2 research outputs found
Implementation and Analysis of Combined Machine Learning Method for Intrusion Detection System
As one of the security components in Network Security Monitoring System, Intrusion Detection System (IDS) is implemented by many organizations in their networks to detect and address the impact of network attacks. There are many machine-learning methods that have been widely developed and applied in the IDS. Selection of appropriate methods is necessary to improve the detection accuracy in the application of machine-learning in IDS. In this research we proposed an IDS that we developed based on machine learning approach. We use 28 features subset without content features of  Knowledge Data Discovery (KDD) dataset to build machine learning model. From our analysis and experiment we get 28 features subset of KDD dataset that are most likely to be applied for the IDS in the real network. The machine learning model based on this 28 features subset obtained 99.9% accuracy for both two-class and multiclass classification. From our experiments using the IDS we have developed show good performance in detecting attacks on real networks
Leverage Intrusion Detection System Framework For Cyber Situational Awareness System
As one of the security components in cyber
situational awareness systems, Intrusion Detection System (IDS)
is implemented by many organizations in their networks to
address the impact of network attacks. Regardless of the tools
and technologies used to generate security alarms, IDS can
provide a situation overview of network traffic. With the security
alarm data generated, most organizations do not have the right
techniques and further analysis to make this alarm data more
valuable for the security team to handle attacks and reduce risk
to the organization. This paper proposes the IDS Metrics
Framework for cyber situational awareness system that includes
the latest technologies and techniques that can be used to create
valuable metrics for security advisors in making the right
decisions. This metrics framework consists of the various tools
and techniques used to evaluate the data. The evaluation of the
data is then used as a measurement against one or more
reference points to produce an outcome that can be very useful
for the decision making process of cyber situational awareness
system. This metric offers an additional Graphical User Interface
(GUI) tools that produces graphical displays and provides a great
platform for analysis and decision-making by security team