On Efficiency of Selected Machine Learning Algorithms for Intrusion Detection in Software Defined Networks

We propose a concept of using Software Defined Network (SDN) technology and machine learning algorithms for monitoring and detection of malicious activities in the SDN data plane. The statistics and features of network traffic are generated by the native mechanisms of SDN technology. In order to conduct tests and a verification of the concept, it was necessary to obtain a set of network workload test data. We present virtual environment which enables generation of the SDN network traffic. The article examines the efficiency of selected  machine learning methods: Self Organizing Maps and Learning Vector Quantization and their enhanced versions. The results are compared with other SDN-based IDS

A Clustering-Based Algorithm for Data Reduction

Finding an efficient data reduction method for large-scale problems is an imperative task. In this paper, we propose a similarity-based self-constructing fuzzy clustering algorithm to do the sampling of instances for the classification task. Instances that are similar to each other are grouped into the same cluster. When all the instances have been fed in, a number of clusters are formed automatically. Then the statistical mean for each cluster will be regarded as representing all the instances covered in the cluster. This approach has two advantages. One is that it can be faster and uses less storage memory. The other is that the number of new representative instances need not be specified in advance by the user. Experiments on real-world datasets show that our method can run faster and obtain better reduction rate than other methods

Classification Denial Of Service (Dos) Attack Using Artificial Neural Network Learning Vector Quantization (Lvq)

Network security is an important aspect in computer network defense. There are many threats find vulnerabilities and exploits for launching attacks. Threats that purpose to prevent users get the service of the system is Denial of Service (DoS). One of software application that can detect intrusion on is an Intrusion Detection System (IDS). IDS is a defense system to detect suspicious activity on the network. IDS has ability to categorize the various types of attack and not attack. In this research, Learning Vector Quantization (LVQ) neural network is used to classify the type of attacks. LVQ is a method to study the competitive supervised layer. If two input vectors approximately equal, then the competitive layers will put both the input vector into the same class. The results show IDS able to classify PING and UDP Floods are 100%

Novel Intrusion Detection using Probabilistic Neural Network and Adaptive Boosting

This article applies Machine Learning techniques to solve Intrusion Detection problems within computer networks. Due to complex and dynamic nature of computer networks and hacking techniques, detecting malicious activities remains a challenging task for security experts, that is, currently available defense systems suffer from low detection capability and high number of false alarms. To overcome such performance limitations, we propose a novel Machine Learning algorithm, namely Boosted Subspace Probabilistic Neural Network (BSPNN), which integrates an adaptive boosting technique and a semi parametric neural network to obtain good tradeoff between accuracy and generality. As the result, learning bias and generalization variance can be significantly minimized. Substantial experiments on KDD 99 intrusion benchmark indicate that our model outperforms other state of the art learning algorithms, with significantly improved detection accuracy, minimal false alarms and relatively small computational complexity.Comment: 9 pages IEEE format, International Journal of Computer Science and Information Security, IJCSIS 2009, ISSN 1947 5500, Impact Factor 0.423, http://sites.google.com/site/ijcsis