25,999 research outputs found
Deep Learning: The Many Approaches of Intrusion Detection System Can Be Implemented and Improved Upon
For my research topic I decided to look at Deep learning. Deep learning can be used in many ways for example in web searching. Deep learning can also can improve new businesses and products. Deep learning could lead to amazing discoveries. Deep learning is making a neural network learn something. In my research I talk about Intrusion detection system, traditional approach for intrusion detection, existing intrusion detection, machine learning and deep learning based intrusion detection system, and future work
Learning to Detect: A Data-driven Approach for Network Intrusion Detection
With massive data being generated daily and the ever-increasing interconnectivity of the world’s Internet infrastructures, a machine learning based intrusion detection system (IDS) has become a vital component to protect our economic and national security. In this paper, we perform a comprehensive study on NSL-KDD, a network traffic dataset, by visualizing patterns and employing different learning-based models to detect cyber attacks. Unlike previous shallow learning and deep learning models that use the single learning model approach for intrusion detection, we adopt a hierarchy strategy, in which the intrusion and normal behavior are classified firstly, and then the specific types of attacks are classified. We demonstrate the advantage of the unsupervised representation learning model in binary intrusion detection tasks. Besides, we alleviate the data imbalance problem with SVM-SMOTE oversampling technique in 4-class classification and further demonstrate the effectiveness and the drawback of the oversampling mechanism with a deep neural network as a base model. Index Terms—Intrusio
A Deep Learning Approach to Network Intrusion Detection
Software Defined Networking (SDN) has recently emerged to become one of the promising solutions for the future Internet. With the logical centralization of controllers and a global network overview, SDN brings us a chance to strengthen our network security. However, SDN also brings us a dangerous increase in potential threats. In this paper, we apply a deep learning approach for flow-based anomaly detection in an SDN environment. We build a Deep Neural Network (DNN) model for an intrusion detection system and train the model with the NSL-KDD Dataset. In this work, we just use six basic features (that can be easily obtained in an SDN environment) taken from the forty-one features of NSL-KDD Dataset. Through experiments, we confirm that the deep learning approach shows strong potential to be used for flow-based anomaly detection in SDN environments
E-GraphSAGE: A Graph Neural Network based Intrusion Detection System for IoT
This paper presents a new Network Intrusion Detection System (NIDS) based on
Graph Neural Networks (GNNs). GNNs are a relatively new sub-field of deep
neural networks, which can leverage the inherent structure of graph-based data.
Training and evaluation data for NIDSs are typically represented as flow
records, which can naturally be represented in a graph format. This establishes
the potential and motivation for exploring GNNs for network intrusion
detection, which is the focus of this paper. Current studies on machine
learning-based NIDSs only consider the network flows independently rather than
taking their interconnected patterns into consideration. This is the key
limitation in the detection of sophisticated IoT network attacks such as DDoS
and distributed port scan attacks launched by IoT devices. In this paper, we
propose \mbox{E-GraphSAGE}, a GNN approach that overcomes this limitation and
allows capturing both the edge features of a graph as well as the topological
information for network anomaly detection in IoT networks. To the best of our
knowledge, our approach is the first successful, practical, and extensively
evaluated approach of applying Graph Neural Networks on the problem of network
intrusion detection for IoT using flow-based data. Our extensive experimental
evaluation on four recent NIDS benchmark datasets shows that our approach
outperforms the state-of-the-art in terms of key classification metrics, which
demonstrates the potential of GNNs in network intrusion detection, and provides
motivation for further research.Comment: 9 pages, 5 figures, 6 table
Lightweight IDS for UAV Networks: A Periodic Deep Reinforcement Learning-based Approach
The use of intrusion detection systems (IDS) has become crucial for modern networks. To ensure the targeted performance of such networks, diverse techniques were introduced to enhance system reliability. Many network designs have adapted the use of Unmanned Aerial Vehicles (UAVs) to provide wider coverage and meet performance targets. However, the cybersecurity aspect of UAVs has not been fully considered. In this paper, we propose a lightweight intrusion detection and prevention system (IDPS) module for UAVs. The IDPS module is trained using Deep Reinforcement Learning (DRL), specifically Deep Q-learning (DQN), to enable UAVs to autonomously detect suspicious activities and to take necessary action to ensure the security of the network. A customized reward function is used to take into consideration the dataset unbalanced nature, which encourages the IDPS module to detect minor classes. Also, considering the limited availability of resources for UAVs, a periodic offline-learning approach is introduced to ensure that UAVs are capable to learn and adapt to the evolution of intrusion attacks autonomously. Numerical simulations show the efficiency of the proposed IDPS in detecting suspicious activities and corroborating the advantages brought by the periodic offline learning in comparison with similar online learning approaches, in terms of accuracy and energy consumption
Online Self-Supervised Learning in Machine Learning Intrusion Detection for the Internet of Things
This paper proposes a novel Self-Supervised Intrusion Detection (SSID)
framework, which enables a fully online Machine Learning (ML) based Intrusion
Detection System (IDS) that requires no human intervention or prior off-line
learning. The proposed framework analyzes and labels incoming traffic packets
based only on the decisions of the IDS itself using an Auto-Associative Deep
Random Neural Network, and on an online estimate of its statistically measured
trustworthiness. The SSID framework enables IDS to adapt rapidly to
time-varying characteristics of the network traffic, and eliminates the need
for offline data collection. This approach avoids human errors in data
labeling, and human labor and computational costs of model training and data
collection. The approach is experimentally evaluated on public datasets and
compared with well-known ML models, showing that this SSID framework is very
useful and advantageous as an accurate and online learning ML-based IDS for IoT
systems
A New Deep Learning Approach for Anomaly Base IDS using Memetic Classifier
A model of an intrusion-detection system capable of detecting attack in computer networks is described. The model is based on deep learning approach to learn best features of network connections and Memetic algorithm as final classifier for detection of abnormal traffic.One of the problems in intrusion detection systems is large scale of features. Which makes typical methods data mining method were ineffective in this area. Deep learning algorithms succeed in image and video mining which has high dimensionality of features. It seems to use them to solve the large scale of features problem of intrusion detection systems is possible. The model is offered in this paper which tries to use deep learning for detecting best features.An evaluation algorithm is used for produce final classifier that work well in multi density environments.We use NSL-KDD and Kdd99 dataset to evaluate our model, our findings showed 98.11 detection rate. NSL-KDD estimation shows the proposed model has succeeded to classify 92.72% R2L attack group
A Deep Learning-Based Framework for Feature Extraction and Classification of Intrusion Detection in Networks
An intrusion detection system, often known as an IDS, is extremely important for preventing attacks on a network, violating network policies, and gaining unauthorized access to a network. The effectiveness of IDS is highly dependent on data preprocessing techniques and classification models used to enhance accuracy and reduce model training and testing time. For the purpose of anomaly identification, researchers have developed several machine learning and deep learning-based algorithms; nonetheless, accurate anomaly detection with low test and train times remains a challenge. Using a hybrid feature selection approach and a deep neural network- (DNN-) based classifier, the authors of this research suggest an enhanced intrusion detection system (IDS). In order to construct a subset of reduced and optimal features that may be used for classification, a hybrid feature selection model that consists of three methods, namely, chi square, ANOVA, and principal component analysis (PCA), is applied. These methods are referred to as “the big three.” On the NSL-KDD dataset, the suggested model receives training and is then evaluated. The proposed method was successful in achieving the following results: a reduction of input data by 40%, an average accuracy of 99.73%, a precision score of 99.75%, an F1 score of 99.72%, and an average training and testing time of 138% and 2.7 seconds, respectively. The findings of the experiments demonstrate that the proposed model is superior to the performance of the other comparison approaches.publishedVersio
Secure Bluetooth Communication in Smart Healthcare Systems: A Novel Community Dataset and Intrusion Detection System â€
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).Smart health presents an ever-expanding attack surface due to the continuous adoption of a broad variety of Internet of Medical Things (IoMT) devices and applications. IoMT is a common approach to smart city solutions that deliver long-term benefits to critical infrastructures, such as smart healthcare. Many of the IoMT devices in smart cities use Bluetooth technology for short-range communication due to its flexibility, low resource consumption, and flexibility. As smart healthcare applications rely on distributed control optimization, artificial intelligence (AI) and deep learning (DL) offer effective approaches to mitigate cyber-attacks. This paper presents a decentralized, predictive, DL-based process to autonomously detect and block malicious traffic and provide an end-to-end defense against network attacks in IoMT devices. Furthermore, we provide the BlueTack dataset for Bluetooth-based attacks against IoMT networks. To the best of our knowledge, this is the first intrusion detection dataset for Bluetooth classic and Bluetooth low energy (BLE). Using the BlueTack dataset, we devised a multi-layer intrusion detection method that uses deep-learning techniques. We propose a decentralized architecture for deploying this intrusion detection system on the edge nodes of a smart healthcare system that may be deployed in a smart city. The presented multi-layer intrusion detection models achieve performances in the range of 97–99.5% based on the F1 scores.Peer reviewe
- …