A survey on Intrusion Detection System (IDS) and Internal Intrusion Detection and protection system (IIDPS)

Borkar, Amol; Donode, Akshay; Kumari, Anjali

doi:10.1109/icici.2017.8365277

Cited by 77 publications

(33 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…An attacker could falsify its IP address so that the IDS becomes unable to stop the intrusions to the network from taking place [22] which may reduce the attack detection efficiency. In [23], the authors presented the IDS as a combination of devices and software applications capable of detecting malicious activities and generating the corresponding report. In many cases, false positives reports are more frequent than actual threats [23].…”

Section: B Network Intrusion Detection Systemsmentioning

confidence: 99%

“…In [23], the authors presented the IDS as a combination of devices and software applications capable of detecting malicious activities and generating the corresponding report. In many cases, false positives reports are more frequent than actual threats [23]. So, the real attacks can slip through false reports or be ignored.…”

Section: B Network Intrusion Detection Systemsmentioning

confidence: 99%

See 1 more Smart Citation

TIDCS: A Dynamic Intrusion Detection and Classification System Based Feature Selection

et al. 2020

View full text Add to dashboard Cite

Machine learning techniques are becoming mainstream in intrusion detection systems as they allow real-time response and have the ability to learn and adapt. By using a comprehensive dataset with multiple attack types, a well-trained model can be created to improve the anomaly detection performance. However, high dimensional data present a significant challenge for machine learning techniques. Processing similar features that provide redundant information increases the computational time, which is a critical problem especially for users with constrained resources (battery, energy). In this paper, we propose two models for intrusion detection and classification scheme Trust-based Intrusion Detection and Classification System (TIDCS) and Trust-based Intrusion Detection and Classification System-Accelerated (TIDCS-A) for secure network. TIDCS reduces the number of features in the input data based on a new algorithm for feature selection. Initially, the features are grouped randomly to increase the probability of making them participating in the generation of different groups, and sorted based on their accuracy scores. Only the high ranked features are then selected to obtain a classification for any received packet from the nodes in the network, which is saved as part of the node's past performance. TIDCS proposes a periodic system cleansing where trust relationships between participant nodes are evaluated and renewed periodically. TIDCS-A proposes a dynamic algorithm to compute the exact time for nodes cleansing states and restricts the exposure window of the nodes. The final classification decision for both models is estimated by incorporating the node's past behavior with the machine learning algorithm. Any detected attack reduces the trustworthiness of the nodes involved, leading to a dynamic system cleansing. An evaluation of TIDCS and TIDCS-A using the NSL-KDD and UNSW datasets shows that both models can detect malicious behaviors providing higher accuracy, detection rates, and lower false alarm than state-of-art techniques. For instance, for UNSW dataset, the accuracy detection is 91% for TICDS, 83.47%by using online AODE, 88% for CADF, 90% for EDM, 90% for TANN and 69.6% for NB. Consequently, TICDS has better performance than the state of art techniques in terms of accuracy detection, while providing good detection and false alarm rates.

show abstract

Section: B Network Intrusion Detection Systemsmentioning

confidence: 99%

Section: B Network Intrusion Detection Systemsmentioning

confidence: 99%

TIDCS: A Dynamic Intrusion Detection and Classification System Based Feature Selection

et al. 2020

View full text Add to dashboard Cite

show abstract

“…1) Intrusion detection system (IDS): It monitors both external facing and internal systems to detect malicious activities [12]. It scans live traffics, contents on different systems, and system logs, and perform various data mining organization through Internet.…”

Section: Detection Defense Mechanismsmentioning

confidence: 99%

Challenges in Protecting Data for Modern Enterprises

Nur¹,

Kettani²

2020

JOEBM

View full text Add to dashboard Cite

“…The formula for the distance calculation is defined in the Equation (1) as: Fig.4. General Structure of Neural Networks (1) Using this formula, the steps for finding the clusters using the K-Means algorithm can be defined as:…”

Section: G K-means Algorithmmentioning

confidence: 99%

A Clustering Approach for Intrusion Detection with Big Data Processing on Parallel Computing Platform

Şahingöz

2019

Balkan Journal of Electrical and Computer Engineering

View full text Add to dashboard Cite

In recent years there is a growing number of attacks in the computer networks. Therefore, the use of a prevention mechanism is an inevitable need for security admins. Although firewalls are preferred as the first layer of protection, it is not sufficient for preventing lots of the attacks, especially from the insider attacks. Intrusion Detection Systems (IDSs) have emerged as an effective solution to these types of attacks. For increasing the efficiency of the IDS system, a dynamic solution, which can adapt itself and can detect new types of intrusions with a dynamic structure by the use of learning algorithms is mostly preferred. In previous years, some machine learning approaches are implemented in lots of IDSs. In the current position of artificial intelligence, most of the learning systems are transferred with the use of Deep Learning approaches due to its flexibility and the use of Big Data with high accuracy. In this paper, we propose a clustered approach to detect the intrusions in a network. Firstly, the system is trained with Deep Neural Network on a Big Data set by accelerating its performance with the use of CUDA architecture. Experimental results show that the proposed system has a very good accuracy rate and low runtime duration with the use of this parallel computation architecture. Additionally, the proposed system needs a relatively small duration for training the system

show abstract

A survey on Intrusion Detection System (IDS) and Internal Intrusion Detection and protection system (IIDPS)

Cited by 77 publications

References 6 publications

TIDCS: A Dynamic Intrusion Detection and Classification System Based Feature Selection

TIDCS: A Dynamic Intrusion Detection and Classification System Based Feature Selection

Challenges in Protecting Data for Modern Enterprises

A Clustering Approach for Intrusion Detection with Big Data Processing on Parallel Computing Platform

Contact Info

Product

Resources

About