Intrusion Detection: Supervised Machine Learning

Fares, Ahmed; Sharawy, Mohamed I.; Zayed, Hala H.

doi:10.5626/jcse.2011.5.4.305

Cited by 19 publications

(7 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As presented in Table 3, the KDD Cup 99 dataset contains 22 training attack types. In this paper, mapping of these attack types is performed based on four classes: denial-of-service (DoS), probing, user to root (U2R), and remote to local (R2L) [17]. Specifically speaking, a DoS attack refers to an attack that is performed to prevent the use of service.…”

Section: Data Preprocessingmentioning

confidence: 99%

Performance Comparison of Multi-class SVM with Oversampling Methods for Imbalanced Data Classification

Park

2020

Lecture Notes in Networks and Systems

View full text Add to dashboard Cite

Network traffic data generally comprise a major amount of normal traffic data and a minor amount of attack data. Such an imbalance in the amounts of the two types of data leads to issues such as low prediction performance including misclassifications owing to the estimation bias toward minority data and anomalies. To address this problem, several minority data synthesis models based on the synthetic minority oversampling technique algorithm have been developed. However, in recent years, studies have been actively conducted to synthesize minority data using the newly developed generative adversarial network (GAN) model. In this paper, we examine a GAN based oversampling model to address the data imbalance problem associated with intrusion detection data and compares the performance of the oversampling models. Therefore, the GAN based oversampling model can generate data of a class which has a small number of data so that the problem induced by imbalanced class distribution can be mitigated, and classification performance can be improved. Simulation results using KDD Cup 99 dataset show that the oversampling method using GAN algorithm is effective and that it is superior to existing oversampling methods.

show abstract

Section: Data Preprocessingmentioning

confidence: 99%

Performance Comparison of Multi-class SVM with Oversampling Methods for Imbalanced Data Classification

Park

2020

Lecture Notes in Networks and Systems

View full text Add to dashboard Cite

show abstract

“…Hardware-based ITS utilizes hardware architectures, which are specially designed to prevent certain classes of attacks to maintain crucial services. Hierarchical adaptive control of quality of service for intrusion tolerance architecture includes the diverse replication [3] and networkbased IDS [1], as shown in Fig. 1.…”

Section: A Hardware-based Itsmentioning

confidence: 99%

“…With sophisticated attacks, there are many defendable solutions, such as the detection approach using neural networks [1]. Due to the limitations of the detection approach, a new paradigm is needed.…”

Section: Policy-based Itsmentioning

confidence: 99%

“…Traditional protection techniques, such as intrusion detection systems (IDS) [1], intrusion prevention systems, and firewalls [2], sometimes achieve excellent attack detection and prevention by analyzing previous intrusion records. However, because they are based on existing attack signatures, they cannot detect new and unreported intrusions.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Survey on Intrusion-Tolerant System

Heo¹,

Kim²,

Shin³

et al. 2013

Journal of Computing Science and Engineering

View full text Add to dashboard Cite

Many information systems that provide useful services to people are connected to the Internet for convenience and efficiency. However, improper accessibility might make the systems susceptible to a variety of attacks. Although existing security solutions such as an intrusion detection system, intrusion prevention system, and firewalls have been designed to protect against such attacks, it is impossible to block all kinds of attacks. Furthermore, most of the proposed solutions require information about attacks for efficient prevention. Research on intrusion-tolerant systems (ITSs) have been conducted in order to continue providing proper services in threatening environments. The purpose of an ITS is to survive against every intrusion, rather than to prevent them. In this paper, previous studies on ITS are introduced and classified according to the centric scheme as middleware-based ITS, hardware-based ITS, and recovery-based ITS. Recent research focusing on adaptive transformation schemes is also introduced.Jungmin Lim received a master degree in electronic engineering and engineering from Seoul National University, Korea, in 2005. He is currently working toward Ph.D. degree in computer science from Korea Advanced Institute of Science and Technology, Korea. His main researches include the system security, especially intrusion tolerant system based on adaptive cluster transformation and historical data. Dongyoung KooDongyoung Koo received the B.S. degree in computer science from Yonsei University in 2009, and the M.S. degree in computer science from KAIST in 2012. His research interests include information security, secure cloud computing, and cryptography.

show abstract

“…Intrusion detection can be considered as a classification problem, so all kinds of algorithms are used to detect the network system, e.g. Neural Network algorithm [1], Bayesian algorithm [2] and other Machine learning algorithms [3].However, All of the above methods need a lot of or complete audit data set to achieve the desired performance, and the training time is long. How to extract the characteristics of audit data in the case of small samples, and realize the intrusion detection?…”

Section: Introductionmentioning

confidence: 99%

Cubic Polynomial Smooth Support Vector Machine Used in Intrusion Detection

Cai¹

2016

Proceedings of the 2016 3rd International Conference on Materials Engineering, Manufacturing Technology and Control

View full text Add to dashboard Cite

In the research of intrusion detection, we mainly focus on how to improve the accuracy of detection. Based on the introduction of support vector machine, this paper proposes a cubic polynomial smooth support vector machine model and uses it into intrusion detection. Subsequently we analyze each part of the model. Finally we conducted experiments to show that the proposed algorithm has higher accuracy than similar algorithms in Intrusion Detection.

show abstract

Intrusion Detection: Supervised Machine Learning

Cited by 19 publications

References 10 publications

Performance Comparison of Multi-class SVM with Oversampling Methods for Imbalanced Data Classification

Performance Comparison of Multi-class SVM with Oversampling Methods for Imbalanced Data Classification

A Survey on Intrusion-Tolerant System

Cubic Polynomial Smooth Support Vector Machine Used in Intrusion Detection

Contact Info

Product

Resources

About