This paper proposes a novel intrusion detection system (IDS) that combines different classifier approaches which are based on decision tree and rules-based concepts, namely, REP Tree, JRip algorithm and Forest PA. Specifically, the first and second method take as inputs features of the data set, and classify the network traffic as Attack/Benign. The third classifier uses features of the initial data set in addition to the outputs of the first and the second classifier as inputs. The experimental results obtained by analyzing the proposed IDS using the CICIDS2017 dataset, attest their superiority in terms of accuracy, detection rate, false alarm rate and time overhead as compared to state of the art existing schemes.
This paper proposes a novel intrusion detection system (IDS), named RDTIDS, for Internet-of-Things (IoT) networks. The RDTIDS combines different classifier approaches which are based on decision tree and rules-based concepts, namely, REP Tree, JRip algorithm and Forest PA. Specifically, the first and second method take as inputs features of the data set, and classify the network traffic as Attack/Benign. The third classifier uses features of the initial data set in addition to the outputs of the first and the second classifier as inputs. The experimental results obtained by analyzing the proposed IDS using the CICIDS2017 dataset and BoT-IoT dataset, attest their superiority in terms of accuracy, detection rate, false alarm rate and time overhead as compared to state of the art existing schemes.
In this paper, we review the state of the art of privacy-preserving schemes for ad hoc social networks, including, mobile social networks (MSNs) and vehicular social networks (VSNs). Specifically, we select and in-detail examine thirty-three privacypreserving schemes developed for or applied in the context of ad hoc social networks. These schemes are published between 2008 and 2016. Based on this existing privacy preservation schemes, we survey privacy preservation models, including location privacy, identity privacy, anonymity, traceability, interest privacy, backward privacy, and content oriented privacy. The recent important attacks of leaking privacy, countermeasures, and game theoretic approaches in VSNs and MSNs are summarized in form of tables. In addition, an overview of recommendations for further research is also provided. With this survey, readers can have a more thorough understanding of research trends in privacy-preserving schemes for ad hoc social networks.
Intrusion detection system (IDS) represents an unavoidable tool to secure our network. It is considered as a second defense line against the different form of attacks. The principal limits of the current IDSs are their inability to combine the detection of the new form of attacks with high detection rate and low false alarm rate. In this paper, we propose an intrusion detection system based on the combination of the probability predictions of a tree of classifiers. Specifically, our model is composed of 2 layers. The first one is a tree of classifiers. The second layer is a classifier that combines the probability predictions of the tree.The built tree contains 4 levels where each node of this tree represents a classifier. The first node classifies the connections in 2 clusters: Denial of Service attacks and Cluster 2. Then, the second node classifies the connections of the Cluster 2 in Probing attacks and Cluster 3. The third node classifies the connections of the Cluster 3 in Remote-to-Local attacks and Cluster 4. Finally, the last node classifies the connections of the Cluster 4 in User-to-Root attacks and Normal connections. The second layer contains the last classifier that combines the probability predictions of the first layer and take the final decision. The experiments on KDD'99 and NSL-KDD show that our model gives a low false alarm rate and the highest detection rate. Furthermore, our model is more precise than the recent intrusion detection system models with accuracy equal to 96.27% for KDD'99 and 89.75% for NSL-KDD.
KEYWORDScomputer security, data mining, hybrid IDS, hierarchical IDS, intrusion detection system, IDS, network security Int J Commun Syst. 2018;31:e3547.wileyonlinelibrary.com/journal/dac
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.