Wavelet-analysis of network traffic time-series for detection of attacks on digital production infrastructure

Lavrova, Darya; Semyanov, Pavel V.; Shtyrkina, Anna A.; Zegzhda, Peter D.

doi:10.1051/shsconf/20184400052

Cited by 9 publications

(5 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Additionally, the researchers in [12] analyzed the CICIDS2017 dataset using digital wavelets. Their method efficiently detected service denial attacks of both Slow Loris and HTTP Denial of Service (DoS).…”

Section: Cicids2017 Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection

et al. 2019

View full text Add to dashboard Cite

The security of networked systems has become a critical universal issue that influences individuals, enterprises and governments. The rate of attacks against networked systems has increased dramatically, and the tactics used by the attackers are continuing to evolve. Intrusion detection is one of the solutions against these attacks. A common and effective approach for designing Intrusion Detection Systems (IDS) is Machine Learning. The performance of an IDS is significantly improved when the features are more discriminative and representative. This study uses two feature dimensionality reduction approaches: (i) Auto-Encoder (AE): an instance of deep learning, for dimensionality reduction, and (ii) Principle Component Analysis (PCA). The resulting low-dimensional features from both techniques are then used to build various classifiers such as Random Forest (RF), Bayesian Network, Linear Discriminant Analysis (LDA) and Quadratic Discriminant Analysis (QDA) for designing an IDS. The experimental findings with low-dimensional features in binary and multi-class classification show better performance in terms of Detection Rate (DR), F-Measure, False Alarm Rate (FAR), and Accuracy. This research effort is able to reduce the CICIDS2017 dataset’s feature dimensions from 81 to 10, while maintaining a high accuracy of 99.6% in multi-class and binary classification. Furthermore, in this paper, we propose a Multi-Class Combined performance metric C o m b i n e d M c with respect to class distribution to compare various multi-class and binary classification systems through incorporating FAR, DR, Accuracy, and class distribution parameters. In addition, we developed a uniform distribution based balancing approach to handle the imbalanced distribution of the minority class instances in the CICIDS2017 network intrusion dataset.

show abstract

Section: Cicids2017 Related Workmentioning

confidence: 99%

“…(1) False Alarm Rate (FAR) is a common term which encompasses the number of normal instances incorrectly classified by the classifier as an attack, and can be estimated through Equation (12).…”

Section: Performance Evaluation Metricsmentioning

confidence: 99%

Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Researchers in [12] tested the conference dataset with the aid of digital wavelets. Their approach guarantees the detection and avoidance of denial-of-service attacks of both Slow Loris and HTTP Denial of Service (DoS).…”

Section: A Cicids2017mentioning

confidence: 99%

Big Data Security Enhancement Based Intrusion Detection System Using K-Mean Clustering of Decomposited Features

Swarnkar¹

2021

ITII

View full text Add to dashboard Cite

The protection of networked information systems is a critical problem impacting individuals, companies and governments. The number of attacks against networked networks has risen significantly and the methods used by the attacker are continuing to develop. Intrusion prevention is one method to avoid these threats from happening. A popular approach to creating an IDS system is by machine learning. The efficiency of the IDS is currently increased when discriminative and representative features are taken. AE and PCA are used to minimise dimensionality of features (PCA). The attribute extraction techniques employed are then used to construct an RF classification technique with K-Mean Cluster. This research effort will reduce the features of dataset "CICIDs" from 79 to 45, while retaining a high accuracy of 99.7% in Random Forest classifier with k-means clustering.

show abstract

“…To overcome the mentioned obstacles, the security researchers and IDS developers are focused on the advanced ML methods for the intrusion detection (e.g., [8][9][10][11]). For instance, the extra-deep neural networks with billions of weights running on the supercomputer are able to identify complex and subtle patterns at a big dataset of attack signs.…”

Section: Introductionmentioning

confidence: 99%

Security intrusion detection using quantum machine learning techniques

Kalinin

Krundyshev

2022

J Comput Virol Hack Tech

View full text Add to dashboard Cite

Conventional machine learning approaches applied for the security intrusion detection degrades in case of big data input (10 6 and more samples in a dataset). Model training and computing by traditional machine learning executed on big data at a common computing environment may produce accurate outputs but take a long time, or produce poor accuracy by quick training, both disparate to malicious activity. The paper observes the quantum machine learning (QML) methods overcoming the barriers of big data and the computing abilities of common hardware for the purpose of high performance intrusion detection. Quantum support vector machine (QSVM) and quantum convolution neural network (QCNN) as concurrent methods are discussed and evaluated comparing to the conventional intrusion detectors running on the traditional computer. The QML-based intrusion detection utilizes our own dataset that implements the grouping of the network packets into the input streams eatable for the QML. We have developed the software solution that encodes the network traffic streams ready to the quantum computing. Experimental results show the ability of the QML-based intrusion detection for processing big data inputs with high accuracy (98%) providing a twice faster speed comparing to the conventional machine learning algorithms utilized for the same task.

show abstract

Wavelet-analysis of network traffic time-series for detection of attacks on digital production infrastructure

Cited by 9 publications

References 5 publications

Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection

Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection

Big Data Security Enhancement Based Intrusion Detection System Using K-Mean Clustering of Decomposited Features

Security intrusion detection using quantum machine learning techniques

Contact Info

Product

Resources

About