Study of Self-Similarity for Detection of Rate-based Network Anomalies

Kaur, Gagandeep; Saxena, Vikas; Gupta, Jay Prakash

doi:10.14257/ijsia.2017.11.8.03

Cited by 4 publications

(1 citation statement)

References 49 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Intrusion Detection Techniques (IDTs) [2] are used to detect both known and unknown types of threats. IDTs have been divided into two types, namely, (1) Signature based IDTs (SbIDTs) [3] and Anomaly based IDTs (AbIDTs) [4][5][6]. Pre-identified signatures for normal and attack traffic in SbIDTs are used to detect attack patterns.…”

Section: Introductionmentioning

confidence: 99%

A Study of Feature Reduction Techniques and Classification for Network Anomaly Detection

Jain

Kaur

2020

CIT. J. comput. inf. technol

Self Cite

View full text Add to dashboard Cite

Due to the launch of new applications the behavior of internet traffic is changing. Hackers are always looking for sophisticated tools to launch attacks and damage the services. Researchers have been working on intrusion detection techniques involving machine learning algorithms for supervised and unsupervised detection of these attacks. However, with newly found attacks these techniques need to be refined. Handling data with large number of attributes adds to the problem. Therefore, dimensionality based feature reduction of the data is required. In this work three reduction techniques, namely, Principal Component Analysis (PCA), Artificial Neural Network (ANN), and Nonlinear Principal Component Analysis (NLPCA) have been studied and analyzed. Secondly, performance of four classifiers, namely, Decision Tree (DT), Support Vector Machine (SVM), K Nearest Neighbor (KNN) and Naïve Bayes (NB) has been studied for the actual and reduced datasets. In addition, novel performance measurement metrics, Classification Difference Measure (CDM), Specificity Difference Measure (SPDM), Sensitivity Difference Measure (SNDM), and F1 Difference Measure (F1DM) have been defined and used to compare the outcomes on actual and reduced datasets. Comparisons have been done using new Coburg Intrusion Detection Data Set (CIDDS-2017) dataset as well widely referred NSL-KDD dataset. Successful results were achieved for Decision Tree with 99.0 percent and 99.8 percent accuracy on CIDDS and NSLKDD datasets respectively.

show abstract

Section: Introductionmentioning

confidence: 99%