Anomaly detection is one of the important challenges of network security associated today. We present a novel hybrid technique called G-LDA to identify the anomalies in network traffic. We propose a hybrid technique integrating Latent Dirichlet Allocation and genetic algorithm namely the G-LDA process. Furthermore, feature selection plays an important role in identifying the subset of attributes for determining the anomaly packets. The proposed method is evaluated by carrying out experiments on KDDCUP'99 dataset. The experimental results reveal that the hybrid technique has a better accuracy for detecting known and unknown attacks and a low false positive rate.

Sumaiya Thaseen I

Department of Software and Systems Engineering

School of Information Technology and Engineering

Vellore Campus

Aswani Kumar Cherukuri

Department of Information Technology

Kasliwal B

Bhatia S

Saini S

Vellore Institute of Technology (VIT) is a private university located in&nbsp;Tamil Nadu, India. Founded in 1984, as Vellore Engineering College, the institution offers 20 undergraduate, 34 postgraduate, four integrated and four research programs. It has campuses in Vellore, Amravati, Bhopal and Chennai.

VIT is one of the top ranked private universities in India according to NIRF, THE and QS Rankings.&nbsp;Govt. of India has recognized&nbsp;VIT, Vellore as an&nbsp;Institution of Eminence. This has allowed VIT to take independent quality initiatives and move up in world ranking.

&nbsp;

&nbsp;

VIT University

2014 IEEE International Advance Computing Conference (IACC)

A lot of intrusion and hacking events are surrounding the internet domain, bringing in a need for security systems. Intrusion detection system (IDS) is employed in the network to identify the attacks by continuously monitoring the system activities. The major issue for any intrusion detection model is to identify anomalies with maximum accuracy and minimal false alarms. An intrusion detection model is developed combining chi-square feature selection and LPBoost algorithm. Chi-square feature selection is deployed to build the optimal features as the network traffic data consists of many attributes. The optimum features are utilised by the LPBoost algorithm for classification of network traffic. An ensemble classifier is chosen as it typically outperforms a single classifier. The experiments are performed using NSL-KDD and UNSW-NB data sets. The results clearly show that the hybrid model achieves a higher detection and reduced false positive rate in contrast to other techniques.

International Journal of Internet Technology and Secured Transactions

Intrusion detection model using feature extraction and LPBoost technique

Intrusion detection is a promising area of research in the domain of security with the rapid development of internet in everyday life. Many intrusion detection systems (IDS) employ a sole classifier algorithm for classifying network traffic as normal or abnormal. Due to the large amount of data, these sole classifier models fail to achieve a high attack detection rate with reduced false alarm rate. However by applying dimensionality reduction, data can be efficiently reduced to an optimal set of attributes without loss of information and then classified accurately using a multi class modeling technique for identifying the different network attacks. In this paper, we propose an intrusion detection model using chi-square feature selection and multi class support vector machine (SVM). A parameter tuning technique is adopted for optimization of Radial Basis Function kernel parameter namely gamma represented by ‘ϒ’ and over fitting constant ‘C’. These are the two important parameters required for the SVM model. The main idea behind this model is to construct a multi class SVM which has not been adopted for IDS so far to decrease the training and testing time and increase the individual classification accuracy of the network attacks. The investigational results on NSL-KDD dataset which is an enhanced version of KDDCup 1999 dataset shows that our proposed approach results in a better detection rate and reduced false alarm rate. An experimentation on the computational time required for training and testing is also carried out for usage in time critical applications. © 2016 The Authors

Fulltext

Journal of King Saud University - Computer and Information Sciences

Intrusion detection model using fusion of chi-square feature selection and multi class SVM

There is a constant rise in the number of hacking and intrusion incidents day by day due to the alarming growth of internet. Intrusion Detection Systems (IDS) monitors network activities to protect the system from cyber attacks. Anomaly detection models identify the deviations from normal behavior and classify them as anomalies. In this paper we propose an intrusion detection model using Linear Discriminant Analysis (LDA), chi square feature selection and modified Naïve Bayesian classification. LDA is one of the extensively used dimensionality reduction technique to remove noisy attributes from the network dataset. As there are many attributes in the network data, chi square feature selection is deployed in an efficient manner to identify the optimal feature set that increases the accuracy of the model. The optimal subset is then used by the modified Naïve Bayesian classifier for identifying the normal traffic and different attacks in the data set. Experimental analysis have been performed on the widely used NSL-KDD datasets. The results indicate that they hybrid model produces better accuracy and lower false alarm rate in comparison to the traditional approaches.

Proceedings of the 3rd International Symposium on Big Data and Cloud Computing Challenges (ISBCC – 16’) Smart Innovation, Systems and Technologies

Intrusion Detection Model Using Chi Square Feature Selection and Modified Naïve Bayes Classifier

Intrusion detection systems (IDS) play a major role in detecting the attacks that occur in the computer or networks. Anomaly intrusion detection models detect new attacks by observing the deviation from profile. However there are many problems in the traditional IDS such as high false alarm rate, low detection capability against new network attacks and insufficient analysis capacity. The use of machine learning for intrusion models automatically increases the performance with an improved experience. This paper proposes a novel method of integrating principal component analysis (PCA) and support vector machine (SVM) by optimizing the kernel parameters using automatic parameter selection technique. This technique reduces the training and testing time to identify intrusions thereby improving the accuracy. The proposed method was tested on KDD data set. The datasets were carefully divided into training and testing considering the minority attacks such as U2R and R2L to be present in the testing set to identify the occurrence of unknown attack. The results indicate that the proposed method is successful in identifying intrusions. The experimental results show that the classification accuracy of the proposed method outperforms other classification techniques using SVM as the classifier and other dimensionality reduction or feature selection techniques. Minimum resources are consumed as the classifier input requires reduced feature set and thereby minimizing training and testing overhead time. © 2014 IEEE.

2014 International Conference on Contemporary Computing and Informatics (IC3I)

Intrusion detection model using fusion of PCA and optimized SVM

Knowledge-Based Systems

An ensemble design of intrusion detection system for handling uncertainty using Neutrosophic Logic Classifier

Expert Systems with Applications

Decision tree based light weight intrusion detection using a wrapper approach

2011 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)

Bayesian topic models for describing computer network behaviors

Advances in Computing and Information Technology Communications in Computer and Information Science

Network Intrusion Detection Using Genetic Algorithm and Neural Network

2010 International Conference on Multimedia Technology

Hybrid Neural Network Intrusion Detection System Using Genetic Algorithm

A hybrid anomaly detection model using G-LDA

Journal	Data powered by Typeset2014 IEEE International Advance Computing Conference (IACC)
Publisher	Data powered by TypesetIEEE
Open Access	0