670 research outputs found
Are Machine Learning Based Intrusion Detection System Always Secure?:An insight into tampered learning
Machine learning is successful in many applications including securing a network from unseen attack. The application of learning algorithm for detecting anomaly in a Network has been fundamental since few years. With increasing use of machine learning techniques it has become important to study to what extent it is good to be dependent on them. Altogether a different discipline called ‘Adversarial Learning’ have come up as a separate dimension of study. The work in this paper is to test the robustness of online machine learning based IDS to carefully crafted packets by attacker called poison packets. The objective is to observe how a remote attacker can deviate the normal behavior of machine learning based classifier in the IDS by injecting the network with carefully crafted packets externally, that may seem normal by the classification algorithm and the instance made part of its future training set. This behavior eventually can lead to a poison learning by the classification algorithm in the long run, resulting in misclassification of true attack instances. This work explores one such approach with SOM and SVM as the online learning based classification algorithms
Novel Intrusion Detection using Probabilistic Neural Network and Adaptive Boosting
This article applies Machine Learning techniques to solve Intrusion Detection
problems within computer networks. Due to complex and dynamic nature of
computer networks and hacking techniques, detecting malicious activities
remains a challenging task for security experts, that is, currently available
defense systems suffer from low detection capability and high number of false
alarms. To overcome such performance limitations, we propose a novel Machine
Learning algorithm, namely Boosted Subspace Probabilistic Neural Network
(BSPNN), which integrates an adaptive boosting technique and a semi parametric
neural network to obtain good tradeoff between accuracy and generality. As the
result, learning bias and generalization variance can be significantly
minimized. Substantial experiments on KDD 99 intrusion benchmark indicate that
our model outperforms other state of the art learning algorithms, with
significantly improved detection accuracy, minimal false alarms and relatively
small computational complexity.Comment: 9 pages IEEE format, International Journal of Computer Science and
Information Security, IJCSIS 2009, ISSN 1947 5500, Impact Factor 0.423,
http://sites.google.com/site/ijcsis
A model for multi-attack classification to improve intrusion detection performance using deep learning approaches
This proposed model introduces novel deep learning methodologies. The
objective here is to create a reliable intrusion detection mechanism to help
identify malicious attacks. Deep learning based solution framework is developed
consisting of three approaches. The first approach is Long-Short Term Memory
Recurrent Neural Network (LSTM-RNN) with seven optimizer functions such as
adamax, SGD, adagrad, adam, RMSprop, nadam and adadelta. The model is evaluated
on NSL-KDD dataset and classified multi attack classification. The model has
outperformed with adamax optimizer in terms of accuracy, detection rate and low
false alarm rate. The results of LSTM-RNN with adamax optimizer is compared
with existing shallow machine and deep learning models in terms of accuracy,
detection rate and low false alarm rate. The multi model methodology consisting
of Recurrent Neural Network (RNN), Long-Short Term Memory Recurrent Neural
Network (LSTM-RNN), and Deep Neural Network (DNN). The multi models are
evaluated on bench mark datasets such as KDD99, NSL-KDD, and UNSWNB15 datasets.
The models self-learnt the features and classifies the attack classes as
multi-attack classification. The models RNN, and LSTM-RNN provide considerable
performance compared to other existing methods on KDD99 and NSL-KDD datase
Intrusion Detection System: A Survey Using Data Mining and Learning Methods
In spite of growing information system widely, security has remained one hard-hitting area for computers as well as networks. In information protection, Intrusion Detection System (IDS) is used to safeguard the data confidentiality, integrity and system availability from various types of attacks. Data mining is an efficient artifice applied to intrusion detection to ascertain a new outline from the massive network data as well as it used to reduce the strain of the manual compilations of the normal and abnormal behavior patterns. Intrusion Detection System (IDS) is an essential method to protect network security from incoming on-line threats. Machine learning enable automates the classification of network patterns. This piece of writing reviews the present state of data mining techniques and compares various data mining techniques used to implement an intrusion detection system such as, Support Vector Machine, Genetic Algorithm, Neural network, Fuzzy Logic, Bayesian Classifier, K- Nearest Neighbor and decision tree Algorithms by highlighting a advantage and disadvantages of each of the techniques. This paper review the learning and detection methods in IDS, discuss the problems with existing intrusion detection systems and review data reduction techniques used in IDS in order to deal with huge volumes of audit data. Finally, conclusion and recommendation are included. Keywords: Classification, Data Mining, Intrusion Detection System, Security, Anomaly Detection, Types of attacks, Machine Learning Technique
Shallow and deep networks intrusion detection system : a taxonomy and survey
Intrusion detection has attracted a considerable interest from researchers and industries. The community, after many years of research, still faces the problem of building reliable and efficient IDS that are capable of handling large quantities of data, with changing patterns in real time situations. The work presented in this manuscript classifies intrusion detection systems (IDS). Moreover, a taxonomy and survey of shallow and deep networks intrusion detection systems is presented based on previous and current works. This taxonomy and survey reviews machine learning techniques and their performance in detecting anomalies. Feature selection which influences the effectiveness of machine learning (ML) IDS is discussed to explain the role of feature selection in the classification and training phase of ML IDS. Finally, a discussion of the false and true positive alarm rates is presented to help researchers model reliable and efficient machine learning based intrusion detection systems
- …