11 research outputs found
An Enhanced Design of Sparse Autoencoder for Latent Features Extraction Based on Trigonometric Simplexes for Network Intrusion Detection Systems
Despite the successful contributions in the field of network intrusion detection using machine learning algorithms and deep networks to learn the boundaries between normal traffic and network attacks, it is still challenging to detect various attacks with high performance. In this paper, we propose a novel mathematical model for further development of robust, reliable, and efficient software for practical intrusion detection applications. In this present work, we are concerned with optimal hyperparameters tuned for high performance sparse autoencoders for optimizing features and classifying normal and abnormal traffic patterns. The proposed framework allows the parameters of the back-propagation learning algorithm to be tuned with respect to the performance and architecture of the sparse autoencoder through a sequence of trigonometric simplex designs. These hyperparameters include the number of nodes in the hidden layer, learning rate of the hidden layer, and learning rate of the output layer. It is expected to achieve better results in extracting features and adapting to various levels of learning hierarchy as different layers of the autoencoder are characterized by different learning rates in the proposed framework. The idea is viewed such that every learning rate of a hidden layer is a dimension in a multidimensional space. Hence, a vector of the adaptive learning rates is implemented for the multiple layers of the network to accelerate the processing time that is required for the network to learn the mapping towards a combination of enhanced features and the optimal synaptic weights in the multiple layers for a given problem. The suggested framework is tested on CICIDS2017, a reliable intrusion detection dataset that covers all the common, updated intrusions and cyber-attacks. Experimental results demonstrate that the proposed architecture for intrusion detection yields superior performance compared to recently published algorithms in terms of classification accuracy and F-measure results.https://doi.org/10.3390/electronics902025
Machine Learning Approaches for Flow-Based Intrusion Detection Systems
In cybersecurity, machine/deep learning approaches can predict and detect threats before they result in major security incidents. The design and performance of an effective machine learning (ML) based Intrusion Detection System (IDS) depends upon the selected attributes and the classifier. This project considers multi-class classification for the Aegean Wi-Fi Intrusion Dataset (AWID) where classes represent 17 types of the IEEE 802.11 MAC Layer attacks. The proposed work extracts four attribute sets of 32, 10, 7 and 5 attributes, respectfully. The classifiers achieved high accuracy with minimum false positive rates, and the presented work outperforms previous related work in terms of number of classes, attributes and accuracy. The proposed work achieved maximum accuracy of 99.64% for Random Forest with supply test and 99.99% using the 10-fold cross validation approach for Random Forest and J48
Towards Efficient Features Dimensionality Reduction for Network Intrusion Detection on Highly Imbalanced Traffic
The performance of an IDS is significantly improved when the features are more discriminative and representative. This research effort is able to reduce the CICIDS2017 dataset’s feature dimensions from 81 to 10, while maintaining a high accuracy of 99.6% in multi-class and binary classification. Furthermore, we propose a Multi-Class Combined performance metric CombinedMc with respect to class distribution to compare various multi-class and binary classification systems through incorporating FAR, DR, Accuracy, and class distribution parameters. In addition, we developed a uniform distribution based balancing approach to handle the imbalanced distribution of the minority class instances in the CICIDS 2017 network intrusion dataset
Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection
The security of networked systems has become a critical universal issue that influences individuals, enterprises and governments. The rate of attacks against networked systems has increased dramatically, and the tactics used by the attackers are continuing to evolve. Intrusion detection is one of the solutions against these attacks. A common and effective approach for designing Intrusion Detection Systems (IDS) is Machine Learning. The performance of an IDS is significantly improved when the features are more discriminative and representative. This study uses two feature dimensionality reduction approaches: (i) Auto-Encoder (AE): an instance of deep learning, for dimensionality reduction, and (ii) Principle Component Analysis (PCA). The resulting low-dimensional features from both techniques are then used to build various classifiers such as Random Forest (RF), Bayesian Network, Linear Discriminant Analysis (LDA) and Quadratic Discriminant Analysis (QDA) for designing an IDS. The experimental findings with low-dimensional features in binary and multi-class classification show better performance in terms of Detection Rate (DR), F-Measure, False Alarm Rate (FAR), and Accuracy. This research effort is able to reduce the CICIDS2017 dataset’s feature dimensions from 81 to 10, while maintaining a high accuracy of 99.6% in multi-class and binary classification. Furthermore, in this paper, we propose a Multi-Class Combined performance metric CombinedMc with respect to class distribution to compare various multi-class and binary classification systems through incorporating FAR, DR, Accuracy, and class distribution parameters. In addition, we developed a uniform distribution based balancing approach to handle the imbalanced distribution of the minority class instances in the CICIDS2017 network intrusion dataset.http://dx.doi.org/10.3390/electronics803032
Machine Learning Based Feature Reduction for Network Intrusion Detection
The security of networked systems has become a critical universal issue. The rate of attacks against networked systems has increased dramatically, and the tactics used by the attackers are continuing to evolve. Intrusion detection is one of the solutions against these attacks. A common and effective approach for designing Intrusion Detection Systems (IDS) is Machine Learning. The performance of an IDS is significantly improved when the features are more discriminative and representative. This study uses two feature dimensionality reduction approaches: i) Auto-Encoder (AE): an instance of deep learning, for dimensionality reduction, and ii) Principle Component Analysis (PCA). The resulting low-dimensional features from both techniques are then used to build various classifiers such as Random Forest (RF), Bayesian Network, Linear Discriminant Analysis (LDA) and Quadratic Discriminant Analysis (QDA) for designing an IDS. The experimental findings with low-dimensional features in binary and multi-class classification show better performance in terms of Detection Rate (DR), F-Measure, False Alarm Rate (FAR), and Accuracy. This research effort is able to reduce the CICIDS2017 dataset's feature dimensions from 81 to 10, while maintaining a high accuracy of 99.6%. Furthermore, we propose a Multi-Class Combined performance metric CombinedMc with respect to class distribution to compare various multi-class and binary classification systems through incorporating FAR, DR, Accuracy, and class distribution parameters. In addition, we developed a uniform distribution based balancing approach to handle the imbalanced distribution of the minority class instances in the CICIDS2017 network intrusion dataset
Recommended from our members
Molecular and clinical determinants of response and resistance to rucaparib for recurrent ovarian cancer treatment in ARIEL2 (Parts 1 and 2)
ARIEL2 (NCT01891344) is a single-arm, open-label phase 2 study of the PARP inhibitor (PARPi) rucaparib in relapsed high-grade ovarian carcinoma. In this post hoc exploratory biomarker analysis of pre- and post-platinum ARIEL2 samples, RAD51C and RAD51D mutations and high-level BRCA1 promoter methylation predict response to rucaparib, similar to BRCA1/BRCA2 mutations. BRCA1 methylation loss may be a major cross-resistance mechanism to platinum and PARPi. Genomic scars associated with homologous recombination deficiency are irreversible, persisting even as platinum resistance develops, and therefore are predictive of rucaparib response only in platinum-sensitive disease. The RAS, AKT, and cell cycle pathways may be additional modulators of PARPi sensitivity
PDCD1 Polymorphisms May Predict Response to Anti-PD-1 Blockade in Patients With Metastatic Melanoma
A significant number of patients (pts) with metastatic melanoma do not respond to anti-programmed cell death 1 (PD1) therapies. Identifying predictive biomarkers therefore remains an urgent need. We retrospectively analyzed plasma DNA of pts with advanced melanoma treated with PD-1 antibodies, nivolumab or pembrolizumab, for five PD-1 genotype single nucleotide polymorphisms (SNPs): PD1.1 (rs36084323, G>A), PD1.3 (rs11568821, G>A), PD1.5 (rs2227981, C>T) PD1.6 (rs10204225, G>A) and PD1.9 (rs2227982, C>T). Clinico-pathological and treatment parameters were collected, and presence of SNPs correlated with response, progression free survival (PFS) and overall survival (OS). 115 patients were identified with a median follow up of 18.7 months (range 0.26 – 52.0 months). All were Caucasian; 27% BRAF V600 mutation positive. At PD-1 antibody commencement, 36% were treatment-naïve and 52% had prior ipilimumab. The overall response rate was 43%, 19% achieving a complete response. Overall median PFS was 11.0 months (95% CI 5.4 - 17.3) and median OS was 31.1 months (95% CI 23.2 - NA). Patients with the G/G genotype had more complete responses than with A/G genotype (16.5% vs. 2.6% respectively) and the G allele of PD1.3 rs11568821 was significantly associated with a longer median PFS than the AG allele, 14.1 vs. 7.0 months compared to the A allele (p=0.04; 95% CI 0.14 – 0.94). No significant association between the remaining SNPs and responses, PFS or OS were observed. Despite limitations in sample size, this is the first study to demonstrate an association of a germline PD-1 polymorphism and PFS in response to anti-PD-1 therapy in pts with metastatic melanoma. Extrinsic factors like host germline polymorphisms should be considered with tumor intrinsic factors as predictive biomarkers for immune checkpoint regulators
Recommended from our members
Molecular and clinical determinants of response and resistance to rucaparib for recurrent ovarian cancer treatment in ARIEL2 (Parts 1 and 2).
ARIEL2 (NCT01891344) is a single-arm, open-label phase 2 study of the PARP inhibitor (PARPi) rucaparib in relapsed high-grade ovarian carcinoma. In this post hoc exploratory biomarker analysis of pre- and post-platinum ARIEL2 samples, RAD51C and RAD51D mutations and high-level BRCA1 promoter methylation predict response to rucaparib, similar to BRCA1/BRCA2 mutations. BRCA1 methylation loss may be a major cross-resistance mechanism to platinum and PARPi. Genomic scars associated with homologous recombination deficiency are irreversible, persisting even as platinum resistance develops, and therefore are predictive of rucaparib response only in platinum-sensitive disease. The RAS, AKT, and cell cycle pathways may be additional modulators of PARPi sensitivity