Intrusion Detection Systems Using Adaptive Regression Splines

Past few years have witnessed a growing recognition of intelligent techniques for the construction of efficient and reliable intrusion detection systems. Due to increasing incidents of cyber attacks, building effective intrusion detection systems (IDS) are essential for protecting information systems security, and yet it remains an elusive goal and a great challenge. In this paper, we report a performance analysis between Multivariate Adaptive Regression Splines (MARS), neural networks and support vector machines. The MARS procedure builds flexible regression models by fitting separate splines to distinct intervals of the predictor variables. A brief comparison of different neural network learning algorithms is also given

Comparison of Intrusion Detection Systems/Intrusion Prevention Systems – A Selection Criterion

Most of the devices and systems nowadays are complex connected devices that perform critical functions. Security in these devices is a critical task and of the highest importance. The protection of the data is mandatory for any organization, so there is a demand for the security mechanism to protect the data. Security is a challenging issue that should be taken into consideration when designing and building business-based web applications, as well as during its maintenance stage. Security can be provided to a system in various ways at different layers. This can be done either by an Intrusion Prevent System (IPS) or Intrusion Detection Systems (IDS). Usually deployed in a network to monitor the traffic, these systems use their own methodology to prevent, mitigate, and arrive at conclusions. The main objective of the paper is to discuss various kinds of IPS/IDS in detail, and their uniqueness which makes them stand out for various reasons. An additional discussion point will indicate which IDS/IPS can be used according to the security requirement, their functionality, and performances with their effectiveness to stop the malicious activity over a computer network. Reasons to choose a specific IDS/IPS will be listed. One of the high-level objectives of the paper is to create awareness about the availability of IDS/IPS and information on which one to choose for their requirements

Importance of Machine Learning Techniques to Improve the Open Source Intrusion Detection Systems

Nowadays, it became difficult to ensure data security because of the rapid development of information technology according to the Vs of Big Data. To secure a network against malicious activities and to ensure data protection, an intrusion detection system played a very important role. The main objective was to obtain a high-performance solution capable of detecting different types of attacks around the system. The main aim of this paper is to study the lacks of traditional and open source Intrusion Detection Systems and the Machine Learning techniques commonly used to overcome these lacks. A comparison of some existing works by Intrusion Detection System type, detection method, algorithm and accuracy was provided

Performance Evaluation and Validation of Intelligent Security Mechanism in Software Defined Network

Network attacks are discovered using intrusion detection systems (IDS), one of the most crucial security solutions. Machine learning techniques-based intrusion detection approaches have been rapidly created as a result of the widespread use of standard machine learning algorithms in the security field. Unfortunately, as technology has advanced and there have been faults in the machine learning-based intrusion detection system, the system has consistently failed to fulfill the standards for cyber security. Generative adversarial networks (GANs) have drawn a lot of interest recently and have been utilized widely in anomaly detection due to their enormous capacity for learning difficult high-dimensional real time data distribution. Traditional machine learning algorithms for intrusion detection have a number of drawbacks that deep learning techniques can significantly mitigate. With the help of a real time dataset, this work suggests employing GANs and its variants to detect network intrusions in SDN. The feasibility and comparison results are also presented. For different kinds of datasets, the BiGAN outcomes outperform the GAN

“Intrusion Detection System Evaluation “A Comparative Study of Machine Learning Algorithms

The need for cheaper and faster delivery in the electronics industry has increased as a result of information technology advancements. The quick development of technology not only makes life simpler but also raises several security concerns. The number of attacks conducted online has increased as the Internet has developed through time. One of the supporting layers that can be used for information security is the intrusion detection system (IDS). IDS offers a clean atmosphere for conducting business and steers clear of shady network activity. The security on the user's end of web transactions is the most difficult task in the construction of an e-commerce system. This study examined intrusion detection security techniques. Continuous monitoring of intrusion detection is required for further technological adaptation, and as a result, presents a comparative comparison of adaptive artificial intelligence-based intrusion detection algorithms. This work shows how reinforcement learning (RL) and regression learning-based intrusion detection systems (IDS) can be used to solve extremely difficult issues, such as choosing input features and taking limited resources into account

Deep packet inspection for intelligent intrusion detection in software-defined industrial networks: A proof of concept

Specifically tailored industrial control systems (ICSs) attacks are becoming increasingly sophisticated, accentuating the need of ICS cyber security. The nature of these systems makes traditional IT security measures not suitable, requiring expressly developed security countermeasures. Within the past decades, research has been focused in network-based intrusion detection systems. With the appearance of software-defined networks (SDNs), new opportunities and challenges have shown up in the research community. This paper describes the potential benefits of using SDNs in industrial networks with security purposes and presents the set up and results of a pilot experiment carried out in a scaled physical implementation. The experimental set up consists in the detection of ICMP flood and packet payload alteration based on signature comparison. Results point to the potential viability of the technology for intrusion detection and the need of researching in architectural scalability