Detecting network anomalies using machine learning and SNMP-MIB dataset with IP group

Manna, Abdelrahman; Alkasassbeh, Mouhammd

doi:10.1109/ictcs.2019.8923043

Cited by 13 publications

(8 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Based on the results of the study in Table 6, it is explained that the most dominant n-gram technique in detecting DDoS attacks is 2-Gram and 3-Gram and has the highest level of accuracy, reaching 99.98%. When compared with research, [25]- [27] it only got 98.7%, meaning that there was a significant difference reaching 1.28%. Visually it can be seen in Figure 4.…”

Section: Performance Comparisonmentioning

confidence: 78%

Enhancement detection distributed denial of service attacks using hybrid n-gram techniques

2022

View full text Add to dashboard Cite

Section: Performance Comparisonmentioning

confidence: 78%

Enhancement detection distributed denial of service attacks using hybrid n-gram techniques

2022

View full text Add to dashboard Cite

“…Manna and Alkasassbeh [15] presented a recent approach that used ML, such as decision tree J48, random forest, and REP tree. The proposed technique used SNMP-MIB data for the trained IDS system to detect DOS attack anomalies that may affect the network.…”

Section: Fig 1 Detection Frameworkmentioning

confidence: 99%

Apply machine learning techniques to detect malicious network traffic in cloud computing

Alshammari

Aldribi

2021

J Big Data

View full text Add to dashboard Cite

Computer networks target several kinds of attacks every hour and day; they evolved to make significant risks. They pass new attacks and trends; these attacks target every open port available on the network. Several tools are designed for this purpose, such as mapping networks and vulnerabilities scanning. Recently, machine learning (ML) is a widespread technique offered to feed the Intrusion Detection System (IDS) to detect malicious network traffic. The core of ML models’ detection efficiency relies on the dataset’s quality to train the model. This research proposes a detection framework with an ML model for feeding IDS to detect network traffic anomalies. This detection model uses a dataset constructed from malicious and normal traffic. This research’s significant challenges are the extracted features used to train the ML model about various attacks to distinguish whether it is an anomaly or regular traffic. The dataset ISOT-CID network traffic part uses for the training ML model. We added some significant column features, and we approved that feature supports the ML model in the training phase. The ISOT-CID dataset traffic part contains two types of features, the first extracted from network traffic flow, and the others computed in specific interval time. We also presented a novel column feature added to the dataset and approved that it increases the detection quality. This feature is depending on the rambling packet payload length in the traffic flow. Our presented results and experiment produced by this research are significant and encourage other researchers and us to expand the work as future work.

show abstract

“…Kwon [20] Manna and Alkasassbeh [31] have introduced the latest ML method, such as the J48 decision tree, the random forest, and the REP tree. The proposed process used SNMP-MIB data for the IDS-trained system to detect DOS attacks that could affect the network.…”

Section: Literature Surveymentioning

confidence: 99%

Survey and Performance Analysis of Machine Learning Based Security Threats Detection Approaches in Cloud Computing

Sadavarte

Kurundkar²

2021

IJSRCSEIT

View full text Add to dashboard Cite

Cloud computing is gaining a lot of attention, however, security is a major obstacle to its widespread adoption. Users of cloud services are always afraid of data loss, security threats and availability problems. Recently, machine learning-based methods of threat detection are gaining popularity in the literature with the advent of machine learning techniques. Therefore, the study and analysis of threat detection and prevention strategies are a necessity for cloud protection. With the help of the detection of threats, we can determine and inform the normal and inappropriate activities of users. Therefore, there is a need to develop an effective threat detection system using machine learning techniques in the cloud computing environment. In this paper, we present the survey and comparative analysis of the effectiveness of machine learning-based methods for detecting the threat in a cloud computing environment. The performance assessment of these methods is performed using tests performed on the UNSW-NB15 dataset. In this work, we analyse machine learning models that include Support Vector Machine (SVM), Decision Tree (DT), Naive Bayes (NB), Random Forests (RF) and the K-Nearest neighbour (KNN). Additionally, we have used the most important performance indicators, namely, accuracy, precision, recall and F1 score to test the effectiveness of several methods.

show abstract

Detecting network anomalies using machine learning and SNMP-MIB dataset with IP group

Cited by 13 publications

References 5 publications

Enhancement detection distributed denial of service attacks using hybrid n-gram techniques

Enhancement detection distributed denial of service attacks using hybrid n-gram techniques

Apply machine learning techniques to detect malicious network traffic in cloud computing

Survey and Performance Analysis of Machine Learning Based Security Threats Detection Approaches in Cloud Computing

Contact Info

Product

Resources

About