 2003, he joined the Department of Information Systems, Faculty of Computers and Information, Minia University, Egypt, as a Teaching Assistant. Since 2016, he has been an Assistant Professor with the Department of Information Systems, Faculty of Computers and Information, Benha University. He is currently a Postdoctoral Fellow with the UWB Wire-less Communications Research Center, Department of Information and Communication Engineering, Inha University, South Korea. He has publications in clinical decision support systems and semantic intelligence. His current research interests include machine learning, medical informatics, (fuzzy) ontology engineering, distributed and hybrid clinical decision support systems, semantic data modeling, fuzzy expert systems, and cloud computing. He is very interested in the diseases diagnosis and treatment researches. He is a Reviewer for many journals.

Ahmed saad Mohammed received the bachelor’s degree from the Software engineering Department, Baghdad College of Economic Sciences University, Iraq, Baghdad in 200 5. His current research interests include machine learning, data mining and artificial intelligence

Dr. Tarek El-Shishtawy is a professor of Information System. His current work is vice Dean of postgraduates and researches at faculty of computers and informatics. The s cientific interests in clude Information Retrieval, Data Mining, and researches related to information systems in developing countries. Dr. Tarek published and refereed many articles in NLP. 

MULTI-LAYER CLASSIFIER FOR MINIMIZING FALSE INTRUSION

Shaker El-Sappagh, Ahmed saad Mohammed, Tarek Ahmed AlSheshtawy

Faculty of Computers & Informatics, Benha University, Egypt.

ABSTRACT

Intrusion detection is one of the standard stages to protect computers in network security framework from several attacks. False alarms problem is critical in intrusion detection, which motivates many researchers to discover methods to minify false alarms. This paper proposes a procedure for classifying the type of intrusion according to multi-operations and multi-layer classifier for handling false alarms in intrusion detection. The proposed system is tested using on KDDcup99 benchmark. The performance showed that results obtained from three consequent classifiers are better than a single classifier. The accuracy reached 98% based on 25 features instead of using all features of KDDCup99 dataset.

 KEYWORDS

Intrusion detection, multi-layer classifier, KDD CUP 99, False Alarms

For More Details : http://aircconline.com/ijnsa/V11N3/11319ijnsa04.pdf

Volume Link : http://airccse.org/journal/jnsa19_current.html

REFERENCES

[1] Vaidya h., Mirza SH., and Mail N.,”Intrusion System”, International Journal of advance research in engineering, science and technology, e-ISSN:2393-9877, p-ISSN:2394-2444,vol 3, Issue 3, Mar 2016.

[2] Nadiammai G.V and Hemalatha M.,”Effective Approach Toward Intrusion Detection System Using Data Mining Techniques”, Elsevier B.V. Egyption Informatics Journal, 2014.

[3] Islam A. and Islam M., “A Novel Signature_Based Traffic Classification Engine Reduce False Alarms in Intrusion Detection systems”, International Journal of Computer Networks and Communications (IJCNC) vol 7, No.1, Jan 2015.

[4] Al-Saedi K. and Manickam S., “research proposal: An Intrusion Detection System Alert Reduction and Assessment Framework Based on Data Mining“, Journal of Computer Science, 9(4):421-426,2013.

[5] Dult, I. and Dr.Borah S. “Some Studies in The Intrusion Detection Using Data Mining Techniques”. International Journal of Innovative Research in Science, Engineering and Technology, 4(7), 2015. .

[6] Novakovic, J., Strbac P. and Bulatovic, “Toward Optimal Feature Selection Using Ranking Methods and Classifications Algorithms“. Yugoslav Journal of operations research, 2011.

[7] Goeschel K., “Reducing False positives in Intrusion Detection systems using Data-Mining Techniques utilizing Support Vector Machines, Decision Trees and Naïve Bayes for off-line analysis”, IEEE, International Conference on 30 March-3 April 2016, USA, 7506774, July 2016.

[8] Mahmood D.Y., “Classification Trees with Logistic Regression Functions for Network Based Intrusion Detection System“, (IOSR-JCE) Journal of computer Engineering, e-ISSN: 2278-0661, p-ISSN: 2278-8727, vol 19, Issue 3, pp 48-52, June 2017.

[9] Belavagi M.C. and Muniyal B., “Performance Evaluation of Supervised Machine Learning Algorithms for Intrusion Detection“, (IMCIP) International Multi-conference on Information Processing-2016, Elsevier, vol 89, pages 117-123, 2016.

[10] L. Duan and Y. Xiao, “An Intrusion Detection Model Based on Fuzzy C-means Algorithm,”, 8th International Conference on Electronics Information and Emergency Communication (ICEIEC), Beijing, pp. 120-123. (2018)

[11] Wang, Zheng. “Deep learning-based intrusion detection with adversaries.” IEEE Access 6 , 38367-38384.(2018):

[12] Raheem Esraa and Saleh Alomari ,”An Adaptive Intrusion Detection System by using Decision Tree Osamah Adil”, Journal of AL-Qadisiyah for computer science and mathematics Vol.10 No.2,(2018).

[13] Siddiqui M.K. and Naahid Sh., “Analysis of Kdd cup 99 Dataset Using Clustering Based Data Mining“, International Journal of database theory and application, pp.23-34, vol.6, No.5(2013).

[14] Tavallaee M., Bagheri E., Lu W. and Ghorbani A.A, “A Detailed Analysis of the Kdd Cup 99 Data set“, proceedings of the IEE symposium on computational intelligence in security and defense applications ,2009.

[15] Nelcileno A., R. Oliveira, A. Akira Shinoda, B. Bhargava, “Identifying Important Characteristics in the KDD99 Intrusion Detection Dataset by Feature Selection using a Hybrid Approach”, pp:2, 2010.

[16] Mahbod T., E. Bagheri, Wei Lu, and A. A. Ghorbani ,” A Detailed Analysis of the KDD CUP 99 Data Set”, p.2, 2009.

[17] Brifcani A.M.A. and Issa A.S., “Intrusion Detection and Attack Classifier based on Three Techniques: A Comparative Study“, Journal of engineering and Technology, Vol.29, No.2, 2011.

[18] Wahba Y., Elsalamouny E. and El Taweel G., “Improving the performance of Multi-class Intrusion Detection Systems using features reduction“, (IJCSI) International Journal of computer science Issues, Vol 12, Issue 3,2015

AUTHORS

Shaker El-Sappagh received the bachelor’s degree in computer science from the Information Systems Department, Faculty of Computers and Information, Cairo University, Egypt, in 1997,the master’s degree from Cairo University, in 2007,and the Ph.D. degree in computer science from the Information Systems Department, Faculty of Computers and Information, Mansura University,Mansura, Egypt, in 2015. In 2003, he joined the Department of Information Systems, Faculty of Computers and Information, Minia University, Egypt, as a Teaching Assistant. Since 2016, he has been an Assistant Professor with the Department of Information Systems, Faculty of Computers and Information, Benha University. He is currently a Postdoctoral Fellow with the UWB Wire-less Communications Research Center, Department of Information and Communication Engineering, Inha University, South Korea. He has publications in clinical decision support systems and semantic intelligence. His current research interests include machine learning, medical informatics, (fuzzy) ontology engineering, distributed and hybrid clinical decision support systems, semantic data modeling, fuzzy expert systems, and cloud computing. He is very interested in the diseases diagnosis and treatment researches. He is a Reviewer for many journals

Ahmed saad Mohammed received the bachelor’s degree from the Software engineering Department, Baghdad College of Economic Sciences University, Iraq, Baghdad in 2005. His current research interests include machine learning, data mining and artificial intelligence

Dr. Tarek El-Shishtawy is a professor of Information System. His current work is vice Dean of postgraduates and researches at faculty of computers and informatics. The scientific interests in clude Information Retrieval, Data Mining, and researches related to information systems in developing countries. Dr. Tarek published and refereed many articles in NLP.

A COMBINATION OF TEMPORAL SEQUENCE LEARNING AND DATA DESCRIPTION FOR ANOMALYBASED NIDS

Nguyen Thanh Van1,2, Tran Ngoc Thinh1, Le Thanh Sach1

1Faculty of Computer Science and Engineering. Ho Chi Minh City University of Technology, VNUHCM, VietNam.

2Ho Chi Minh City University of Technology and Education, VietNam.

ABSTRACT

Through continuous observation and modelling of normal behavior in networks, Anomaly-based Network Intrusion Detection System (A-NIDS) offers a way to find possible threats via deviation from the normal model. The analysis of network traffic based on time series model has the advantage of exploiting the relationship between packages within network traffic and observing trends of behaviors over a period of time. It will generate new sequences with good features that support anomaly detection in network traffic and provide the ability to detect new attacks. Besides, an anomaly detection technique, which focuses on the normal data and aims to build a description of it, will be an effective technique for anomaly detection in imbalanced data. In this paper, we propose a combination model of Long Short Term Memory (LSTM) architecture for processing time series and a data description Support Vector Data Description (SVDD) for anomaly detection in A-NIDS to obtain the advantages of them. This model helps parameters in LSTM and SVDD are jointly trained with joint optimization method. Our experimental results with KDD99 dataset show that the proposed combined model obtains high performance in intrusion detection, especially DoS and Probe attacks with 98.0% and 99.8%, respectively.

KEYWORDS

Anomaly-based network intrusion detection system, temporal sequence, data description

For More Details : http://aircconline.com/ijnsa/V11N3/11319ijnsa07.pdf

Volume Link : http://airccse.org/journal/jnsa19_current.html 

REFERENCES 

[1] Klaus G, Rupesh K. S., Jan K. et al., “LSTM – A Search Space Odyssey”, Transactions on neural networks and learning systems, 2017.

[2] Krawczyk and Bartosz, “Learning from imbalanced data: open challenges and future directions,” Prog Artif Intell5:221–232, Springerlink.com, 2016.

[3] B. Scholkopf, J. C. Platt, J. Shawe-Taylor et al., “Estimating the support of a high-dimensional distribution,” 2001.

[4] D. M. Tax and R. P. Duin, “Support vector data description,” in Machine Learning, 2004.

[5] Tolga Ergen, et al.”Unsupervised and Semi-supervised Anomaly Detection with LSTM Neural Networks“, arXiv:1710.09207 [eess.SP], 2017.

[6] Chandola V., Banerjee A. and Kumar V., “Anomaly detection: A survey,” Technical report, USA, 2009.

[7] M. Ahmed, A. Naser Mahmood and J. Hu, “A survey of network anomaly detection techniques,” Journal of Network and Computer Applications, p. 13, 2015.

[8] Nguyen Thanh Van and Tran Ngoc Thinh, “Accelerating anomaly-based IDS using neural network on GPU,” in IEEE International Conference on Advanced Computing and Applications, 2015.

[9] L. Arnold, S. Rebecchi, S. Chevallier et al., “An Introduction to Deep Learning,” in European Symposium on Artificial Neural Networks, Bruges (Belgium), 2011.

[10] Nguyen Thanh Van, Le Thanh Sach and Tran Ngoc Thinh, “An anomaly-based Network Intrusion Detection System using Deep learning,” in IEEE International Conference on System Science and Engineering, 2017.

[11] Y. Feng, Y. Li and J. Luo, “Learning Effective Gait Features Using LSTM,” in 23rd International Conference on Pattern Recognition (ICPR), México, 2016.

[12] Z. Xu, S. Li and W. Deng, “Learning Temporal Features Using LSTM-CNN Architecture for Face Anti-spoofing,” in 3rd IAPR Asian Conference on Pattern Recognition, 2015

[13] Ji K., Jae K., Huong LTT et al., “LSTM – RNN Classifier for Intrusion Detection,” in International Conference Platform Technology and Service (PlatCon), South Korea, 2016.

[14] Ralf C. Staudemeyer, “Applying LSTM RNN to intrusion detection,” South African Computer Journal, p. 6, 2015.

[15] Lo¨ıc B., Van Cao, James M. et al., “Collective Anomaly Detection based on LSTM RNN,” in International Conference on Future Data and Security Engineering, 2016.

[16] Min Ch., Qi.X., J.L. et al., “MS-LSTM: a Multi-Scale LSTM Model for BGP anomaly detection,” in 24th International Conference on Network Protocols (ICNP), 2016.

[17] P. Malhotra, L. Vig, G. Shroff et al., “Long Short Term Memory Networks for Anomaly Detection in Time Series,” in Presses universitaires de Louvain, 2015.

[18] Agarap and A Fred, “A NN Architecture Combining GRU and SVM for Intrusion Detection in network traffic data,” in Machine Learning and Computing (ICMLC), 2018.

[19] Mary H. and Yashwant P. S., “One-class SVM approach to anomaly detection,” Taylor & Francis Group, LLC, 2013.

[20] QA Tran, H. Duan and X. Li, “One-class SVM for Anomaly Network Traffic Detection,”Researchgate, 2004.

[21] Yang Z., Nirvana M. and Paul H., “Adaptive and Online One-Class SVM-based Outlier Detection Techniques for Wireless Sensor Networks,” in Advanced Information Networking and Applications Workshops., 2009.

[22] Abdulrahman A. and Leslie S. S., “A Novel Approach Combining RNN and SVM for time series,” in 9th Innovations in Information Technology (IIT), UK, 2013.

[23] Vapnik, “Statistical Learning Theory.,” Wiley, 1995.

[24] M. Lincoln, http://kdd.ics.uci.edu/databases/kddcup99.

[25] N. Moustafa and J. Slay, “The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 dataset and the comparison with the KDD99 dataset,” Information Security: A Global Perspective, pp. 1-14, 2016.

[26] I. Sharafaldin, A. Habibi Lashkari, and Ali A. Ghorbani, “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization,” in 4th International Conference on Information Systems Security and Privacy (ICISSP), Portugal, Jan, 2018.

[27] M. Turcotte, A. Kent and C. Hash, “Unified Host and Network Data Set,” Data Science for CyberSecurity, pp. 1-22, Nov, 2018.

[28] Badran, Khaled, Rockett et al., “Multi-class pattern classification using single, multi-dimensional feature-space feature extraction evolved by multi-objective genetic programming and its application to NID,” Genet Program Evolvable, p. 31, 2012.

[29] Abdulla Amin A. and Mamun Bin I. R., “A novel SVM-kNN-PSO ensemble method for intrusion detection system,” Applied Soft Computing. © 2015 Published by Elsevier B.V, p. 13, 2015.

[30] Li Y., Xia J., Zhang S. et al., “An efficient intrusion detection system based on support vector machine and gradually features removal method,” Expert System with Applications, vol. 39, no. 424–430, p. 7, 2012.

[31] Amiri F., Yousefi M. M. R., Lucas C. et al, “Mutual information based feature selection for intrusion detection. Network and Computer Application,,” Network and Computer Applications, vol. 34, no.1184–1199, p. 16, 2011.

[32] Horng S. J., Su M.-Y., Chen Y. H. et al., “A novel intrusion detection system based on hierarchical clustering and support vector machines.,” Expert Systems with Applications, vol. 306–313, p. 8, 2010.

[33] Akashdeep, I. Manzoor and N. Kumar, “A feature reduced intrusion detection system using ANN classifier,” Expert Systems With Applications, vol. 88, no. 249–257, p. 9, 2017.

[34] Nicholas J. Miller and Mehrdad Aliasgari, “Benchmarks for evaluating anomaly-based intrusion detection solutions,” International Journal of Network Security & Its Applications (IJNSA), vol. 10,no. 5, p. 12, September 2018.

Advertisements