Anomaly Detection based on Machine Learning Dimensionality Reduction using PCA and Classification using SVM

George, Annie

doi:10.5120/7470-0475

Cited by 70 publications

(33 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Vajiheh Hajisalem et al propose a hybrid classification method based on artificial bee colony (ABC) and artificial fish swarm (AFS) algorithm [16], using fuzzy C-means clustering (FCM) and correlation-based feature selection (CFS) techniques for training data. George et al apply SVM and PCA to anomaly detection of network data [17]. It is proved that PCA can effectively improve classification effect of SVM and increase model training speed.…”

Section: Related Workmentioning

confidence: 99%

“…Basic Features state(1), dur(2), sbytes(3), dbytes(4), sttl(5), dttl (6), sloss (7), dloss (8), service (9), sload (10), dload (11), spkts (12), dpkts (13) Content Features swin (14), dwin (15), stcpb (16), dtcpb (17), smeansz (18), dmeansz (19), trans depth (20), res bdy len (21) Time Features sjit (22), djit (23), stime (24), ltime (25), sintpkt (26), dintpkt (27), tcprtt (28), synack (29), ackdat (30) Additional Generated Features is sm ips ports(31), ct state ttl(32), ct flw http mthd(33), is ftp login(34), ct ftp cmd(35), ct srv src(36), ct srv dst(37), ct dst ltm(38), ct src ltm(39), ct src dport ltm(40), ct dst sport ltm(41), ct dst src ltm(42) 8,9,10,12,13,17,19,20,22,24,25,26,27,28,29,30,34,35,38 20 Shellcode 3,4,5,…”

Section: Classmentioning

confidence: 99%

See 1 more Smart Citation

Building an Effective Intrusion Detection System by Using Hybrid Data Optimization Based on Machine Learning Algorithms

Ren

Guo

Wang

et al. 2019

Security and Communication Networks

View full text Add to dashboard Cite

Intrusion detection system (IDS) can effectively identify anomaly behaviors in the network; however, it still has low detection rate and high false alarm rate especially for anomalies with fewer records. In this paper, we propose an effective IDS by using hybrid data optimization which consists of two parts: data sampling and feature selection, called DO_IDS. In data sampling, the Isolation Forest (iForest) is used to eliminate outliers, genetic algorithm (GA) to optimize the sampling ratio, and the Random Forest (RF) classifier as the evaluation criteria to obtain the optimal training dataset. In feature selection, GA and RF are used again to obtain the optimal feature subset. Finally, an intrusion detection system based on RF is built using the optimal training dataset obtained by data sampling and the features selected by feature selection. The experiment will be carried out on the UNSW-NB15 dataset. Compared with other algorithms, the model has obvious advantages in detecting rare anomaly behaviors.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Classmentioning

confidence: 99%

Building an Effective Intrusion Detection System by Using Hybrid Data Optimization Based on Machine Learning Algorithms

Ren

Guo

Wang

et al. 2019

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…The comparison can determine whether there is a partition between normal and unusual behaviors, and the unusual behavior is considered as an active or potential attack, which depends on the level of differences. Three common techniques supporting comparisons include statistical‐based , knowledge‐based, and machine learning‐based techniques .…”

Section: Intrusion Detection Systemsmentioning

confidence: 99%

Intrusion detection techniques for mobile cloud computing in heterogeneous 5G

Gai

Qiu

Tao

et al. 2015

Security Comm. Networks

148

View full text Add to dashboard Cite

Mobile cloud computing is applied in multiple industries to obtain cloud‐based services by leveraging mobile technologies. With the development of the wireless networks, defending threats from wireless communications have been playing a remarkable role in the Web security domain. Intrusion detection system (IDS) is an efficient approach for protecting wireless communications in the Fifth Generation (5G) context. In this paper, we identify and summarize the main techniques being implemented in IDSs and mobile cloud computing with an analysis of the challenges for each technique. Addressing the security issue, we propose a higher level framework of implementing secure mobile cloud computing by adopting IDS techniques for applying mobile cloud‐based solutions in 5G networks. On the basis of the reviews and synthesis, we conclude that the implementation of mobile cloud computing can be secured by the proposed framework because it will provide well‐protected Web services and adaptable IDSs in the complicated heterogeneous 5G environment. Copyright © 2015 John Wiley & Sons, Ltd.

show abstract

“…During the feature selection process the high dimensional training dataset is reduced in to low dimensional representation and the redundant features are eliminated. For selecting an optimal set of features various methods including Genetic Algorithm, meta-heuristic algorithms, and Principal Component Analysis (PCA) are used [5]. This paper utilizes a deep auto-encoder for finding a compact representation of the input data and a dense neural network for classification of anomalous traffic.…”

Section: Introductionmentioning

confidence: 99%

Non-linear Dimensionality Reduction-based Intrusion Detection using Deep Autoencoder

Chakravarthi¹,

Jagadeesh²

2019

IJACSA

View full text Add to dashboard Cite

The intrusion detection has become core part of any network of computers due to increasing amount of digital content available. In parallel, the data breaches and malware attacks have also grown in large numbers which makes the role of intrusion detection more essential. Even though many existing techniques are successfully used for detecting intruders but new variants of malware and attacks are being released every day. To counterfeit these new types of attacks, intrusion detection must be designed with state of art techniques such as Deep learning. At present the Deep learning techniques have a strong role in Natural Language Processing, Computer Vision and Speech Processing. This paper is focused on reviewing the role of deep learning techniques for intrusion detection and proposing an efficient deep Auto Encoder (AE) based intrusion detection technique. The intrusion detection is implemented in two stages with a binary classifier and multiclass classification algorithm (dense neural network). The performance of the proposed approach is presented and compared with parallel methods used for intrusion detection. The reconstruction error of the AE model is compared with the PCA and the performance of both anomaly detection and the multiclass classification is analyzed using metrics such as accuracy and false alarm rate. The compressed representation of the AE model helps to lessen the false alarm rate of both anomaly detection and attack classification using SVM and dense NN model respectively.

show abstract

Anomaly Detection based on Machine Learning Dimensionality Reduction using PCA and Classification using SVM

Cited by 70 publications

References 7 publications

Building an Effective Intrusion Detection System by Using Hybrid Data Optimization Based on Machine Learning Algorithms

Building an Effective Intrusion Detection System by Using Hybrid Data Optimization Based on Machine Learning Algorithms

Intrusion detection techniques for mobile cloud computing in heterogeneous 5G

Non-linear Dimensionality Reduction-based Intrusion Detection using Deep Autoencoder

Contact Info

Product

Resources

About