A Machine Learning Approach for Improving the Performance of Network Intrusion Detection Systems

Azizan, Adnan Helmi; Mostafa, Salama A.; Foozy, Cik Feresa Mohd; Wahab, Mohd Helmy Abd; Mohammed, Mazin Abed; Khalaf, Bashar Ahmad

doi:10.33166/aetic.2021.05.025

Cited by 39 publications

(9 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The objective of anomaly detection is to use machine learning algorithms to classify anomalous and normal data. Generally, machine learning-based solutions work by analyzing huge amounts of data generated by network traffic, host processes and users to detect suspicious activities using efficient algorithms [15]. Earlier research has demonstrated success with machine learning-based algorithms for intrusion detection systems.…”

Section: Related Workmentioning

confidence: 99%

Intrusion Detection Based on Bidirectional Long Short-Term Memory with Attention Mechanism

Yang¹,

Tu²,

Ali³

et al. 2023

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

With the recent developments in the Internet of Things (IoT), the amount of data collected has expanded tremendously, resulting in a higher demand for data storage, computational capacity, and real-time processing capabilities. Cloud computing has traditionally played an important role in establishing IoT. However, fog computing has recently emerged as a new field complementing cloud computing due to its enhanced mobility, location awareness, heterogeneity, scalability, low latency, and geographic distribution. However, IoT networks are vulnerable to unwanted assaults because of their open and shared nature. As a result, various fog computing-based security models that protect IoT networks have been developed. A distributed architecture based on an intrusion detection system (IDS) ensures that a dynamic, scalable IoT environment with the ability to disperse centralized tasks to local fog nodes and which successfully detects advanced malicious threats is available. In this study, we examined the time-related aspects of network traffic data. We presented an intrusion detection model based on a twolayered bidirectional long short-term memory (Bi-LSTM) with an attention mechanism for traffic data classification verified on the UNSW-NB15 benchmark dataset. We showed that the suggested model outperformed numerous leading-edge Network IDS that used machine learning models in terms of accuracy, precision, recall and F1 score.

show abstract

Section: Related Workmentioning

confidence: 99%

Intrusion Detection Based on Bidirectional Long Short-Term Memory with Attention Mechanism

Yang¹,

Tu²,

Ali³

et al. 2023

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

show abstract

“…Authors have designed a worm hole detection technique in the ad-hoc on-demand distance vector routing (AODV) [100] which works using connectivity information of network. Algorithm is used during route discovery when route reply packet is received by sender [101][102][103][104][105][106]. Algorithm is started from destination point and detection process is run with neighbor nodes in elected path (shown in Fig.…”

Section: ) Energy Preserving Worm Hole Identification In Aodvmentioning

confidence: 99%

A Survey on Holes Problem in Wireless Underground Sensor Networks

Sharma¹,

Singh

Mohammed

et al. 2022

IEEE Access

Self Cite

View full text Add to dashboard Cite

The paper aims to put in the forefront a survey on the existing holes problem in the Wireless Underground Sensor Networks (WUSNs). Anomalies in wireless sensor networks can weaken the network by impeding their functionalities. These existing anomalies commonly known as holes may cause irreversible devastating problems and may prove fatal to humans. There can be a different kind of holes in the network such as coverage hole, routing hole, jamming hole, and sink/ worm hole, etc. This paper intends to discuss in entirely various holes problems in WUSNs, reasons behind their occurrence and different techniques to mitigate the issues. An efficient hole detection technique shall increase network lifetime, use lesser resources and give accurate results with zero false positive. To put a light on the present scenario, methods/ techniques used to cope with different types of holes have been discussed in detail, presenting their analysis, constraints, and advantages. Besides, it would also touch upon the comparative analysis in terms of soundness and limitations of these techniques. The study is concluded with future research directions.

show abstract

“…Some of these problems have already been solved with the incorporation of new techniques and technologies to DLPS, such as ML for document classification, the recent study [61] proposes a multilayer framework for insider threat detection based on a hybrid method composed of two predictive models with an accuracy level higher than 97%, another application of ML in data protection are network intrusion detection systems, which can be seen in studies [62], [63], [64]. DRM systems for tracking sensitive information outside the organization, biometric information for user identification, and context-based keys to determine the date, place and time of information access.…”

Section: Limitations Advances and Applicationsmentioning

confidence: 99%

Survey of Techniques on Data Leakage Protection and Methods to address the Insider threat

Montano

Aranda²,

Diaz³

et al. 2022

Cluster Comput

View full text Add to dashboard Cite

Data leakage is a problem that companies and organizations face every day around the world. Mainly the data leak caused by the internal threat posed by authorized personnel to manipulate confidential information. The main objective of this work is to survey the literature to detect the existing techniques to protect against data leakage and to identify the methods used to address the insider threat. For this, a literature review of scientific databases was carried out in the period from 2011 to 2022, which resulted in 42 relevant papers. It was obtained that from 2017 to date, 60% of the studies found are concentrated and that 90% come from conferences and publications in journals. Significant advances were detected in protection systems against data leakage with the incorporation of new techniques and technologies, such as machine learning, blockchain, and digital rights management policies. In 40% of the relevant studies, significant interest was shown in avoiding internal threats. The most used techniques in the analyzed DLP tools were encryption and machine learning.

show abstract

A Machine Learning Approach for Improving the Performance of Network Intrusion Detection Systems

Cited by 39 publications

References 15 publications

Intrusion Detection Based on Bidirectional Long Short-Term Memory with Attention Mechanism

Intrusion Detection Based on Bidirectional Long Short-Term Memory with Attention Mechanism

A Survey on Holes Problem in Wireless Underground Sensor Networks

Survey of Techniques on Data Leakage Protection and Methods to address the Insider threat

Contact Info

Product

Resources

About