ARTICLE | doi:10.20944/preprints202007.0191.v1
Subject: Keywords: Intrusion Detection System; NSL-KDD Dataset; One Hot Encoding; Information Gain; Decision Tree
Online: 9 July 2020 (12:23:29 CEST)
. In today’s world, cyber attack is one of the major issues concerning the organizations that deal with technologies like cloud computing, big data, IoT etc. In the area of cyber security, intrusion detection system (IDS) plays a crucial role to identify suspicious activities in the network traffic. Over the past few years, a lot of research has been done in this area but in the current scenario, network attacks are diversifying in both volume and variety. In this regard, this research article proposes a novel IDS where a combination of information gain and decision tree algorithm has been used for the purpose of dimension reduction and classification. For experimental purpose the NSL-KDD dataset has been used. Initially out of 41 features present in the dataset only 5 high information gain valued features are selected for classification purpose. The applicability of the selected features are evaluated through various machine learning based algorithms. The experimental result shows that the decision tree based algorithm records highest recognition accuracy among all the classifiers. Based on the initial classification result a novel methodology based on decision tree has been further developed which is capable of identifying multiple attacks by analyzing the packets of various transactions in real time.
ARTICLE | doi:10.20944/preprints202007.0187.v1
Subject: Keywords: Intrusion Detection System; NSL-KDD Dataset; One Hot Encoding; Information Gain; Convolution Neural Network
Online: 9 July 2020 (12:14:10 CEST)
Cyber security plays an important role to protect our computer, network, program and data from unauthorized access. Intrusion detection system (IDS) and intrusion prevention system (IPS) are two main categories of cyber security, designed to identify any suspicious activities present in inbound and outbound network packets and restrict the suspicious incident. Deep neural network plays a significant role in the construction of IDS and IPS. This paper highlights a novel IDS using optimized convolution neural network (CNN-IDS). An optimized CNNIDS model is an improvement over CNN which selects the best weighted model by considering the loss in every epoch. All the experiments have been conducted on the well known NSL-KDD dataset. Information gain has been used for dimensionality reduction. The accuracy of the proposed model is evaluated through optimized CNN for both binary and multiclass categories. Finally, a critical comparison has been performed with other general classifiers like J48, Naive Bayes, NB tree, Random forest, Multilayer Perceptron (MLP), Support Vector Machine (SVM), Recurrent Neural Network (RNN) and Convolution Neural Network(CNN). All the experimental results demonstrate that the optimized CNN-IDS model records the best recognition rate with minimum model construction time.
ARTICLE | doi:10.20944/preprints202104.0183.v1
Subject: Keywords: Intrusion detection systems; machine learning; NSL-KDD; feature selection; classification model; SBDS, ABDS, Snort, SVM
Online: 6 April 2021 (17:59:47 CEST)
Cloud computing is an emerging area which provide on demand computing resources and services through internet. It is faster and efficient technique but prone to severe security attacks. In this paper author have proposed a Network Intrusion Detection System (NIDS) to detect attacks at front end and backend when bulky flow of data packets flowing in a cloud environment. In our framework we used Signature based detection system for identifying the intruder and the Anomaly based detection system for detecting network attacks. The NIDS sensors were placed in a collaborative manner to prevent the attacks and to update the knowledge bases. Author have used supervised learning model to detect abnormal behavior of packets from network traffic. The dataset were trained and tested in terms of precision, recall, accuracy and model build time to select the best machine-learning model for detection of intruder and to improve the computational time and performance.