Implementation of adaptive scheme in evolutionary technique for anomaly-based intrusion detection

Dwivedi, Shubhra; Vardhan, Manu; Tripathi, Sarsij; Shukla, Alok Kumar

doi:10.1007/s12065-019-00293-8

Cited by 45 publications

(29 citation statements)

References 49 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The adaptability and flexibility of the approach need to be enhanced. Dwivedi et al (Dwivedi et al 2020) have proposed a method for anomaly detection where combined Ensemble of Feature Selection (EFS) and one optimization algorithm named Adaptive Grasshopper Optimization Algorithm (AGOA) for identifying different types of attacks. EFS's role is to rank the attributes for further feature selection through AGOA to work as the input in predicting network traffic behavior.…”

Section: Related Workmentioning

confidence: 99%

An Optimal NIDS for VCN Using Feature Selection and Deep Learning Technique

Keserwani

Govil

Pilli

et al. 2021

International Journal of Digital Crime and Forensics

View full text Add to dashboard Cite

In this modern era, due to demand for cloud environments in business, the size, complexity, and chance of attacks to virtual cloud network (VCN) are increased. The protection of VCN is required to maintain the faith of the cloud users. Intrusion detection is essential to secure any network. The existing approaches that use the conventional neural network cannot utilize all information for identifying the intrusions. In this paper, the anomaly-based NIDS for VCN is proposed. For feature selection, grey wolf optimization (GWO) is hybridized with a bald eagle search (BES) algorithm. For classification, a deep learning approach - deep sparse auto-encoder (DSAE) is employed. In this way, this paper proposes a NIDS model for VCN named - GWO-DES-DSAE. The proposed system is simulated in the python programming environment. The proposed NIDS model's performance is compared with other recent approaches for both binary and multi-class classification on the considered datasets - NSL-KDD, UNSW-NB15, and CICIDS 2017 and found better than other methods.

show abstract

Section: Related Workmentioning

confidence: 99%

An Optimal NIDS for VCN Using Feature Selection and Deep Learning Technique

Keserwani

Govil

Pilli

et al. 2021

International Journal of Digital Crime and Forensics

View full text Add to dashboard Cite

show abstract

“…SVM is a machine learning technique to facilitate categorization between two groups. In this, a hyperplane is formed to differentiate between positive and negative samples considering the principle of structural risk minimization [29]. An anticipated characteristic of SVM is that this carries out the classification utilizing support vectors instead of the whole data set, and therefore this is enormously robust for outliers and predicts effectively.…”

Section: Support Vector Machinementioning

confidence: 99%

Distributed Denial-of-Service Prediction on IoT Framework by Learning Techniques

Dwivedi

Vardhan

Tripathi

2020

Open Computer Science

Self Cite

View full text Add to dashboard Cite

Distributed denial-of-service (DDoS) attacks on the Internet of Things (IoT) pose a serious threat to several web-based networks. The intruder’s ability to deal with the power of various cooperating devices to instigate an attack makes its administration even more multifaceted. This complexity can be further increased while lots of intruders attempt to overload an attack against a device. To counter and defend against modern DDoS attacks, several effective and powerful techniques have been used in the literature, such as data mining and artificial intelligence for the intrusion detection system (IDS), but they have some limitations. To overcome the existing limitations, in this study, we propose an intrusion detection mechanism that is an integration of a filter-based selection technique and a machine learning algorithm, called information gain-based intrusion detection system (IGIDS). In addition, IGIDS selects the most relevant features from the original IDS datasets that can help to distinguish typical low-speed DDoS attacks and, then, the selected features are passed on to the classifiers, i.e. support vector machine (SVM), decision tree (C4.5), naïve Bayes (NB) and multilayer perceptron (MLP) to detect attacks. The publicly available datasets as KDD Cup 99, CAIDA DDOS Attack 2007, CONFICKER worm, and UNINA traffic traces, are used for our experimental study. From the results of the simulation, it is clear that IGIDS with C4.5 acquires high detection and accuracy with a low false-positive rate.

show abstract

“…These data have become the targets of illegal activities, which has posed a major threat to network security [1]. Luckily, the intrusion detection system (IDS) [2] can solve these problems well. As an active security technology, IDS monitors networks or hosts and alerts when attacks are detected.…”

Section: Introductionmentioning

confidence: 99%

SAAE-DNN: Deep Learning Method on Intrusion Detection

2020

View full text Add to dashboard Cite

Intrusion detection system (IDS) plays a significant role in preventing network attacks and plays a vital role in the field of national security. At present, the existing intrusion detection methods are generally based on traditional machine learning models, such as random forest and decision tree, but they rely heavily on artificial feature extraction and have relatively low accuracy. To solve the problems of feature extraction and low detection accuracy in intrusion detection, an intrusion detection model SAAE-DNN, based on stacked autoencoder (SAE), attention mechanism and deep neural network (DNN), is proposed. The SAE represents data with a latent layer, and the attention mechanism enables the network to obtain the key features of intrusion detection. The trained SAAE encoder can not only automatically extract features, but also initialize the weights of DNN potential layers to improve the detection accuracy of DNN. We evaluate the performance of SAAE-DNN in binary-classification and multi-classification on an NSL-KDD dataset. The SAAE-DNN model can detect normally and attack symmetrically, with an accuracy of 87.74% and 82.14% (binary-classification and multi-classification), which is higher than that of machine learning methods such as random forest and decision tree. The experimental results show that the model has a better performance than other comparison methods.

show abstract

Implementation of adaptive scheme in evolutionary technique for anomaly-based intrusion detection

Cited by 45 publications

References 49 publications

An Optimal NIDS for VCN Using Feature Selection and Deep Learning Technique

An Optimal NIDS for VCN Using Feature Selection and Deep Learning Technique

Distributed Denial-of-Service Prediction on IoT Framework by Learning Techniques

SAAE-DNN: Deep Learning Method on Intrusion Detection

Contact Info

Product

Resources

About