Intrusion Detection System Using Bayesian Network and Feature Subset Selection

Jabbar, M. A.; Aluvalu, Rajanikanth; Reddy, S. Sai Satyanarayana

doi:10.1109/iccic.2017.8524381

Cited by 13 publications

(5 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Because this type of classifier is based on the probabilistic values of all attributes, low-level training samples with the Naïve-Bayes classifier do not deteriorate its accomplishment. The primary disadvantage of the Naïve-Bayes classifier is that all the attributes are considered being independent, even though in practice this barely takes place [18].…”

Section: Machine Learningmentioning

confidence: 99%

“…Denial of Service: in this type of attack, the device memory is busy and full and in such a way that it cannot respond when it takes the request [18]. The best way to defend from this kind of attack is by turning the device off.…”

Section: Datasetsmentioning

confidence: 99%

“…∑ 𝑤 𝑖 𝑥 𝑖 = 𝑤 𝑇 𝑥 𝑘 𝑖=0 (18) We employ the softmax activation function in our Python program, because we have more than two different outputs.…”

Section: Machine Learning Algorithmsmentioning

confidence: 99%

See 2 more Smart Citations

Comparative Analysis of Intrusion Detection System Using Machine Learning and Deep Learning Algorithms

Note¹,

Ali²

2022

AETiC

View full text Add to dashboard Cite

Attacks against computer networks, “cyber-attacks”, are now common place affecting almost every Internet connected device on a daily basis. Organisations are now using machine learning and deep learning to thwart these types of attacks for their effectiveness without the need for human intervention. Machine learning offers the biggest advantage in their ability to detect, curtail, prevent, recover and even deal with untrained types of attacks without being explicitly programmed. This research will show the many different types of algorithms that are employed to fight against the different types of cyber-attacks, which are also explained. The classification algorithms, their implementation, accuracy and testing time are presented. The algorithms employed for this experiment were the Gaussian Naïve-Bayes algorithm, Logistic Regression Algorithm, SVM (Support Vector Machine) Algorithm, Stochastic Gradient Descent Algorithm, Decision Tree Algorithm, Random Forest Algorithm, Gradient Boosting Algorithm, K-Nearest Neighbour Algorithm, ANN (Artificial Neural Network) (here we also employed the Multilevel Perceptron Algorithm), Convolutional Neural Network (CNN) Algorithm and the Recurrent Neural Network (RNN) Algorithm. The study concluded that amongst the various machine learning algorithms, the Logistic Regression and Decision tree classifiers all took a very short time to be implemented giving an accuracy of over 90% for malware detection inside various test datasets. The Gaussian Naïve-Bayes classifier, though fast to implement, only gave an accuracy between 51-88%. The Multilevel Perceptron, non-linear SVM and Gradient Boosting algorithms all took a very long time to be implemented. The algorithm that performed with the greatest accuracy was the Random Forest Classification algorithm.

show abstract

Section: Machine Learningmentioning

confidence: 99%

Section: Datasetsmentioning

confidence: 99%

See 1 more Smart Citation

Comparative Analysis of Intrusion Detection System Using Machine Learning and Deep Learning Algorithms

Note¹,

Ali²

2022

AETiC

View full text Add to dashboard Cite

show abstract

“…The new algorithm achieved a high detection rate of unknown attacks on the KDD cup dataset. An improved IDS based on a Bayesian network and feature selection algorithm was proposed in [29]. Although these ML detection algorithms achieved higher recognition accuracy in intrusion detection tasks, they not only need large-scale feature engineering but the model parameters are also difficult to adjust.…”

Section: Related Workmentioning

confidence: 99%

A Novel Wireless Network Intrusion Detection Method Based on Adaptive Synthetic Sampling and an Improved Convolutional Neural Network

Wang

Lei

et al. 2020

IEEE Access

View full text Add to dashboard Cite

The diversity of network attacks poses severe challenges to intrusion detection systems (IDSs). Traditional attack recognition methods usually adopt mining data associations to identify anomalies, which has the disadvantages of a high false alarm rate (FAR), low recognition accuracy (ACC) and poor generalization ability. To ameliorate the comprehensive capabilities of IDS and strengthen network security, we propose a novel intrusion detection method based on the adaptive synthetic sampling (ADASYN) algorithm and an improved convolutional neural network (CNN). First, we use the ADASYN method to balance the sample distribution, which can effectively prevent the model from being sensitive to large samples and ignore small samples. Second, the improved CNN is based on the split convolution module (SPC-CNN), which can increase the diversity of features and eliminate the impact of interchannel information redundancy on model training. Then, an AS-CNN model mixed with ADASYN and SPC-CNN is used for intrusion detection tasks. Finally, the standard NSL-KDD dataset is selected to test AS-CNN. The simulation illustrates that the accuracy is 4.60% and 2.79% higher than that of the traditional CNN and RNN models, and the detection rate (DR) increased by 11.34% and 10.27%, respectively. Additionally, the FAR decreased by 15.58% and 14.57%, respectively, compared with the two models.

show abstract

“…Their system focuses on event timing instead of complex features even though their HIDS data has somewhat imprecise timing which could allow incorrect event ordering. Jabbar et al (2017) focus on increasing the detection rate and accuracy while attenuating the number of false alarms in an IDS using feature selection in combination with a BN classifier. Our approach seeks to achieve these same goals via more sophisticated techniques for feature selection and discretization and generates a suite of BN classifiers with performance tradeoffs.…”

Section: Introductionmentioning

confidence: 99%

Bayesian Networks for Interpretable Cyberattack Detection

Yang,

Hoffman,

Brown

2023

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

The challenge of cyberattack detection can be illustrated by the complexity of the MITRE ATT&CK TM matrix, which catalogues >200 attack techniques (most with multiple sub-techniques). To reliably detect cyberattacks, we propose an evidence-based approach which fuses multiple cyber events over varying time periods to help differentiate normal from malicious behavior. We use Bayesian Networks (BNs)probabilistic graphical models consisting of a set of variables and their conditional dependencies -for fusion/classification due to their interpretable nature, ability to tolerate sparse or imbalanced data, and resistance to overfitting. Our technique utilizes a small collection of expert-informed cyber intrusion indicators to create a hybrid detection system that combines data-driven training with expert knowledge to form a host-based intrusion detection system (HIDS). We demonstrate a software pipeline for efficiently generating and evaluating various BN classifier architectures for specific datasets and discuss explainability benefits thereof.

show abstract

Intrusion Detection System Using Bayesian Network and Feature Subset Selection

Cited by 13 publications

References 4 publications

Comparative Analysis of Intrusion Detection System Using Machine Learning and Deep Learning Algorithms

Comparative Analysis of Intrusion Detection System Using Machine Learning and Deep Learning Algorithms

A Novel Wireless Network Intrusion Detection Method Based on Adaptive Synthetic Sampling and an Improved Convolutional Neural Network

Bayesian Networks for Interpretable Cyberattack Detection

Contact Info

Product

Resources

About