Intrusion Detection System Using Classification Algorithms with Feature Selection Mechanism over Real-time Data Traffic

Abstract: The key objective of intrusion detection systems (IDS) is to protect the particular host or network by investigating and predicting the network traffic as an attack or normal. These IDS uses many methods of machine learning (ML) to learn from past-experience attack signatures and identify the new ones. Even though these methods are effective, but they have to suffer from large computational costs due to considering all the traffic features, together. Moreover, emerging technologies like the Internet of Things … Show more

“…Axiom 1 primarily pertained to the device types that are currently on a MANET, apart from observing node behaviours to gauge what type of device they may be, some helpful fields for Axiom 1 would be: 'Source IP', 'Destination IP', 'Protocol', 'MAC Id', 'application protocol', 'label', 'attack cat', 'DNS' Axiom 2 would have generally pertained to whether a node is a repeat offender or not and thus, the data fields that would be most useful for determining Axiom2 would be: 'Source IP', 'Destination IP', 'Protocol', 'application protocol', 'label', 'attack cat', 'DNS', 'category' However, these fields consist of what currently exists in typical Network traffic or IDS traffic data schemas. The addition of the following fields would improve the accuracy of the determined risk level of the given MANET as it would act as additional classification criteria to determine a malicious node, similar to the machine learning classification techniques used in [21] and [22]:…”

Mobile Adhoc Network Risk Profiles - An Overview of Existing Network Traffic Datasets to DetermineIdeal Axiom Criteria

“…Axiom 1 primarily pertained to the device types that are currently on a MANET, apart from observing node behaviours to gauge what type of device they may be, some helpful fields for Axiom 1 would be: 'Source IP', 'Destination IP', 'Protocol', 'MAC Id', 'application protocol', 'label', 'attack cat', 'DNS' Axiom 2 would have generally pertained to whether a node is a repeat offender or not and thus, the data fields that would be most useful for determining Axiom2 would be: 'Source IP', 'Destination IP', 'Protocol', 'application protocol', 'label', 'attack cat', 'DNS', 'category' However, these fields consist of what currently exists in typical Network traffic or IDS traffic data schemas. The addition of the following fields would improve the accuracy of the determined risk level of the given MANET as it would act as additional classification criteria to determine a malicious node, similar to the machine learning classification techniques used in [21] and [22]:…”

Mobile Adhoc Network Risk Profiles - An Overview of Existing Network Traffic Datasets to DetermineIdeal Axiom Criteria