Detection of ICMPv6-based DDoS attacks using anomaly based intrusion detection system: A comprehensive review

Security network systems have been an increasingly important discipline since the implementation of preliminary stages of Internet Protocol version 6 (IPv6) for exploiting by attackers. IPv6 has an improved protocol in terms of security as it brought new functionalities, procedures, i.e., Internet Control Message Protocol version 6 (ICMPv6). The ICMPv6 protocol is considered to be very important and represents the backbone of the IPv6, which is also responsible to send and receive messages in IPv6. However, IPv6 Inherited many attacks from the previous internet protocol version 4 (IPv4) such as distributed denial of service (DDoS) attacks. DDoS is a thorny problem on the internet, being one of the most prominent attacks affecting a network result in tremendous economic damage to individuals as well as organizations. In this paper, an exhaustive evaluation and analysis are conducted anomaly detection DDoS attacks against ICMPv6 messages, in addition, explained anomaly detection types to ICMPv6 DDoS flooding attacks in IPv6 networks. Proposed using feature selection technique based on bio-inspired algorithms for selecting an optimal solution which selects subset to have a positive impact of the detection accuracy ICMPv6 DDoS attack. The review outlines the features and protection constraints of IPv6 intrusion detection systems focusing mainly on DDoS attacks

Feature Selection with IG-R for Improving Performance of Intrusion Detection System

As the popularity of the internet computer continued to grow and become an indispensable in human life, the security of computer network has become an important issue in computer security field. The Intrusion Detection System (IDS) is a system used in computer security for network security. The feature selection stage of IDS is considered to be the most critical stage in IDS. This stage is very costly both in efforts and time. However, many machine learning approaches have been presented to improve this stage in order to improve the performance of an IDS. However, these approaches did not give desirable results with respect to the detection accuracy in the IDS. A novel technique is proposed in this paper combining the Information Gain and Ranker (IG+R) method as the feature selection strategy with Naïve Bayes (NB), Support Vector Machine (SVM) and K-Nearest Neighbor (KNN) as the classifiers. The performance of these IG+R-NB, IG+R-SVM, and IG+R-KNN was evaluated on NSLKDD dataset. The experimental results of our proposed method gave high accuracy and low false alarm rate. The results obtained was compared and benchmarked with existing works. The results of this paper outperformed the existing approaches in terms of the detection accuracy

Predictor Selection and Attack Classification using Random Forest for Intrusion Detection

365-368Decision making for intrusion detection is critical in a distributed environment such as cloud or grid computing due to its’ dynamic nature. Wrong or delayed decisions lead to astonishing problems. So that decision making phase is enhanced by means of selecting relevant features for prediction and trained to classify attacks. Initially the common valued features for both normal and attack behavior are removed. The random forest algorithm is used for analyzing the predictors’ importance for intrusion detection. Then random forest algorithm works with the reduced and selected predictors to classify the normal user and attack behavior. Finally the classifications are used to detect intruders. Experiments are conducted and proved that classifier performance can be improved in terms of accuracy, efficiency and detection rate using random forest

Efficient Disease Identification Method for Crop Leaf using Deep Learning Techniques

Many prime grain-producing nations have implemented steps to limit export of grains as COVID-19 has expanded over the globe; food security has sparked significant worry from a number of stakeholders. One of the most crucial concerns facing all nations is how to increase grain output. However, the diseases occur in crops remain a challenge for countless farmers, therefore it is critical to understand their severity promptly and precisely to guide the them in taking additional measures to lessen the chances of plants being affected furthermore. This paper describes a deep learning model for the identification of crop diseases that can achieve high accuracy with low processing power. The model, called the inception v3 network, has been tested on a tomato leaf dataset and has obtained a average identification accuracy of 98.00% and further the ensemble of two inception v3 models with slight diversity achieved an accuracy of 98.11%. The results suggest that this model could be useful in improving food security by helping farmers quickly and accurately identify crop diseases and take appropriate measures to prevent further spread

Intrusion Detection based on a Novel Hybrid Learning Approach

Information security and Intrusion Detection System (IDS) plays a critical role in the Internet. IDS is an essential tool for detecting different kinds of attacks in a network and maintaining data integrity, confidentiality and system availability against possible threats. In this paper, a hybrid approach towards achieving high performance is proposed. In fact, the important goal of this paper is generating an efficient training dataset. To exploit the strength of clustering and feature selection, an intensive focus on intrusion detection combines the two, so the proposed method is using these techniques too. At first, a new training dataset is created by K-Medoids clustering and Selecting Feature using SVM method. After that, Naïve Bayes classifier is used for evaluating. The proposed method is compared with another mentioned hybrid algorithm and also 10-fold cross validation. Experimental results based on KDD CUP’99 dataset show that the proposed method has better accuracy, detection rate and also false alarm rate than others

New Anomaly Network Intrusion Detection System in Cloud Environment Based on Optimized Back Propagation Neural Network Using Improved Genetic Algorithm

Cloud computing is distributed architecture, providing computing facilities and storage resource as a service over an open environment (Internet), this lead to different matters related to the security and privacy in cloud computing. Thus, defending network accessible Cloud resources and services from various threats and attacks is of great concern. To address this issue, it is essential to create an efficient and effective Network Intrusion System (NIDS) to detect both outsider and insider intruders with high detection precision in the cloud environment. NIDS has become popular as an important component of the network security infrastructure, which detects malicious activities by monitoring network traffic. In this work, we propose to optimize a very popular soft computing tool widely used for intrusion detection namely, Back Propagation Neural Network (BPNN) using an Improved Genetic Algorithm (IGA). Genetic Algorithm (GA) is improved through optimization strategies, namely Parallel Processing and Fitness Value Hashing, which reduce execution time, convergence time and save processing power. Since,  Learning rate and Momentum term are among the most relevant parameters that impact the performance of BPNN classifier, we have employed IGA to find the optimal or near-optimal values of these two parameters which ensure high detection rate, high accuracy and low false alarm rate. The CloudSim simulator 4.0 and DARPA’s KDD cup datasets 1999 are used for simulation. From the detailed performance analysis, it is clear that the proposed system called “ANIDS BPNN-IGA” (Anomaly NIDS based on BPNN and IGA) outperforms several state-of-art methods and it is more suitable for network anomaly detection

Deep Neural Networks based Meta-Learning for Network Intrusion Detection

The digitization of different components of industry and inter-connectivity among indigenous networks have increased the risk of network attacks. Designing an intrusion detection system to ensure security of the industrial ecosystem is difficult as network traffic encompasses various attack types, including new and evolving ones with minor changes. The data used to construct a predictive model for computer networks has a skewed class distribution and limited representation of attack types, which differ from real network traffic. These limitations result in dataset shift, negatively impacting the machine learning models' predictive abilities and reducing the detection rate against novel attacks. To address the challenges, we propose a novel deep neural network based Meta-Learning framework; INformation FUsion and Stacking Ensemble (INFUSE) for network intrusion detection. First, a hybrid feature space is created by integrating decision and feature spaces. Five different classifiers are utilized to generate a pool of decision spaces. The feature space is then enriched through a deep sparse autoencoder that learns the semantic relationships between attacks. Finally, the deep Meta-Learner acts as an ensemble combiner to analyze the hybrid feature space and make a final decision. Our evaluation on stringent benchmark datasets and comparison to existing techniques showed the effectiveness of INFUSE with an F-Score of 0.91, Accuracy of 91.6%, and Recall of 0.94 on the Test+ dataset, and an F-Score of 0.91, Accuracy of 85.6%, and Recall of 0.87 on the stringent Test-21 dataset. These promising results indicate the strong generalization capability and the potential to detect network attacks.Comment: Pages: 15, Figures: 10 and Tables:

Improved hybrid teaching learning based optimization-jaya and support vector machine for intrusion detection systems

Most of the currently existing intrusion detection systems (IDS) use machine learning algorithms to detect network intrusion. Machine learning algorithms have widely been adopted recently to enhance the performance of IDSs. While the effectiveness of some machine learning algorithms in detecting certain types of network intrusion has been ascertained, the situation remains that no single method currently exists that can achieve consistent results when employed for the detection of multiple attack types. Hence, the detection of network attacks on computer systems has remain a relevant field of research for some time. The support vector machine (SVM) is one of the most powerful machine learning algorithms with excellent learning performance characteristics. However, SVM suffers from many problems, such as high rates of false positive alerts, as well as low detection rates of rare but dangerous attacks that affects its performance; feature selection and parameters optimization are important operations needed to increase the performance of SVM. The aim of this work is to develop an improved optimization method for IDS that can be efficient and effective in subset feature selection and parameters optimization. To achieve this goal, an improved Teaching Learning-Based Optimization (ITLBO) algorithm was proposed in dealing with subset feature selection. Meanwhile, an improved parallel Jaya (IPJAYA) algorithm was proposed for searching the best parameters (C, Gama) values of SVM. Hence, a hybrid classifier called ITLBO-IPJAYA-SVM was developed in this work for the improvement of the efficiency of network intrusion on data sets that contain multiple types of attacks. The performance of the proposed approach was evaluated on NSL-KDD and CICIDS intrusion detection datasets and from the results, the proposed approaches exhibited excellent performance in the processing of large datasets. The results also showed that SVM optimization algorithm achieved accuracy values of 0.9823 for NSL-KDD dataset and 0.9817 for CICIDS dataset, which were higher than the accuracy of most of the existing paradigms for classifying network intrusion detection datasets. In conclusion, this work has presented an improved optimization algorithm that can improve the accuracy of IDSs in the detection of various types of network attack