Testing Intrusion detection systems

McHugh, John

doi:10.1145/382912.382923

Cited by 1,027 publications

(291 citation statements)

References 19 publications

Supporting

Mentioning

272

Contrasting

Unclassified

Order By: Relevance

“…This data set is based on KDD-99 database on the initiative of the American Association for Defense Advanced Research Projects Agency (DARPA) [39]. To conduct research in the field of intrusion detection, a set of communication data was compiled and covered a wide range of various intrusions simulated in an environment that mimics the US Air Force network.…”

Section: Datasets and Evaluation Metricsmentioning

confidence: 99%

An Anomaly Detection Based on Optimization

Alguliyev¹,

Alıguliyev²,

İmamverdiyev³

et al. 2017

IJISA

View full text Add to dashboard Cite

Abstract-At present, an anomaly detection is one of the important problems in many fields. The rapid growth of data volumes requires the availability of a tool for data processing and analysis of a wide variety of data types. The methods for anomaly detection are designed to detect object's deviations from normal behavior. However, it is difficult to select one tool for all types of anomalies due to the increasing computational complexity and the nature of the data. In this paper, an improved optimization approach for a previously known number of clusters, where a weight is assigned to each data point, is proposed. The aim of this article is to show that weighting of each data point improves the clustering solution. The experimental results on three datasets show that the proposed algorithm detects anomalies more accurately. It was compared to the k-means algorithm. The quality of the clustering result was estimated using clustering evaluation metrics. This research shows that the proposed method works better than k-means on the Australia (credit card applications) dataset according to the Purity, Mirkin and F-measure metrics, and on the heart diseases dataset according to F-measure and variation of information metric.

show abstract

Section: Datasets and Evaluation Metricsmentioning

confidence: 99%

An Anomaly Detection Based on Optimization

Alguliyev¹,

Alıguliyev²,

İmamverdiyev³

et al. 2017

IJISA

View full text Add to dashboard Cite

show abstract

“…There are a total of 41 features which are classified into Basic, Content and Traffic features. KDDCup is developed on the basis of DARPA'98 data and this data has been criticized by McHugh [5]. As a result, some of inherited issues also exist in KDD-Cup like redundancy of similar records and complexity level of data behavior.…”

Section: A Selection Of Suitable Datasetmentioning

confidence: 99%

“…KDD-Cup 99 is most widely used as a benchmark dataset for training and testing of Intrusion detection systems. KDD-CUP 99 is built based on the data captured in DARPA'98 which has been criticized by McHugh [5], mainly because of the characteristics of the synthetic data. One of the most important deficiencies in the KDD data set is the huge number of redundant records.…”

Section: Introductionmentioning

confidence: 99%

Towards the Low False Alarms and High Detection Rate in Intrusions Detection System

Imran¹,

Abdullah²,

Palaniappan³

2013

IJMLC

View full text Add to dashboard Cite

Abstract-Due to the fast growth of network systems, abundant intrusive approaches have been grown extensively which are escalating many security and solidity threats. Intrusions Detection Systems (IDS) are security programs to decide whether events and activities occurring in the network are intrusive or legitimate. The purpose of IDS is to identify intrusions in network traffic with low false alarms and high detection rate while consuming lesser resources and computational cost. There are plentiful issues in traditional IDS including regular updating, low detection capability to unknown attacks, high false alarms rate, extraordinary resources consumption and many others. Similarly, Intelligent Network IDS have snags of performance efficiency, false positive and false negative while today's advance Neural Network approaches are also facing training/learning overhead, high false alarms and low detection rate. Soft computing is an innovative field to develop intelligent IDS while minimizing the deficiencies in other approaches. The objective of this research is to propose an efficient soft computing approach with low false alarms and high detection rate while maintaining low cost and less time. Our research promising results show that a new proposed system is an improved and applicable representation of an ideal intrusion detection system.

show abstract

“…We have used Naive Bayes, Random Forest and PART along with feature reduction schemes to classify the NSL KDD dataset [2] into normal and attacked types. Both training and testing data is used along with 10-fold cross validation.…”

mentioning

confidence: 99%

Adaptive Hybrid Model for Network Intrusion Detection and Comparison among Machine Learning Algorithms

Haque¹,

Al-Kharobi²

2015

IJMLC

View full text Add to dashboard Cite

Abstract-In this paper, we propose a novel method using ensemble learning scheme for classifying network intrusion detection from the most renowned KDD cup dataset. We have shown that reducing the dimensionality of the large dataset provides most accurate detection. Additionally, several machine learning algorithms are used to generate the accuracy metrics and analyzed further for proper comparison. Our approach found out that this algorithm outperforms all other learning techniques. Our goal is to analyze the network intrusion data and find out the best components and use them for the attack analysis. This scheme can be used in parallel with the intrusion detection system to augment its prediction performance for the future data packets. Empirical results show that the input dimensionality reduction can provide lightweight intrusion detection system that can be embedded with the vulnerable system for generating correct classification with significance improvement in execution time.

show abstract

Testing Intrusion detection systems

Cited by 1,027 publications

References 19 publications

An Anomaly Detection Based on Optimization

An Anomaly Detection Based on Optimization

Towards the Low False Alarms and High Detection Rate in Intrusions Detection System

Adaptive Hybrid Model for Network Intrusion Detection and Comparison among Machine Learning Algorithms

Contact Info

Product

Resources

About