Handling Intrusion Detection System using Snort Based Statistical Algorithm and  Semi-supervised Approach

Nadiammai, G. V.; Hemalatha, M.

doi:10.19026/rjaset.6.3672

Cited by 11 publications

(2 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Based on the performance of the system, it showed that hybridised SSO-WLS is one of the competitive classifiers that can be used in IDS development. [Nadiammai and Hemalatha, (2013)] presented data mining-based techniques for hybrid IDS using the combination of snort based statistical and semi-supervised classification algorithm was used in training 2500 data instances. The experimental results were conducted using KDD Cup'99 dataset.…”

Section: Literature Reviewmentioning

confidence: 99%

An Enhanced Feature Selection and Classification Model for Network Intrusion Detection System Using Data Mining Techniques

Folorunsho¹,

Adegbola²,

Jimoh³

2022

INDJCSE

View full text Add to dashboard Cite

Security of information in this Information Technology (IT) era has been one of the challenges facing individuals and organisations. Among the measures developed by security experts to counter security threats is the Intrusion Detection System (IDS). Despite earlier research efforts to develop formidable IDSs, the existing systems still suffer from a high false alarm and inability to detect new (novel) attacks because of the high volume of features in network traffic. Therefore, this study aimed at developing IDS with an enhanced feature selection and classification method using two stages of attack identification. The feature selection phase employed Particle Swarm Optimization (PSO) to optimally select relevant features from Principal Component Analysis (PCA)'s projected principal space. The reduced dataset was passed into the misuse detector using C4.5 to classify network traffic into normal and attack. The "assumed" normal traffic further passed to the anomaly detector, the second-level classifier using Support Vector Machine (SVM) for detecting new attacks that the misuse detector has not previously detected. The proposed model was demonstrated on the KDD Cup'99 and NSL-KDD intrusion datasets, with the system achieving a false alarm rate of 0.53% and detection rate of 99.43% for NSL KDD dataset. The results show that enhancing the feature selection phase and classification method reduces the false alarm and improves the system's ability to detect zero-day attacks.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

An Enhanced Feature Selection and Classification Model for Network Intrusion Detection System Using Data Mining Techniques

Folorunsho¹,

Adegbola²,

Jimoh³

2022

INDJCSE

View full text Add to dashboard Cite

show abstract

“…There are two basic types of intrusion detection based on the range of its detection: host-based and network-based [15] while [19] classified intrusion detection into three including Vulnerability-Assessment i.e Vulnerable attacks are to detect on internal networks and firewalls as the third attack. Each has a distinct approach to monitoring and securing data, and each has distinct advantages and disadvantages, host-based IDSs examine data held on individual computers that serve as hosts, while network-based IDSs examine data exchanged between computers.…”

Section: Introductionmentioning

confidence: 99%

Neural Network based Intrusion Detection Systems

S¹,

A²,

Akinola³

et al. 2014

IJCA

View full text Add to dashboard Cite

Recent Intrusion Detection Systems (IDSs) which are used to monitor real-time attacks on computer and network systems are still faced with problems of low detection rate, high false positive, high false negative and alert flooding. This paper present a Neural Network-based approach that combined supervised and unsupervised learning techniques designed to correct some of these problems. The design is divided into two phases namely: Training and Detection. In the training phase, Multiple Self-Organizing Map algorithm (SOM) was constructed to capture a number of different input patterns, discover significant features in these patterns and learn how to classify input. Sigmoid Activation Function (SAF) was used to transform the input into a reasonable value (0, 1). The learning weights were randomly assigned in the range (-1, +1) to obtain the output consistent with the training. SAF was represented using a hyperbolic tangent in order to increase the learning speed and make learning efficient. Momentum and adaptive learning rates were introduced to significantly improve the performance of the back-propagation neural network. The trained lattice of neuron was used as input in the back propagation for the real-time monitoring and detection of intrusive activities. The design was implemented in Visual Basic.Net. An evaluation was carried out using Network Traffic data collected from Defence Advanced Research Projects Agency dataset consisting of normal and intrusive traffic. The training model was performed by means of Root Mean Square (RMS) error analysis using learning rate of 0.70, 4 input layers, 8 hidden layers and 2 output layers. The evaluation result of the new design showed a promising and improved technique when compared with the recent and best known related work.

show abstract

Network Packet Analysis in Real Time Traffic and Study of Snort IDS During the Variants of DoS Attacks

Kunhare

Tiwari

Dhar

2020

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Handling Intrusion Detection System using Snort Based Statistical Algorithm and Semi-supervised Approach

Cited by 11 publications

References 26 publications

An Enhanced Feature Selection and Classification Model for Network Intrusion Detection System Using Data Mining Techniques

An Enhanced Feature Selection and Classification Model for Network Intrusion Detection System Using Data Mining Techniques

Neural Network based Intrusion Detection Systems

Network Packet Analysis in Real Time Traffic and Study of Snort IDS During the Variants of DoS Attacks

Contact Info

Product

Resources

About