Detecting Generic Network Intrusion Attacks using Tree-based Machine Learning Methods

Alsariera, Yazan A.

doi:10.14569/ijacsa.2021.0120275

Cited by 4 publications

(2 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Kumari et al developed a mathematical model that utilizes logistic regression to detect distributed DoS attacks, offering a robust approach to cybersecurity [ 37 ]. Further extending the discourse on machine learning’s role in security, Alsariera et al introduced a specialized framework that employs two variants of decision tree algorithms to detect generic network intrusions [ 38 ]. In a similar vein, Reji et al explored a hybrid machine learning model that combines the seagull optimization algorithm with an extreme learning machine classifier to enhance the detection and classification of cyber attacks [ 39 ].…”

Section: Attack Detectionmentioning

confidence: 99%

Security Control of Cyber–Physical Systems under Cyber Attacks: A Survey

Xing,

Shen

2024

Sensors

View full text Add to dashboard Cite

Cyber–physical systems (CPSs), which combine computer science, control systems, and physical elements, have become essential in modern industrial and societal contexts. However, their extensive integration presents increasing security challenges, particularly due to recurring cyber attacks. Therefore, it is crucial to explore CPS security control. In this review, we systematically examine the prevalent cyber attacks affecting CPSs, such as denial of service, false data injection, and replay attacks, explaining their impacts on CPSs’ operation and integrity, as well as summarizing classic attack detection methods. Regarding CPSs’ security control approaches, we comprehensively outline protective strategies and technologies, including event-triggered control, switching control, predictive control, and optimal control. These approaches aim to effectively counter various cyber threats and strengthen CPSs’ security and resilience. Lastly, we anticipate future advancements in CPS security control, envisioning strategies to address emerging cyber risks and innovations in intelligent security control techniques.

show abstract

Section: Attack Detectionmentioning

confidence: 99%

Security Control of Cyber–Physical Systems under Cyber Attacks: A Survey

Xing,

Shen

2024

Sensors

View full text Add to dashboard Cite

show abstract

“…Furthermore, the feature selection approach helped in the reduction of irrelevant features from the data repository and improved the training complexity. In Alsariera [15], a study on DDSA against HTTP flooding detection was presented. The authors proposed a model which used a ML approach, specifically, a Naive Bayesian algorithm.…”

Section: Related Workmentioning

confidence: 99%

Evaluation of Bernoulli Naive Bayes model for detection of distributed denial of service attacks

Salau

Assegie²,

Akindadelo³

et al. 2023

Bulletin EEI

View full text Add to dashboard Cite

Distributed denial of service is a form of cyber-attack that involves sending several network traffic to a target system such as DHCP, domain name server (DNS), and HTTP server. The attack aims to exhaust computing resources such as memory and the processor of a target system by blocking the legitimate users from getting access to the service provided by the server. Network intrusion prevention ensures the security of a network and protects the server from such attacks. Thus, this paper presents a predicitive model that identifies distributed denial of service attacks (DDSA) using Bernoulli-Naive Bayes. The developed model is evaluated on the publicly available Kaggle dataset. The method is tested with a confusion matrix, receiver operating characteristics (ROC) curve, and accuracy to measure its performance. The experimental results show an 85.99% accuracy in detecting DDSA with the proposed method. Hence, Bernoulli-Naive Bayes-based method was found to be effective and significant for the protection of network servers from malicious attacks.

show abstract

Detecting block ciphers generic attacks: An instance-based machine learning method

Alsariera¹

2022

Int. j. adv. appl. sci.

View full text Add to dashboard Cite

Cryptography facilitates selective communication through encryption of messages and or data. Block-cipher processing is one of the prominent methods for modern cryptographic symmetric encryption schemes. The rise in attacks on block-ciphers led to the development of more difficult encryption schemes. However, attackers decrypt block-ciphers through generic attacks given sufficient time and computing. Recent research had applied machine learning classification algorithms to develop intrusion detection systems to detect multiple types of attacks. These intrusion detection systems are limited by misclassifying generic attacks and suffer reduced effectiveness when evaluated for detecting generic attacks only. Hence, this study introduced and proposed k-nearest neighbors, an instance-based machine learning classification algorithm, for the detection of generic attacks on block-ciphers. The value of k was varied (i.e., 1, 3, 5, 7, and 9) and multiple nearest neighbors classification models were developed and evaluated using two distance functions (i.e., Manhattan and Euclidean) for classifying between generic attacks and normal network packets. All nearest neighbors models using the Manhattan distance function performed better than their Euclidean counterparts. The 1-nearest neighbor (Manhattan distance function) model had the highest overall accuracy of 99.6%, a generic attack detection rate of 99.5% which tallies with the 5, 7, and 9 nearest neighbors models, and a false alarm rate of 0.0003 which is the same for all Manhattan nearest neighbors classification models. These instance-based methods performed better than some existing methods that even implemented an ensemble of deep-learning algorithms. Therefore, an instance-based method is recommended for detecting block-ciphers generic attacks.

show abstract

Detecting Generic Network Intrusion Attacks using Tree-based Machine Learning Methods

Cited by 4 publications

References 26 publications

Security Control of Cyber–Physical Systems under Cyber Attacks: A Survey

Security Control of Cyber–Physical Systems under Cyber Attacks: A Survey

Evaluation of Bernoulli Naive Bayes model for detection of distributed denial of service attacks

Detecting block ciphers generic attacks: An instance-based machine learning method

Contact Info

Product

Resources

About