“…Various machine learning techniques were implemented to enhance progress in IDS and an explicit discussion of a survey is given in References . IDS was developed using neural network and multilayer perceptron techniques and an IDS using self‐organizing map (unsupervised learning) was also developed . Using artificial neural network an advanced IDS system using the anomaly detection technique was developed, and by using similar techniques, different datasets IDS were developed in Reference .…”
Section: Benign Outliersmentioning
confidence: 99%
“…Different data types and features related with in NSL-KDD data set ,6,8,9,10,11,13,16,17,18,19,20,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41 …”
Intrusion detection system (IDS) is essential for the network; the intruder can steal sensitive information about networks. The IDS must have the ability to take care of large and real‐time data. The predicted rate must be high based on the available attribute. This work deals with a real intrusion detection problem, by its behavior. In this paper, we developed a hybrid model, which can detect intrusion by its action. We used an NSL‐KDD data set, the multiclass problem and binary problems are 25% tested. This model can be used to guess the availability of intrusion, able to determine the scope of intrusions based on the transaction of data in the network; training requires optimal features of a network transaction. The accuracy of the model is better for both binary class for the multiclass in NSL‐KDD data set. The complication of false data alarm rates is the most significant challenge in the IDS system, and it may be the low false rate or high false rate. Proposed work also addresses this problem. The first step that data will be filtered by Vote algorithm, the Information Gain will get associated with a base learner, to choose the necessary features, which directly affects the accuracy of the model. It uses the following classifier: RandomTree, REPTree, RandomForrest AdaBoostM1, Meta Pagging, DesicionStump, J48, LMT, Bagging, and Naive Bayes. On the based on the proposed model, it is observed as low false rate, high accuracy.
“…Various machine learning techniques were implemented to enhance progress in IDS and an explicit discussion of a survey is given in References . IDS was developed using neural network and multilayer perceptron techniques and an IDS using self‐organizing map (unsupervised learning) was also developed . Using artificial neural network an advanced IDS system using the anomaly detection technique was developed, and by using similar techniques, different datasets IDS were developed in Reference .…”
Section: Benign Outliersmentioning
confidence: 99%
“…Different data types and features related with in NSL-KDD data set ,6,8,9,10,11,13,16,17,18,19,20,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41 …”
Intrusion detection system (IDS) is essential for the network; the intruder can steal sensitive information about networks. The IDS must have the ability to take care of large and real‐time data. The predicted rate must be high based on the available attribute. This work deals with a real intrusion detection problem, by its behavior. In this paper, we developed a hybrid model, which can detect intrusion by its action. We used an NSL‐KDD data set, the multiclass problem and binary problems are 25% tested. This model can be used to guess the availability of intrusion, able to determine the scope of intrusions based on the transaction of data in the network; training requires optimal features of a network transaction. The accuracy of the model is better for both binary class for the multiclass in NSL‐KDD data set. The complication of false data alarm rates is the most significant challenge in the IDS system, and it may be the low false rate or high false rate. Proposed work also addresses this problem. The first step that data will be filtered by Vote algorithm, the Information Gain will get associated with a base learner, to choose the necessary features, which directly affects the accuracy of the model. It uses the following classifier: RandomTree, REPTree, RandomForrest AdaBoostM1, Meta Pagging, DesicionStump, J48, LMT, Bagging, and Naive Bayes. On the based on the proposed model, it is observed as low false rate, high accuracy.
“…Liberios Vokorokos et al present an intrusion detection system and design architecture of intrusion detection based on neural network SOM referred in [6]. Here a core of the designed architecture represents the neural network Self Organizing Map which classifies the monitored user behavior and also determines the possible intrusion of the monitored computer system.…”
Section: International Journal Of Computer Applications (0975 -8887) mentioning
Intrusion is a set of related activities which is performed to provide unauthorized activities such as access to the useful information, file modification etc. It is a set of any actions that attempt to compromise the integrity, confidentiality, or availability of a computer resource. Intrusion Detection Systems (IDS) are used to monitor and detect the probable attempts of such types. An IDS collects system and network activity related data. These data may contain network attacks against vulnerable services, data driven attacks on applications, host based attacks etc. There are several IDSs in literature proposed using various computational techniques such as statistical methods, artificial intelligence, data mining etc.Among these, data mining based methods are comparatively more successful in detecting unknown attack patterns. This paper reviews some remarkable works from the literature along with the basic concepts of intrusion detection. It also includes some suggestions for developing an efficient IDS based on the analysis carried out
KeywordsIntrusion detection system (IDS), Neural networks, Self organizing map (SOM).
“…The idea of using the state of a process to do intrusion detection is proposed in [4]. The authors train a neural network for monitoring the information related to a user's activities -user activity times, user login hosts, user foreign hosts, command set, CPU usage and memory usage patterns.…”
Abstract-In this paper, we present a novel framework -it uses the information in kernel structures of a process -to do run-time analysis of the behavior of an executing program. Our analysis shows that classifying a process as malicious or benign -using the information in the kernel structures of a process -is not only accurate but also has low processing overheads; as a result, this lightweight framework can be incorporated within the kernel of an operating system. To provide a proof-of-concept of our thesis, we design and implement our system as a kernel module in Linux. We perform the time series analysis of 118 parameters of Linux task structures and preprocess them to come up with a minimal features' set of 11 features. Our analysis show that these features have remarkably different values for benign and malicious processes; as a result, a number of classifiers operating on these features provide 93% detection accuracy with 0% false alarm rate within 100 milliseconds. Last but not least, we justify that it is very difficult for a crafty attacker to evade these lowlevel system specific features.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.