Haifeng Lv,Xiaoyu Ji,Yong Ding

DOI: https://doi.org/10.1088/1742-6596/2517/1/012016

2023-01-01

Journal of Physics Conference Series

Abstract:The intrusion detection system (IDS) plays an important part because it offers an efficient way to prevent and mitigate cyber attacks. Numerous deep learning methods for intrusion anomaly detection have been developed as a result of recent advances in artificial intelligence (AI) in order to strengthen internet security. The balance among the high detection rate (DR), the low false alarm rate (FAR) and disaster of dimensionality is the crucial apprehension while devising an effective IDS. For the binary classification of intrusion detection systems, we present in this study a mixed model called K-means-XGBoost consisting of K-means and (Extreme Gradient Boosting, XGBoost) algorithms. The distributed computation of our method is achieved in Spark platform to rapidly separate normal events and anomaly events. In phrases of accuracy, DR, F1-score, recall, precision, and error indices FAR, the proposed model’s performance is measured via the well-known dataset of NSL-KDD. The experimental outcomes indicate that our method is outstandingly better among accuracy, DR, F1-score, training time, and processing speed, compared to other models which are recently created. In particular, the accuracy, F1-score, and DR of the proposed model can achieve as high as 93.28%, 94.39%, and 99.22% in the NSL-KDD dataset, respectively.

Mr. Abdul Khadar A,Modem Tharun Kumar,Sharath K N,Sukesh V N,Tejaswini K N

DOI: https://doi.org/10.48175/ijarsct-5052

2022-06-23

Abstract:In imbalanced network traffic, malicious cyber-attacks can often hide in large amounts of normal data. It exhibits a high degree of stealth and obfuscation in cyberspace, making it difficult for Network Intrusion Detection System (NIDS) to ensure the accuracy and timeliness of detection. This paper researches machine learning and deep learning for intrusion detection in imbalanced network traffic. It proposes a novel Difficult Set Sampling Technique (DSSTE) algorithm to tackle the class imbalance problem. First, use the Edited Nearest Neighbor (ENN) algorithm to divide the imbalanced training set into the difficult set and the easy set. Next, use the K- Means algorithm to compress the majority samples in the difficult set to reduce the majority. Zoom in and out the minority samples’ continuous attributes in the difficult set synthesize new samples to increase the minority number. Finally, the easy set, the compressed set of majority in the difficult, and the minority in the difficult set are combined with its augmentation samples to make up a new training set. The algorithm reduces the imbalance of the original training set and provides targeted data augment for the minority class that needs to learn. It enables the classifier to learn the differences in the training stage better and improve classification performance. To verify the proposed method, we conduct experiments on the classic intrusion dataset NSL-KDD. We use classical classification models: random forest(RF), Support Vector Machine (SVM), XGBoost, Long and Short- term Memory (LSTM), Adaboost, AlexNet, Mini- VGGNet.

Guezzaz, Azidine

DOI: https://doi.org/10.1007/s11042-023-14795-2

IF: 2.577

2023-02-19

Multimedia Tools and Applications

Abstract:The Internet of Things (IoT) interconnects billions of sensors and actuators to serve a meaningful purpose. However, it is always vulnerable to various menaces. Thus, IoT security represents a big concern in the research field. Various tools were developed to mitigate these security issues. So, Intrusion detection systems (IDS) have gained much attention in the research community due to their critical role in maintaining network security. In this work, we integrate a network IDS (NIDS) to enhance IoT security. This paper presents a network intrusion detection model for IoT environments using a K-Nearest Neighbors (K-NN) classifier and feature selection. We built the NIDS using the K-NN algorithm to improve the IDS accuracy (ACC) and detection rate (DR). Furthermore, the principal component analysis (PCA), univariate statistical test, and genetic algorithm (GA) are used for feature selection separately to improve the data quality and select the ten best performing features. The performance evaluation of our model is performed on the Bot-IoT dataset. After applying the feature selection, the models have shown promising results regarding ACC, DR, false alarm rate (FAR), and predicting time. Our proposed model provided 99.99% ACC and maintained its superior performance for the ten selected features. Furthermore, we calculated the prediction time, as we consider it critical in building IDS for IoT, and by applying feature selection, we reduced it significantly from 51,182.22 s to under a minute. This novel model presents many advantages and reliable performances compared with previous models relying on the same dataset.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Roy, Kaushik,Kelly, John,Olusola, Odeyomi

DOI: https://doi.org/10.1007/s43926-023-00034-5

2023-05-31

Discover Internet of Things

Abstract:Internet-of-Things (IoT) connects various physical objects through the Internet and it has a wide application, such as in transportation, military, healthcare, agriculture, and many more. Those applications are increasingly popular because they address real-time problems. In contrast, the use of transmission and communication protocols has raised serious security concerns for IoT devices, and traditional methods such as signature and rule-based methods are inefficient for securing these devices. Hence, identifying network traffic behavior and mitigating cyber attacks are important in IoT to provide guaranteed network security. Therefore, we develop an Intrusion Detection System (IDS) based on a deep learning model called Pearson-Correlation Coefficient - Convolutional Neural Networks (PCC-CNN) to detect network anomalies. The PCC-CNN model combines the important features obtained from the linear-based extractions followed by the Convolutional Neural Network. It performs a binary classification for anomaly detection and also a multiclass classification for various types of attacks. The model is evaluated on three publicly available datasets: NSL-KDD, CICIDS-2017, and IOTID20. We first train and test five different (Logistic Regression, Linear Discriminant Analysis, K Nearest Neighbour, Classification and Regression Tree,& Support Vector Machine) PCC-based Machine Learning models to evaluate the model performance. We achieve the best similar accuracy from the KNN and CART model of 98%, 99%, and 98%, respectively, on the three datasets. On the other hand, we achieve a promising performance with a better detection accuracy of 99.89% and with a low misclassification rate of 0.001 with our proposed PCC-CNN model. The integrated model is promising, with a misclassification rate (or False alarm rate) of 0.02, 0.02, and 0.00 with Binary and Multiclass intrusion detection classifiers. Finally, we compare and discuss our PCC-CNN model in comparison to five traditional PCC-ML models. Our proposed Deep Learning (DL)-based IDS outperforms traditional methods.

Rohith Vallabhaneni, Srinivas A Vaddadi, Abhilash Maroju, Sravanthi Dontu

DOI: https://doi.org/10.17762/ijritcc.v11i9s.9491

2023-08-31

International Journal on Recent and Innovation Trends in Computing and Communication

Abstract:The process of analysing and improving network traffic is of tremendous relevance to network management and multimedia data mining techniques. Security in Software Defined Networks (SDNs), which rely on a programmable controller in the middle, has recently emerged as the most challenging aspect of SDNs. Network traffic monitoring is critical for detecting and exposing intrusion anomalies in an SDN context. Thus, this study offers a thorough assessment of the NSL-KDD dataset using five separate clustering algorithms: K-means, Farthest First, Canopy, Density-based method, and Exception-maximization (EM). The software used to conduct the comparisons is the Waikato Environment for Knowledge Analysis (WEKA). In addition, the article introduces a knowledge discovery in databases (KDD)–based deep learning (DL) model for intrusion detection that is SDN-based. Initially, the dataset that is being used is clustered into four main attack types and one normal category. We will next go over the steps necessary to build a deep learning intrusion detection system that is based on SDN. The results provide an objective assessment of the several attack types present in the KDD dataset. Just like other methods, the results demonstrate that the proposed deep learning strategy provides better intrusion detection performance. As an illustration, the tested dataset demonstrates a detection accuracy of 94.21% when using the suggested approach.

Wenchao Li,Ping Yi,Yue Wu,Li Pan,Jianhua Li

DOI: https://doi.org/10.1155/2014/240217

2014-01-01

Journal of Electrical and Computer Engineering

Abstract:The Internet of Things has broad application in military field, commerce, environmental monitoring, and many other fields. However, the open nature of the information media and the poor deployment environment have brought great risks to the security of wireless sensor networks, seriously restricting the application of wireless sensor network. Internet of Things composed of wireless sensor network faces security threats mainly from Dos attack, replay attack, integrity attack, false routing information attack, and flooding attack. In this paper, we proposed a new intrusion detection system based on K -nearest neighbor ( K -nearest neighbor, referred to as KNN below) classification algorithm in wireless sensor network. This system can separate abnormal nodes from normal nodes by observing their abnormal behaviors, and we analyse parameter selection and error rate of the intrusion detection system. The paper elaborates on the design and implementation of the detection system. This system has achieved efficient, rapid intrusion detection by improving the wireless ad hoc on-demand distance vector routing protocol (Ad hoc On-Demand Distance the Vector Routing, AODV). Finally, the test results show that: the system has high detection accuracy and speed, in accordance with the requirement of wireless sensor network intrusion detection.

Krishna Kumar Ponniah,Bharathi Retnaswamy

DOI: https://doi.org/10.3233/jifs-223437

2023-07-01

Abstract:The internet of things (IoT) has significantly influenced day-to-day life in large industrial systems. The Internet of Things (IoT) offers a platform for information systems to integrate effectively with network servers. In contrast, cyber threats are becoming critical, especially for IoT servers. A strong strategy must be in place to protect the network system from multiple attacks. In order to detect malicious behaviors that deteriorate network performance, an intrusion detection system (IDS) is crucial. An IDS use a detection method to monitor network activity to alert IoT users regularly. This paper proposes a novel IDS for IoT using log-sigmoid kernel principal component analysis (LSK-PCA) and activation updated deep feed-forward neural network (AU-DFFNN) based dimensionality reduction (DR) and classification technique. Initially, the input data is taken from the NSLKDD dataset and undergoes pre-processing. Afterwards, attribute extraction is carried out, followed by Fisher's Yates Adapted Golden Eagle Optimizer (FY-GEO) based feature selection. Then, DR of the feature selected data is done using the LSK-PCA model. Finally, the reduced dataset is given as an input to the classifier for classifying the data as attacked and normal data. As a final point, experimental analysis is performed using performance metrics like precision (PR), recall (RC), f-score (FS), accuracy (AC), false alarm rate (FAR) and computational time (CT). The results proved that the proposed work detects intrusion effectively compared to state-of-art techniques.

Aisha Ibrahim Gide,Abubakar Aminu Mu’azu

DOI: https://doi.org/10.58496/bjiot/2024/008

2024-07-05

Abstract:As more devices are connected to the Internet through the Internet of Things (IoT), there are huge security challenges. One of the major problems is Distributed Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. These attacks floods networks with useless traffic, disrupting IoT services. There is a need for better security measures to handle this. Intrusion Detection Systems (IDS) is used to find suspicious activities, but many of them can't keep up with new types of attacks in real time. This study focuses on creating an efficient real time hybrid framework that uses the Kth Nearest Neighbor (KNN) algorithm and dense neural networks. This proposed framework aims to identify and categorize DoS/DDoS attacks in real time through the utilization of a simulation model and MQTT-IoT-IDS2020 dataset and compared with existing frameworks, our proposed framework excels in accuracy, precision, and recall.

Muhammad Zawad Mahmud,Samiha Islam,Shahran Rahman Alve,Al Jubayer Pial

2024-12-04

Abstract:An application of software known as an Intrusion Detection System (IDS) employs machine algorithms to identify network intrusions. Selective logging, safeguarding privacy, reputation-based defense against numerous attacks, and dynamic response to threats are a few of the problems that intrusion identification is used to solve. The biological system known as IoT has seen a rapid increase in high dimensionality and information traffic. Self-protective mechanisms like intrusion detection systems (IDSs) are essential for defending against a variety of attacks. On the other hand, the functional and physical diversity of IoT IDS systems causes significant issues. These attributes make it troublesome and unrealistic to completely use all IoT elements and properties for IDS self-security. For peculiarity-based IDS, this study proposes and implements a novel component selection and extraction strategy (our strategy). A five-ML algorithm model-based IDS for machine learning-based networks with proper hyperparamater tuning is presented in this paper by examining how the most popular feature selection methods and classifiers are combined, such as K-Nearest Neighbors (KNN) Classifier, Decision Tree (DT) Classifier, Random Forest (RF) Classifier, Gradient Boosting Classifier, and Ada Boost Classifier. The Random Forest (RF) classifier had the highest accuracy of 99.39%. The K-Nearest Neighbor (KNN) classifier exhibited the lowest performance among the evaluated models, achieving an accuracy of 94.84%. This study's models have a significantly higher performance rate than those used in previous studies, indicating that they are more reliable.

Cryptography and Security,Machine Learning

Sridhar Patthi,Sugandha Singh,Ila Chandana Kumari P

DOI: https://doi.org/10.1007/s11042-023-17781-w

IF: 2.577

2024-01-07

Multimedia Tools and Applications

Abstract:The proliferation of wireless networks as a primary data transmission channel has brought about a surge in data volume but also raised security threats and privacy concerns. Intrusion Detection Systems (IDS) have proven effective in safeguarding data transmission, yet they struggle to detect minor or rare attacks that mimic normal traffic. To address this challenge, we propose a novel two-layer classification model integrating K-nearest neighbor (KNN) and support vector machines (SVMs). In the first layer, KNN classifies data into Normal, Major, and Minor Attack categories, while the second layer further distinguishes Major Attacks into DoS or Probe and Minor Attacks into U2R or R2. Our framework incorporates Common Correlated Feature Selection (CCFS) to optimize feature discrimination, partitioning training data into three groups. Furthermore, we explore data preprocessing techniques to enhance data interpretation and maintain statistical normalcy in traffic connection features. Our experimental analysis utilizes the NSL-KDD dataset, demonstrating that our approach significantly improves detection rates, particularly for Minor Attacks, achieving a remarkable 92.33% detection rate for U2R and 91.33% for R2L attacks. This represents a substantial 10% enhancement over existing methods, outperforming Multi-Layer Perceptron (MLP) by 13.23%, Random Forest (RF) by 10.11%, J48- Decision Tree (DT) by 9.23%, and Naïve Bayes (NB) by 9.42% and 8.17% in terms of detection rates. These results underscore the effectiveness of our approach in enhancing intrusion detection performance.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Neeraj Kumar,Sanjeev Sharma

DOI: https://doi.org/10.3390/electronics12194050

IF: 2.9

2023-09-27

Electronics

Abstract:With the exponentially evolving trends in technology, IoT networks are vulnerable to serious security issues, allowing intruders to break into networks without authorization and manipulate the data. Their actions can be recognized and avoided by using a system that can detect intrusions. This paper presents a hybrid intelligent system and inverted hour-glass-based layered network classifier for feature selection and classification processes, respectively. To accomplish this task, three different datasets have been utilized in the proposed model for identifying old and new attacks. Moreover, a hybrid optimization feature selection technique has been implemented for selecting only those features that can enhance the accuracy of the detection rate. Finally, the classification is performed by using the inverted hour-glass-based layered network model in which data are up-sampled with the increase in the number of layers for effective training. Data up-sampling is performed when small subset of datapoints are observed for any class, which in turn helps in improving the accuracy of the proposed model. The proposed model demonstrated an accuracy of 99.967%, 99.567%, and 99.726% for NSL-KDD, KDD-CUP99, and UNSW NB15 datasets, respectively, which is significantly better than the traditional CNID model. These results demonstrate that our model can detect different attacks with high accuracy and is expected to show good results for new datasets as well. Additionally, to reduce the computational cost of the proposed model, we have implemented it on CPU-based core i3 processors, which are much cheaper than GPU processors.

engineering, electrical & electronic,computer science, information systems,physics, applied

Arushi Agarwal,Purushottam Sharma,Mohammed Alshehri,Ahmed A. Mohamed,Osama Alfarraj

DOI: https://doi.org/10.7717/peerj-cs.437

2021-04-07

PeerJ Computer Science

Abstract:In today’s cyber world, the demand for the internet is increasing day by day, increasing the concern of network security. The aim of an Intrusion Detection System (IDS) is to provide approaches against many fast-growing network attacks (e.g., DDoS attack, Ransomware attack, Botnet attack, etc.), as it blocks the harmful activities occurring in the network system. In this work, three different classification machine learning algorithms—Naïve Bayes (NB), Support Vector Machine (SVM), and K-nearest neighbor (KNN)—were used to detect the accuracy and reducing the processing time of an algorithm on the UNSW-NB15 dataset and to find the best-suited algorithm which can efficiently learn the pattern of the suspicious network activities. The data gathered from the feature set comparison was then applied as input to IDS as data feeds to train the system for future intrusion behavior prediction and analysis using the best-fit algorithm chosen from the above three algorithms based on the performance metrics found. Also, the classification reports (Precision, Recall, and F1-score) and confusion matrix were generated and compared to finalize the support-validation status found throughout the testing phase of the model used in this approach.

computer science, information systems, artificial intelligence, theory & methods

N. D. Patel,B. M. Mehtre,Rajeev Wankar

DOI: https://doi.org/10.1007/s10207-023-00792-x

2024-04-26

International Journal of Information Security

Abstract:An intrusion detection system (IDS) is a system that monitors network traffic for malicious activity and generates alerts. In anomaly-based detection, machine learning (ML) algorithms exploit various statistical and probabilistic methods to learn from past or historical experience and detect valuable patterns from large, unstructured, and complex datasets. ML-based network intrusion detection aims to identify malicious behavior and alert a system administrator when an intruder tries to penetrate the network. This paper deals with the study, strategic construction, and implementation of a network intrusion detection model based on ML methods. Among the available IDS datasets, five of the most relevant are chosen for the experimental analysis, which are NSL-KDD-2009, CIC-IDS2017, CIC-IDS2018, IoTID20, and UNSW-NB15 datasets. In order to reduce the computation time in the training sample and achieve computational complexity , we propose a computationally efficient and feasible algorithmic framework for analyzing the network traffic data. The developed approach mainly consists of two phases, i.e., "Scatter Matrices and Eigenvalue Computation based feature Selection" and "Classification procedure for the reduced dimension data." Experimental evaluation of various test case scenarios for the chosen datasets is carried out in the simulation setting. It is observed that the test results outperform the existing intrusion detection methods for detecting certain attack categories.

computer science, information systems, theory & methods, software engineering

Peiyu Li,Hui Wang,Guo Tian,Zhihui Fan

DOI: https://doi.org/10.3390/s24154766

2024-07-23

Abstract:Maintaining security in communication networks has long been a major concern. This issue has become increasingly crucial due to the emergence of new communication architectures like the Internet of Things (IoT) and the advancement and complexity of infiltration techniques. For usage in networks based on the Internet of Things, previous intrusion detection systems (IDSs), which often use a centralized design to identify threats, are now ineffective. For the resolution of these issues, this study presents a novel and cooperative approach to IoT intrusion detection that may be useful in resolving certain current security issues. The suggested approach chooses the most important attributes that best describe the communication between objects by using Black Hole Optimization (BHO). Additionally, a novel method for describing the network's matrix-based communication properties is put forward. The inputs of the suggested intrusion detection model consist of these two feature sets. The suggested technique splits the network into a number of subnets using the software-defined network (SDN). Monitoring of each subnet is done by a controller node, which uses a parallel combination of convolutional neural networks (PCNN) to determine the presence of security threats in the traffic passing through its subnet. The proposed method also uses the majority voting approach for the cooperation of controller nodes in order to more accurately detect attacks. The findings demonstrate that, in comparison to the prior approaches, the suggested cooperative strategy can detect assaults in the NSLKDD and NSW-NB15 datasets with an accuracy of 99.89 and 97.72 percent, respectively. This is a minimum 0.6 percent improvement.

Sudhanshu Sekhar Tripathy,Bichitrananda Behera

2023-10-01

Abstract:The escalation of hazards to safety and hijacking of digital networks are among the strongest perilous difficulties that must be addressed in the present day. Numerous safety procedures were set up to track and recognize any illicit activity on the network's infrastructure. IDS are the best way to resist and recognize intrusions on internet connections and digital technologies. To classify network traffic as normal or anomalous, Machine Learning (ML) classifiers are increasingly utilized. An IDS with machine learning increases the accuracy with which security attacks are detected. This paper focuses on intrusion detection systems (IDSs) analysis using ML techniques. IDSs utilizing ML techniques are efficient and precise at identifying network assaults. In data with large dimensional spaces, however, the efficacy of these systems degrades. correspondingly, the case is essential to execute a feasible feature removal technique capable of getting rid of characteristics that have little effect on the classification process. In this paper, we analyze the KDD CUP-'99' intrusion detection dataset used for training and validating ML models. Then, we implement ML classifiers such as Logistic Regression, Decision Tree, K-Nearest Neighbour, Naive Bayes, Bernoulli Naive Bayes, Multinomial Naive Bayes, XG-Boost Classifier, Ada-Boost, Random Forest, SVM, Rocchio classifier, Ridge, Passive-Aggressive classifier, ANN besides Perceptron (PPN), the optimal classifiers are determined by comparing the results of Stochastic Gradient Descent and back-propagation neural networks for IDS, Conventional categorization indicators, such as "accuracy, precision, recall, and the f1-measure, have been used to evaluate the performance of the ML classification algorithms.

Cryptography and Security

Gaoyuan Liu,Huiqi Zhao,Fang Fan,Gang Liu,Qiang Xu,Shah Nazir

DOI: https://doi.org/10.3390/s22041407

IF: 3.9

2022-02-11

Sensors

Abstract:Aiming at the intrusion detection problem of the wireless sensor network (WSN), considering the combined characteristics of the wireless sensor network, we consider setting up a corresponding intrusion detection system on the edge side through edge computing. An intrusion detection system (IDS), as a proactive network security protection technology, provides an effective defense system for the WSN. In this paper, we propose a WSN intelligent intrusion detection model, through the introduction of the k-Nearest Neighbor algorithm (kNN) in machine learning and the introduction of the arithmetic optimization algorithm (AOA) in evolutionary calculation, to form an edge intelligence framework that specifically performs the intrusion detection when the WSN encounters a DoS attack. In order to enhance the accuracy of the model, we use a parallel strategy to enhance the communication between the populations and use the Lévy flight strategy to adjust the optimization. The proposed PL-AOA algorithm performs well in the benchmark function test and effectively guarantees the improvement of the kNN classifier. We use Matlab2018b to conduct simulation experiments based on the WSN-DS data set and our model achieves 99% ACC, with a nearly 10% improvement compared with the original kNN when performing DoS intrusion detection. The experimental results show that the proposed intrusion detection model has good effects and practical application significance.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Suguna Marappan,Bhavadharini Murugeshan,C. U. Om Kumar,V. Mercy Rajaselvi Beaulah

DOI: https://doi.org/10.1007/s11277-022-10155-9

IF: 2.017

2022-12-25

Wireless Personal Communications

Abstract:In communication and information technology, the Internet of Things (IoT) creates an enormous amount of data traffic that permits data analysis to expose and detect unusual network load and hidden trends. There are different existing DL (Deep Learning) classification methods applied for IDM (Intrusion Detection Model) detection, but it has some limitations, such as being difficult for security and more complex. In order to overcome these problems, the proposed work used the DL based RK.CNN-MMBO (Recurrent Kernel Convolution Neural Network-Modified Monarch Butterfly Optimization) model to identify the attacks in the network. In the pre-processing stage, the data are pre-processed by min_max normalization. After pre-processing, the optimal features are selected by the IBRO (Improved Battle Royale Optimization) algorithm. Then the selected features are classified using the DL classifier RKCNN (Recurrent kernel convolutional neural network). Moreover, MMBO (Modified Monarch Butterfly Optimization) improves the classifier's performance in attack detection. The proposed work used two different types of datasets for experimental validation, N-BaIoT and CICIDS-2017. The proposed IDM classification using the N-BaIoT dataset with the RKCNN-MMBO model attains the accuracy of (99.96%), and the CICIDS-2017 dataset with the RKCNN-MMBO model obtains the accuracy value of (99.95%). The proposed RKCNN-MMBO classifier model obtained higher accuracy in the detection of IDM than other methods.

telecommunications

Ch.Kodanda Ramu,T. Srinivasa Rao,E. Uma Shankar Rao

DOI: https://doi.org/10.1007/s11042-024-18558-5

IF: 2.577

2024-02-20

Multimedia Tools and Applications

Abstract:In recent times, network-based applications have rapidly grown in the field of information and communication technology(ICT), which enables individuals and organizations to connect and share their sensitive information seamlessly. The security of these network-based applications is imperative to avoid cyber-attacks during the exchange of sensitive information. The identification of anomalies in network events can be highly challenging due to the complex nature of traffic flows. To solve the challenges, network intrusion detection system (NIDS) technology is used; any network can profit from this system because it can monitor traffic and detect any irregularities. The existing NIDS systems driven by machine learning models do not provide sufficient ability to handle heterogeneous data and realize performance degradation while detecting some types of attacks. Therefore, this paper proposes an innovative meta-heuristic optimization and deep learning-based methodology for improving the performance of NIDS systems. Initially, the raw captured traffic data is fed into the pre-processing phase to attain data standardization and data balancing. Further, an extended Pelican Optimization algorithm (Ex-Pel) is employed to select the set of features from the pre-processed data optimally. Finally, the Self-Attention Assisted Weighted Auto Encoder (SAttn_WAE) is executed to detect the attacks precisely through the set of optimal features. The execution of the proposed methodology is carried out in the Python platform, and performance evaluation is done using accuracy, precision, recall, FAR, and F1-score metrics. The proposed model achieved an accuracy of 99.23%, precision of 99.78%, FAR of 0.67%, recall of 99.13%, and F1-score of 99.32%, which is comparatively better than existing models.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

I. Sumaiya Thaseen,J. Saira Banu,K. Lavanya,Muhammad Rukunuddin Ghalib,Kumar Abhishek

DOI: https://doi.org/10.1002/ett.4014

IF: 3.6

2020-06-08

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Serious concerns regarding vulnerability and security have been raised as a result of the constant growth of computer networks. Intrusion detection systems (IDS) have been adopted by network administrators to provide essential network security. Commercial IDS in the market do not have the capability to identify novel attacks but generate false alarms for legitimate user activities. Neural networks can be applied for the solution of these issues and for providing improved accuracy. Correlation‐based attribute selection ranks the features according to the highest correlation between the attributes and class label. In this article, the authors propose a correlation‐based feature selection integrated with neural network for identifying anomalies. Experimental analysis performed on NSL‐KDD and UNSW‐NB datasets, which are benchmark datasets of intrusion detection with current attacks. The results show that the proposed model is superior in terms of accuracy, sensitivity, and specificity in comparison with some of the state‐of‐the‐art techniques. With the emergence of the Internet of Things Technology, such IDS can be deployed for securing the IoT servers in future. Wireless payment systems can be secured by building and deploying IDS. A secure integrated network management can be achieved which is error‐free and thereby improving performance.</p>

telecommunications

Salwa Elsayed,Khalil Mohamed,Mohamed Ashraf Madkour

DOI: https://doi.org/10.1109/access.2024.3389096

IF: 3.9

2024-05-03

IEEE Access

Abstract:This study introduces a deep learning approach for network intrusion detection (NIDS), which excels in both binary and multi-classification tasks. This approach combines the strengths of six distinct deep learning algorithms: DNN, CNN, RNN, LSTM, GRU, and a Hybrid CNN-LSTM architecture. The NSL-KDD dataset, a widely recognized benchmark for intrusion detection research, was utilized for implementation and evaluation. In binary classification, the approach demonstrates exceptional capabilities, with the GRU approach outperforming others. Similarly, the DNN, LSTM, CNN, and RNN approaches exhibit robust performance, showcasing their efficacy in detecting anomalies within network data. In the multi-classification setting, the DNN approach stands out with outstanding performance. While other approaches, including RNN, CNN, LSTM, GRU, and the Hybrid CNN-LSTM approach, also maintain commendable results, the DNN approach proves to be the most effective in handling complex network patterns. This research provides valuable insights into the application of deep learning approaches using the NSL-KDD dataset for network anomaly detection, emphasizing their versatility and reliability across different classification scenarios. The findings lay the groundwork for further exploration and utilization of deep learning methodologies in enhancing network security.

computer science, information systems,telecommunications,engineering, electrical & electronic