A Detailed Analysis of the CIDDS-001 and CICIDS-2017 Datasets

Krishna, K. Siva; Swathi, K.; Rao, P. Rama Koteswara; Rao, B. Basaveswara

doi:10.1007/978-981-16-5640-8_47

Cited by 8 publications

(5 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The study of [36] illustrates the viability of transfer learning for intrusion detection in computationally constrained contexts utilizing raw network traffic. Our findings demonstrate this when a retrained random forest model is used in conjunction with a transferred one-dimensional convolutional neural network model [37][38][39][40].…”

Section: Literature Reviewmentioning

confidence: 55%

Deep Neural Decision Forest (DNDF): A Novel Approach for Enhancing Intrusion Detection Systems in Network Traffic Analysis

Alrayes,

Zakariah,

Driss

et al. 2023

Sensors

View full text Add to dashboard Cite

Intrusion detection systems, also known as IDSs, are widely regarded as one of the most essential components of an organization’s network security. This is because IDSs serve as the organization’s first line of defense against several cyberattacks and are accountable for accurately detecting any possible network intrusions. Several implementations of IDSs accomplish the detection of potential threats throughout flow-based network traffic analysis. Traditional IDSs frequently struggle to provide accurate real-time intrusion detection while keeping up with the changing landscape of threat. Innovative methods used to improve IDSs’ performance in network traffic analysis are urgently needed to overcome these drawbacks. In this study, we introduced a model called a deep neural decision forest (DNDF), which allows the enhancement of classification trees with the power of deep networks to learn data representations. We essentially utilized the CICIDS 2017 dataset for network traffic analysis and extended our experiments to evaluate the DNDF model’s performance on two additional datasets: CICIDS 2018 and a custom network traffic dataset. Our findings showed that DNDF, a combination of deep neural networks and decision forests, outperformed reference approaches with a remarkable precision of 99.96% by using the CICIDS 2017 dataset while creating latent representations in deep layers. This success can be attributed to improved feature representation, model optimization, and resilience to noisy and unbalanced input data, emphasizing DNDF’s capabilities in intrusion detection and network security solutions.

show abstract

Section: Literature Reviewmentioning

confidence: 55%

Deep Neural Decision Forest (DNDF): A Novel Approach for Enhancing Intrusion Detection Systems in Network Traffic Analysis

Alrayes,

Zakariah,

Driss

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…This avoids neuron death while maintaining ReLU advantages. [8] . Table 1 shows the experimental environment.…”

Section: Network Architecture Designmentioning

confidence: 99%

“…The main work of this paper is as follows: 1) A method for converting network traffic records into two-dimensional grayscale graphs is used to extract network traffic features using image processing techniques. 2) Experimental validation was performed on the publicly available CIC-IDS-2017 dataset [8] , and the results show that the proposed Inception-LSTM neural network has higher accuracy and faster detection speed. 3) Segmentation and labeling of the captured real-time flow data using the CICFlowMeter series of tools and detection on the above model.…”

Section: Introductionmentioning

confidence: 99%

Real-time traffic intrusion detection based on CNN-LSTM deep neural networks

Liu,

Ma,

Gao

et al. 2024

International Conference on Computer Network Security and Software Engineering (CNSSE 2024)

View full text Add to dashboard Cite

“…Based on McAfee's 2016 report, this dataset could collect common attacks, which included different types of DDoS, DoS, Infiltration, Heartbleed, and web attacks. Principally, this dataset has 2.8 million data along with 80 network traffic characteristics collected by engineering the traffic characteristics related to the intrusion detection system [ 29 ]. Class imbalance, as the most significant challenge in CICIDS dataset, has been addressed utilizing preprocess and sampling techniques.…”

Section: Literature Reviewmentioning

confidence: 99%

A novel hybrid hunger games algorithm for intrusion detection systems based on nonlinear regression modeling

Mohammadi

Babagoli

2023

Int. J. Inf. Secur.

View full text Add to dashboard Cite

Along with the advancement of online platforms and significant growth in Internet usage, various threats and cyber-attacks have been emerging and become more complicated and perilous in a day-by-day base. Anomaly-based intrusion detection systems (AIDSs) are lucrative techniques for dealing with cybercrimes. As a relief, AIDS can be equipped with artificial intelligence techniques to validate traffic contents and tackle diverse illicit activities. A variety of methods have been proposed in the literature in recent years. Nevertheless, several important challenges like high false alarm rates, antiquated datasets, imbalanced data, insufficient preprocessing, lack of optimal feature subset, and low detection accuracy in different types of attacks have still remained to be solved. In order to alleviate these shortcomings, in this research a novel intrusion detection system that efficiently detects various types of attacks is proposed. In preprocessing, Smote-Tomek link algorithm is utilized to create balanced classes and produce a standard CICIDS dataset. The proposed system is based on gray wolf and Hunger Games Search (HGS) meta-heuristic algorithms to select feature subsets and detect different attacks such as distributed denial of services, Brute force, Infiltration, Botnet, and Port Scan. Also, to improve exploration and exploitation and boost the convergence speed, genetic algorithm operators are combined with standard algorithms. Using the proposed feature selection technique, more than 80 percent of irrelevant features are removed from the dataset. The behavior of the network is modeled using nonlinear quadratic regression and optimized utilizing the proposed hybrid HGS algorithm. The results show the superior performance of the hybrid algorithm of HGS compared to the baseline algorithms and the well-known research. As shown in the analogy, the proposed model obtained an average test accuracy rate of 99.17%, which has better performance than the baseline algorithm with 94.61% average accuracy.

show abstract

A Detailed Analysis of the CIDDS-001 and CICIDS-2017 Datasets

Cited by 8 publications

References 11 publications

Deep Neural Decision Forest (DNDF): A Novel Approach for Enhancing Intrusion Detection Systems in Network Traffic Analysis

Deep Neural Decision Forest (DNDF): A Novel Approach for Enhancing Intrusion Detection Systems in Network Traffic Analysis

Real-time traffic intrusion detection based on CNN-LSTM deep neural networks

A novel hybrid hunger games algorithm for intrusion detection systems based on nonlinear regression modeling

Contact Info

Product

Resources

About