Ch.Kodanda Ramu,T. Srinivasa Rao,E. Uma Shankar Rao

DOI: https://doi.org/10.1007/s11042-024-18558-5

IF: 2.577

2024-02-20

Multimedia Tools and Applications

Abstract:In recent times, network-based applications have rapidly grown in the field of information and communication technology(ICT), which enables individuals and organizations to connect and share their sensitive information seamlessly. The security of these network-based applications is imperative to avoid cyber-attacks during the exchange of sensitive information. The identification of anomalies in network events can be highly challenging due to the complex nature of traffic flows. To solve the challenges, network intrusion detection system (NIDS) technology is used; any network can profit from this system because it can monitor traffic and detect any irregularities. The existing NIDS systems driven by machine learning models do not provide sufficient ability to handle heterogeneous data and realize performance degradation while detecting some types of attacks. Therefore, this paper proposes an innovative meta-heuristic optimization and deep learning-based methodology for improving the performance of NIDS systems. Initially, the raw captured traffic data is fed into the pre-processing phase to attain data standardization and data balancing. Further, an extended Pelican Optimization algorithm (Ex-Pel) is employed to select the set of features from the pre-processed data optimally. Finally, the Self-Attention Assisted Weighted Auto Encoder (SAttn_WAE) is executed to detect the attacks precisely through the set of optimal features. The execution of the proposed methodology is carried out in the Python platform, and performance evaluation is done using accuracy, precision, recall, FAR, and F1-score metrics. The proposed model achieved an accuracy of 99.23%, precision of 99.78%, FAR of 0.67%, recall of 99.13%, and F1-score of 99.32%, which is comparatively better than existing models.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Parasuraman Kumar,A. Anbarasa Kumar,C. Sahayakingsly,A. Udayakumar

DOI: https://doi.org/10.1007/s12083-020-00999-y

2020-10-31

Abstract:In this digital period, internet has turned into an indispensable wellspring of correspondence in just about every calling. With the expanded use of system engineering, its security has developed to be exceptionally discriminating issue as the workstations in distinctive association hold very private data and touchy information. The system which helps in screening the system security is termed as Network detection. Intrusion detection is to get ambushes against a machine structure. One of the vital tests to Intrusion Detection is the issue of misjudgment, misdetection and unsuccessful deficiency of steady response to the strike. In the past years, as the second line of boundary after firewall, the Intrusion Detection (ID) strategy has got speedy progression. Two diverse Machine Learning techniques are prepared in this research work, which include both supervised and unsupervised, for Network Intrusion Detection. Naive Bayes (supervised learning) and Self Organizing Maps (unsupervised learning) are the presented techniques. Deep learning techniques such as CNN is used for feature extraction. These remain provisional chances adaptation technique and pointer variables transformation. The two machine learning procedures are prepared on both kind of transformed dataset and afterward their outcomes are looked at with respect to the correctness of intrusion detection. The best Detection Rate (DR) was for the 93.0% User to Root attack (U2R) attack type and the most horrible result was display for Denial of Service attack (DOS) attacks with 0.02%.

computer science, information systems,telecommunications

Zhihao Wang,Dingde Jiang,Liuwei Huo,Wei Yang

DOI: https://doi.org/10.1007/s11276-021-02698-9

IF: 2.701

2021-01-01

Wireless Networks

Abstract:With the rapid development of cloud computing and mobile internet, massive network traffic is generated, with the raging malicious traffic and attacks. Network Intrusion Detection System plays an essential part in defending the malicious attacks. However, based on mathematical-statistical and packet verification methods, traditional network intrusion detection approaches are inadequate in detection capacity. Therefore, in this paper, we present an effective network intrusion detection approach based on sparse auto-encoder (SAE) and random forest (RF), as a mitigation way to this problem. The feature extraction power of SAE and the classification and detection power of random forest are combined to improve the detection efficiency and accuracy. And the SAE-RF (Sparse Auto-Encoder Based Random Forest) detection approach is presented. Besides, to address the irregularities and imbalance of the benchmark dataset, an ANASYN over-sampling technique is employed. Simulation and evaluation results on TensorFlow and Keras demonstrate the proposed SAE-RF model has better performance than existing approaches.

Salwa Elsayed,Khalil Mohamed,Mohamed Ashraf Madkour

DOI: https://doi.org/10.1109/access.2024.3389096

IF: 3.9

2024-05-03

IEEE Access

Abstract:This study introduces a deep learning approach for network intrusion detection (NIDS), which excels in both binary and multi-classification tasks. This approach combines the strengths of six distinct deep learning algorithms: DNN, CNN, RNN, LSTM, GRU, and a Hybrid CNN-LSTM architecture. The NSL-KDD dataset, a widely recognized benchmark for intrusion detection research, was utilized for implementation and evaluation. In binary classification, the approach demonstrates exceptional capabilities, with the GRU approach outperforming others. Similarly, the DNN, LSTM, CNN, and RNN approaches exhibit robust performance, showcasing their efficacy in detecting anomalies within network data. In the multi-classification setting, the DNN approach stands out with outstanding performance. While other approaches, including RNN, CNN, LSTM, GRU, and the Hybrid CNN-LSTM approach, also maintain commendable results, the DNN approach proves to be the most effective in handling complex network patterns. This research provides valuable insights into the application of deep learning approaches using the NSL-KDD dataset for network anomaly detection, emphasizing their versatility and reliability across different classification scenarios. The findings lay the groundwork for further exploration and utilization of deep learning methodologies in enhancing network security.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jevgenijus Toldinas,Algimantas Venčkauskas,Robertas Damaševičius,Šarūnas Grigaliūnas,Nerijus Morkevičius,Edgaras Baranauskas

DOI: https://doi.org/10.3390/electronics10151854

IF: 2.9

2021-08-01

Electronics

Abstract:The current rise in hacking and computer network attacks throughout the world has heightened the demand for improved intrusion detection and prevention solutions. The intrusion detection system (IDS) is critical in identifying abnormalities and assaults on the network, which have grown in size and pervasiveness. The paper proposes a novel approach for network intrusion detection using multistage deep learning image recognition. The network features are transformed into four-channel (Red, Green, Blue, and Alpha) images. The images then are used for classification to train and test the pre-trained deep learning model ResNet50. The proposed approach is evaluated using two publicly available benchmark datasets, UNSW-NB15 and BOUN Ddos. On the UNSW-NB15 dataset, the proposed approach achieves 99.8% accuracy in the detection of the generic attack. On the BOUN DDos dataset, the suggested approach achieves 99.7% accuracy in the detection of the DDos attack and 99.7% accuracy in the detection of the normal traffic.

engineering, electrical & electronic,computer science, information systems,physics, applied

Raj Kumar Batchu,Thulasi Bikku,Srinivasarao Thota,Hari Seetha,Abayomi Ayotunde Ayoade

DOI: https://doi.org/10.1038/s41598-024-77554-9

IF: 4.6

2024-11-24

Scientific Reports

Abstract:Distributed denial of service (DDoS) attack is one of the most hazardous assaults in cloud computing or networking. By depleting resources, this attack renders the services unavailable to end users and leads to significant financial and reputational damage. Hence, identifying such threats is crucial to minimize revenue loss, market share, and productivity loss and enhance the brand reputation. In this study, we implemented an effective intrusion detection system using deep learning approach. The suggested framework includes three phases: Data pre-processing, Data balancing, and Classification. First, we prepare the valid data, which is helpful for further processing. Then, we balance the given pre-processed data by Conditional generative adversarial network (CGAN), and as a result, we can minimize the bias towards the majority classes. Finally, we distinguish whether the traffic is attack or benign using a stacked sparse denoising autoencoder (SSDAE) with a firefly-black widow (FA-BW) hybrid optimization algorithm. All these experiments are validated through the CICDDoS2019 dataset and compared with well-received techniques. From these findings, we observed that the proposed strategy detects DDoS attacks significantly more accurately than other approaches. Based on our findings, this study highlights the crucial role played by advanced deep learning techniques and hybrid optimization algorithms in strengthening cybersecurity against DDoS attacks.

multidisciplinary sciences

Yung-Chung Wang,Yi-Chun Houng,Han-Xuan Chen,Shu-Ming Tseng

DOI: https://doi.org/10.3390/s23042171

IF: 3.9

2023-02-16

Sensors

Abstract:The prevalence of internet usage leads to diverse internet traffic, which may contain information about various types of internet attacks. In recent years, many researchers have applied deep learning technology to intrusion detection systems and obtained fairly strong recognition results. However, most experiments have used old datasets, so they could not reflect the latest attack information. In this paper, a current state of the CSE-CIC-IDS2018 dataset and standard evaluation metrics has been employed to evaluate the proposed mechanism. After preprocessing the dataset, six models—deep neural network (DNN), convolutional neural network (CNN), recurrent neural network (RNN), long short-term memory (LSTM), CNN + RNN and CNN + LSTM—were constructed to judge whether network traffic comprised a malicious attack. In addition, multi-classification experiments were conducted to sort traffic into benign traffic and six categories of malicious attacks: BruteForce, Denial-of-service (DoS), Web Attacks, Infiltration, Botnet, and Distributed denial-of-service (DDoS). Each model showed a high accuracy in various experiments, and their multi-class classification accuracy were above 98%. Compared with the intrusion detection system (IDS) of other papers, the proposed model effectively improves the detection performance. Moreover, the inference time for the combinations of CNN + RNN and CNN + LSTM is longer than that of the individual DNN, RNN and CNN. Therefore, the DNN, RNN and CNN are better than CNN + RNN and CNN + LSTM for considering the implementation of the algorithm in the IDS device.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Ishaan Shivhare,Joy Purohit,Vinay Jogani,Samina Attari,Dr. Madhav Chandane

DOI: https://doi.org/10.48550/arXiv.2306.07601

2023-06-13

Cryptography and Security

Abstract:Network intrusions are a significant problem in all industries today. A critical part of the solution is being able to effectively detect intrusions. With recent advances in artificial intelligence, current research has begun adopting deep learning approaches for intrusion detection. Current approaches for multi-class intrusion detection include the use of a deep neural network. However, it fails to take into account spatial relationships between the data objects and long term dependencies present in the dataset. The paper proposes a novel architecture to combat intrusion detection that has a Convolutional Neural Network (CNN) module, along with a Long Short Term Memory(LSTM) module and with a Support Vector Machine (SVM) classification function. The analysis is followed by a comparison of both conventional machine learning techniques and deep learning methodologies, which highlights areas that could be further explored.

D. Selvapandian,R. Santhosh

DOI: https://doi.org/10.1007/s10515-021-00298-7

IF: 1.677

2021-09-21

Automated Software Engineering

Abstract:The possibility of connecting billions of smart end devices in the Internet of Things (IoT) provides wide range of services to the user. But, the unlimited connectivity of devices in IoT brings security issues when it is connected to wireless networks. Integrating cloud with IoT networks gains more attention as it reduces the sensor node resource limitations. However, the network complexity, open broadcast characteristics of IoT networks are vulnerable to attacks. To ensure network security and reliable operations, Intrusion Detection Systems (IDS) are widely preferred. IDS identifies the anomalies effectively in complex network environments and ensures the security of the network. Traditional intrusion detection systems based on neural networks consume long training time and low classification accuracy. Recently, deep learning methods are widely used in various image and signal processing, security applications. This research work presents a deep learning-based intrusion detection system for multi-cloud IoT environment to overcome the limitations of neural network-based intrusion detection models. The proposed intrusion detection model improves the detection accuracy by improving the training efficiency. Experimental evaluation of proposed model using NSL-KDD dataset provides improved performance than conventional techniques attaining 97.51% of detection rate, 96.28% of detection accuracy, and 94.41% of precision.

Sami Yaras,Murat Dener

DOI: https://doi.org/10.3390/electronics13061053

IF: 2.9

2024-03-13

Electronics

Abstract:The most significant threat that networks established in IoT may encounter is cyber attacks. The most commonly encountered attacks among these threats are DDoS attacks. After attacks, the communication traffic of the network can be disrupted, and the energy of sensor nodes can quickly deplete. Therefore, the detection of occurring attacks is of great importance. Considering numerous sensor nodes in the established network, analyzing the network traffic data through traditional methods can become impossible. Analyzing this network traffic in a big data environment is necessary. This study aims to analyze the obtained network traffic dataset in a big data environment and detect attacks in the network using a deep learning algorithm. This study is conducted using PySpark with Apache Spark in the Google Colaboratory (Colab) environment. Keras and Scikit-Learn libraries are utilized in the study. 'CICIoT2023' and 'TON_IoT' datasets are used for training and testing the model. The features in the datasets are reduced using the correlation method, ensuring the inclusion of significant features in the tests. A hybrid deep learning algorithm is designed using one-dimensional CNN and LSTM. The developed method was compared with ten machine learning and deep learning algorithms. The model's performance was evaluated using accuracy, precision, recall, and F1 parameters. Following the study, an accuracy rate of 99.995% for binary classification and 99.96% for multiclassification is achieved in the 'CICIoT2023' dataset. In the 'TON_IoT' dataset, a binary classification success rate of 98.75% is reached.

engineering, electrical & electronic,computer science, information systems,physics, applied

Jay Sinha,M. Manollas

DOI: https://doi.org/10.1145/3430199.3430224

2020-06-26

Abstract:The need for Network Intrusion Detection systems has risen since usage of cloud technologies has become mainstream. With the ever growing network traffic, Network Intrusion Detection is a critical part of network security and a very efficient NIDS is a must, given new variety of attack arises frequently. These Intrusion Detection systems are built on either a pattern matching system or AI/ML based anomaly detection system. Pattern matching methods usually have a high False Positive Rates whereas the AI/ML based method, relies on finding metric/feature or correlation between set of metrics/features to predict the possibility of an attack. The most common of these is KNN, SVM etc., operate on a limited set of features and have less accuracy and still suffer from higher False Positive Rates. In this paper, we propose a deep learning model combining the distinct strengths of a Convolutional Neural Network and a Bi-directional LSTM to incorporate learning of spatial and temporal features of the data. For this paper, we use publicly available datasets NSL-KDD and UNSW-NB15 to train and test the model. The proposed model offers a high detection rate and comparatively lower False Positive Rate. The proposed model performs better than many state-of-the-art Network Intrusion Detection systems leveraging Machine Learning/Deep Learning models.

Chongzhen Zhang,Fangming Ruan,Lan Yin,Xi Chen,Lidong Zhai,Feng Liu

DOI: https://doi.org/10.1109/icasid.2019.8925239

2019-01-01

Abstract:Along with the high-speed growth of Internet, cyber-attack is becoming more and more frequent, so the detection of network intrusions is particularly important for keeping network in normal work. In modern big data environment, however, traditional methods do not meet requirement of the network in the aspects of adaptability and efficiency. A approach based on deep learning for intrusion detection was proposed in this paper which can be applied to deal with the problem to certain extent. Autoencoder, as a popular technology of deep learning, was used in the proposed solution. The encoder of deep autoencoder was taken to compress the less important features and extract key features without decoder. With proposed approach one can build the network and identify attacks faster, the benchmark NSL-KDD dataset can be evaluated with proposed model.

Khloud Al Jallad,Mohamad Aljnidi,Mohammad Said Desouki

DOI: https://doi.org/10.48550/arXiv.2209.13961

2022-09-28

Cryptography and Security

Abstract:With the growing use of information technology in all life domains, hacking has become more negatively effective than ever before. Also with developing technologies, attacks numbers are growing exponentially every few months and become more sophisticated so that traditional IDS becomes inefficient detecting them. This paper proposes a solution to detect not only new threats with higher detection rate and lower false positive than already used IDS, but also it could detect collective and contextual security attacks. We achieve those results by using Networking Chatbot, a deep recurrent neural network: Long Short Term Memory (LSTM) on top of Apache Spark Framework that has an input of flow traffic and traffic aggregation and the output is a language of two words, normal or abnormal. We propose merging the concepts of language processing, contextual analysis, distributed deep learning, big data, anomaly detection of flow analysis. We propose a model that describes the network abstract normal behavior from a sequence of millions of packets within their context and analyzes them in near real-time to detect point, collective and contextual anomalies. Experiments are done on MAWI dataset, and it shows better detection rate not only than signature IDS, but also better than traditional anomaly IDS. The experiment shows lower false positive, higher detection rate and better point anomalies detection. As for prove of contextual and collective anomalies detection, we discuss our claim and the reason behind our hypothesis. But the experiment is done on random small subsets of the dataset because of hardware limitations, so we share experiment and our future vision thoughts as we wish that full prove will be done in future by other interested researchers who have better hardware infrastructure than ours.

Yuansheng Dong,Rong Wang,Juan He

DOI: https://doi.org/10.1109/icsess47205.2019.9040718

2019-01-01

Abstract:Computer network is vulnerable to hackers, computer viruses, and other malicious attacks. As an active defense technology, intrusion detection plays an important role in the field of network security. Traditional intrusion detection technologies face problems such as low accuracy, low detection efficiency, high false positive rate, and inability to cope with new types of intrusions. To solve these problems, we propose a real-time network intrusion detection system based on deep learning, which uses big data technology, natural language processing technology and deep learning technology. Our main contributions are as follows: (1) Use Flume as the agent for log collection to realize real-time massive log collection, using Flink as real-time computation engine. (2) Aiming at the high dimensional problem of traffic data, a self-encoder-based intrusion detection dimension reduction method is proposed, and the intrusion detection data is preprocessed, including data cleaning, coding, extraction and integration, and normalization. (3) Propos a deep learning-based intrusion detection model, AE-AlexNet, which uses Auto-Encoder AlexNet neural network. The experimental results of the intrusion detection data set KDD 99 show that the accuracy of the AE-AlexNet, model is as high as 94.32%.

S. Pavithra,K. Venkata Vikas

DOI: https://doi.org/10.1109/access.2024.3405187

IF: 3.9

2024-05-31

IEEE Access

Abstract:The growth of cyber threats demands a robust and adaptive intrusion detection system (IDS) capable of effectively recognizing malicious activities from network traffic. However, the existing imbalance of class in network data possesses a significant challenge to traditional IDS. To overcome these challenges, this project proposes a novel hybrid Intrusion Detection System using machine learning algorithms, which includes XGBoost, Long Short-Term Memory (LSTM), Mini-VGGNet, and AlexNet, which is used to handle the unbalanced network traffic data. Furthermore, the Random Forest Regressor is used to ascertain the importance of features for enhancing detection accuracy and interpretability. Addressing the inherent class imbalance in network data is crucial for ensuring the IDS's effectiveness. The proposed system employs a combination of oversampling techniques for minority classes and under sampling techniques for majority classes during data preprocessing. This balanced representation of network traffic data helps prevent the IDS from being biased towards the majority class and improves its ability to detect rare or novel intrusions. The utilization of Random Forest Regressor for feature extraction serves a dual purpose. It helps identify the most relevant features within the network traffic data that contribute significantly to detecting intrusions. It enables the system to prioritize and focus on these important features during model training, thereby enhancing detection accuracy while reducing computational complexity. This research contributes to the ongoing efforts to mitigate cyber threats and safeguard critical network infrastructures.

computer science, information systems,telecommunications,engineering, electrical & electronic

Basharat Ahmad,Zhaoliang Wu,Yongfeng Huang,Sadaqat Ur Rehman

DOI: https://doi.org/10.1016/j.knosys.2024.112614

IF: 8.139

2024-10-21

Knowledge-Based Systems

Abstract:The Internet of Things (IoT) networks, which are defined by their interconnected devices and data streams are an expanding attack surface for cyber adversaries. Industrial Internet of Things (IIoT) is a subset of IoT and has significant importance in-terms of security. Robust intrusion detection systems (IDS) are essential for protecting these critical infrastructures. Our research suggests a novel approach to the detection of anomalies in IoT and IIoT networks that leverages the capabilities of deep transfer learning. Our methodology begins with the EdgeIIoT dataset, which serves as the basis for our data analysis. We convert the data into an appropriate image format to enable Convolutional Neural Network (CNN)-based processing. The hyper-parameters of individual machine learning models are subsequently optimized using a Random Search algorithm. This optimization phase optimizes the performance of each model by modifying the hyper-parameters that are unique to the learning algorithms. The performance of each model is meticulously assessed subsequent to hyper-parameter optimization. The top-performing models are subsequently, strategically selected and combined using the ensemble technique. The IDS scheme's overall detection accuracy and generalizability are improved by the integration of strengths from multiple models. The proposed scheme demonstrates significant effectiveness in identifying a broad spectrum of attacks, encompassing a total of 14 distinct attack types. This comprehensive detection capability contributes to a more secure and resilient IoT ecosystem. Furthermore, application of quantization to our best models reduces resource utilization significantly without compromising accuracy.

computer science, artificial intelligence

Geetha T V,Deepa A J,Mary Linda M

DOI: https://doi.org/10.1007/s10489-024-05505-y

IF: 5.3

2024-05-25

Applied Intelligence

Abstract:The Intrusion Detection System (IDS) distinguishes the harmful entries from the normal ones in network traffic data and aids in network security. Due to the emergence of new and unknown network-connected devices, a lot of modern systems were penetrated. As a result, it is critical to improve information security and to detect new cyber-attacks exploiting various application protocols such as Hyper Text Transfer Protocol (HTTP) and Domain Name System (DNS). Therefore, this paper introduced an Optimized Bidirectional Convolutional Neural Network and Long-Short term Memory (OBCLSTM) method to detect whether the protocol HTTP and DNS is attacked or not. Initially, the records are fed to data normalization and data encoding. After pre-processing, the vectors are fed to the OBCLSTM model. The Bidirectional Channel Pooling (BiCP) layer is used to learn behavior-based features (which show interactions among hosts based on ports, destinations and behavior) and flow-based features (which identify basic flows, such as IP addresses of source-destination and ports), which improves the accuracy of detecting malicious attacks. In the OBCLSTM model, the best hyper parameter configuration for Convolutional Neural Network (CNN) to learn features is tuned using Enhanced Red Fox Optimization (ERFO). Then, bidirectional long short-term memory (BiLSTM) is used to extract features in the time domain and has the ability to preserve the long-term of the information from historical context, allowing attackers to be detected early before causing widespread damage to networks. Finally, the fully connected layer utilizes these features to classify the network data as attacks (types of attacks) or normal. Tests are conducted on the NSL - KDD99, TUIDS, UNSW-NB15 and BoT-IoT datasets. The proposed OBCLSTM method attains better performance in terms of precision, accuracy, recall, and F-measure.

computer science, artificial intelligence

Abdulaziz Fatani,Mohamed Abd Elaziz,Abdelghani Dahou,Mohammed A. A. Al-Qaness,Songfeng Lu

DOI: https://doi.org/10.1109/access.2021.3109081

IF: 3.9

2021-01-01

IEEE Access

Abstract:The great advancements in communication, cloud computing, and the internet of things (IoT) have opened critical challenges in security. With these developments, cyberattacks are also rapidly growing since the current security mechanisms do not provide efficient solutions. Recently, various artificial intelligence (AI) based solutions have been proposed for different security applications, including intrusion detection. In this paper, we propose an efficient AI-based mechanism for intrusion detection systems (IDS) in IoT systems. We leverage the advancements of deep learnings and metaheuristics (MH) algorithms that approved their efficiency in solving complex engineering problems. We propose a feature extraction method using the convolutional neural networks (CNNs) to extract relevant features. Also, we develop a new feature selection method using a new variant of the transient search optimization (TSO) algorithm, called TSODE, using the operators of differential evolution (DE) algorithm. The proposed TSODE uses the DE to improve the process of balancing between exploitation and exploration phases. Furthermore, we use three public datasets, KDDCup-99, NSL-KDD, BoT-IoT, and CICIDS-2017 to assess the performance of the developed method, which achieved higher accuracy compared to several existing approaches.

Aysha Bibi,Gabriel Avelino Sampedro,Ahmad Almadhor,Abdul Rehman Javed,Tai-hoon Kim

DOI: https://doi.org/10.3390/technologies11050121

2023-01-01

Technologies

Abstract:Given the increasing frequency of network attacks, there is an urgent need for more effective network security measures. While traditional approaches such as firewalls and data encryption have been implemented, there is still room for improvement in their effectiveness. To effectively address this concern, it is essential to integrate Artificial Intelligence (AI)-based solutions into historical methods. However, AI-driven approaches often encounter challenges, including lower detection rates and the complexity of feature engineering requirements. Finding solutions to overcome these hurdles is critical for enhancing the effectiveness of intrusion detection systems. This research paper introduces a deep learning-based approach for network intrusion detection to overcome these challenges. The proposed approach utilizes various classification algorithms, including the AutoEncoder (AE), Long-short-term-memory (LSTM), Multi-Layer Perceptron (MLP), Linear Support Vector Machine (L-SVM), Quantum Support Vector Machine (Q-SVM), Linear Discriminant Analysis (LDA), and Quadratic Discriminant Analysis (QDA). To validate the effectiveness of the proposed approach, three datasets, namely IOT23, CICIDS2017, and NSL KDD, are used for experimentation. The results demonstrate impressive accuracy, particularly with the LSTM algorithm, achieving a 97.7% accuracy rate on the NSL KDD dataset, 99% accuracy rate on the CICIDS2017 dataset, and 98.7% accuracy on the IOT23 dataset. These findings highlight the potential of deep learning algorithms in enhancing network intrusion detection. By providing network administrators with robust security measures for accurate and timely intrusion detection, the proposed approach contributes to network safety and helps mitigate the impact of network attacks.

S. Kanumalli,L. K,Rajeswari A,Tejaswi M,Samyuktha P

DOI: https://doi.org/10.1109/ICAIS56108.2023.10073719

2023-02-02

Abstract:As cloud technologies are used more frequently, network intrusion detection systems are becoming increasingly well-liked. Due to ever-increasing network traffic and the regular emergence of new types of assaults, Network Intrusion Detection (NIDS) came into existence as a key aspect of network security and must be extremely effective. These kind of IDS systems employ either an anomaly detection system based on machine learning or a system for matching patterns. The False Positive Rate for pattern matching approaches is high, but AI/ML-based systems determine the possibility of an attack by identifying a metric or characteristic or a connection between a number of metrics or characteristics. The most popular models include KNN, SVM, and others, they only work on a small range of traits, are not very accurate, and have a high False Positive Rate. This study created a deep learning system to learn the temporal and spatial data properties using the advantages of CNN and Bidirectional LSTM. The system present in this paper is trained and analyzed using the openly available dataset NSL-KDD. The proposed model has a high rate of detection and a low incidence of false positives. A lot of cutting-edge Network Intrusion Detection systems that use Machine Learning/Deep Learning models perform better than the suggested model.

Engineering,Computer Science