An Analysis of Mechanisms for Making IDS Fault Tolerant

Kaur, Perminder; Rattan, Dhavleesh; Bhardwaj, Amit Kumar

doi:10.5120/563-745

Cited by 3 publications

(2 citation statements)

References 8 publications

(12 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our models have been trained to detect the 14 up-to-date and well-known type of attacks. Furthermore, fault tolerance can be achieved by adopting the majority voting technique [52]. The trained models of Random Forest, Bayesian Network, and LDA can be used in a majority voting-based intrusion detection system that can adapt fault tolerance.…”

Section: Fault Tolerancementioning

confidence: 99%

Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection

et al. 2019

View full text Add to dashboard Cite

The security of networked systems has become a critical universal issue that influences individuals, enterprises and governments. The rate of attacks against networked systems has increased dramatically, and the tactics used by the attackers are continuing to evolve. Intrusion detection is one of the solutions against these attacks. A common and effective approach for designing Intrusion Detection Systems (IDS) is Machine Learning. The performance of an IDS is significantly improved when the features are more discriminative and representative. This study uses two feature dimensionality reduction approaches: (i) Auto-Encoder (AE): an instance of deep learning, for dimensionality reduction, and (ii) Principle Component Analysis (PCA). The resulting low-dimensional features from both techniques are then used to build various classifiers such as Random Forest (RF), Bayesian Network, Linear Discriminant Analysis (LDA) and Quadratic Discriminant Analysis (QDA) for designing an IDS. The experimental findings with low-dimensional features in binary and multi-class classification show better performance in terms of Detection Rate (DR), F-Measure, False Alarm Rate (FAR), and Accuracy. This research effort is able to reduce the CICIDS2017 dataset’s feature dimensions from 81 to 10, while maintaining a high accuracy of 99.6% in multi-class and binary classification. Furthermore, in this paper, we propose a Multi-Class Combined performance metric C o m b i n e d M c with respect to class distribution to compare various multi-class and binary classification systems through incorporating FAR, DR, Accuracy, and class distribution parameters. In addition, we developed a uniform distribution based balancing approach to handle the imbalanced distribution of the minority class instances in the CICIDS2017 network intrusion dataset.

show abstract

Section: Fault Tolerancementioning

confidence: 99%

Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection

et al. 2019

View full text Add to dashboard Cite

show abstract

“…In this section, we review some interesting works in these areas. Kaur et al (2010) analysed and discussed one of the most challenging issues in the field of intrusion detection, which is the IDS' fault tolerance. For instance, they evaluated some of the widely used fault tolerance mechanisms, namely replication of software agents, employment of redundancy in processing elements, integrity checking for selfhealing, use of reconfigurable hardware and restructuring architectures, and fault detection using heartbeat messages in multi-agent systems.…”

Section: Related Workmentioning

confidence: 99%

A twofold self-healing approach for MANET survivability reinforcement

Mechtri

Tolba

Ghanemi

et al. 2017

IJIEI

View full text Add to dashboard Cite

Distributed systems are by nature fault-prone systems. The situation becomes more complex in the presence of intrusions that continue to grow in both number and severity, especially in open environments like MANET. In this paper, we present a twofold self-healing approach to reinforce MANET survivability. First, a fault-tolerant IDS is designed by replication of individual agents within MASID to ensure continuous supervision of the network. However, since not all intrusions are predictable, there might have some serious effects on the network before being detected and completely removed. For that, even if the implications of intrusions could be minimized by the intrusion detection system MASID, still the need for the recovery of altered or deleted data is a vital step to ensure the correct functioning of the network. For that, a recovery-oriented approach for a self-healing MANET is also presented. It is based on the ability of MASID-R to assess the damage caused by the detected intrusions and aimed at enabling the supervised network to heal itself of those faults and damages. Simulations using ns-2 have been performed to study the feasibility and prove the optimality of the proposed approach.

show abstract