UNR-IDD: Intrusion Detection Dataset using Network Port Statistics

Das, Tapadhir; Hamdan, Osama Abu; Shukla, Ram Chandra; Sengupta, Shamik; Arslan, Engin

doi:10.36227/techrxiv.19877311.v1

Cited by 2 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This section shows a discussion of the LightGBM Algorithm, which is known as data-driven AI. 30 LightGBM is a decision-tree-based gradient-boosting ensemble approach utilized by the train using auto ML tool. LightGBM may be used for classification and regression, much as other decision tree-based methods.…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

OptimizedLightGBMmodel for security and privacy issues incyber‐physicalsystems

Dalal

Poongodi

Lilhore

et al. 2023

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Integrating physical, computational, and networking resources are the goal of cyber‐physical systems, also known as smart‐embedded systems. By investing in a solid foundation, we can improve the usefulness and timeliness of the services we rely on in every facet of our lives and ultimately live more elegantly. Regarding modern technology, data security is a significant factor that must be considered. The complexity of cyber‐physical systems' interacting components and middleware presents serious hurdles when it comes to protecting them from cyber‐attacks without negatively impacting their performance. This article proposes a unique, efficient encryption technique for anticipating cyber assaults in cyber‐physical systems, which addresses these concerns. The suggested method uses Bayesian optimization techniques to fine‐tune the LightGBM algorithm's hyper‐parameters. This proposed algorithm has been implemented on the intrusion detection dataset (UNR‐IDD) from the University of Nevada. Reno has been used to test the suggested approach. The proposed system achieved 99.17% accuracy, 0.9918 precision, and 0.9922 recall values. Our empirical evaluation demonstrates that the algorithm successfully increases accuracy and AUC value, making the cyber‐physical system more secure. In turn, the suggested methodology may offer robust assurance for user data safety.

show abstract

Section: Methodsmentioning

confidence: 99%

“…This section shows a discussion of the LightGBM Algorithm, which is known as data‐driven AI 30 . LightGBM is a decision‐tree‐based gradient‐boosting ensemble approach utilized by the train using auto ML tool.…”

Section: Methodsmentioning

confidence: 99%

OptimizedLightGBMmodel for security and privacy issues incyber‐physicalsystems

Dalal

Poongodi

Lilhore

et al. 2023

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…All SDN controllers communicate with a centralized command center as seen in Figure 2. For experimentation, we are using the UNR-IDD dataset [39], as it is a relevant NIDS dataset for our experiments. The dataset contains 37,412 data samples and 34 features per sample and possesses multiple control and data plane attacks that can occur on SDN setups like TCP-SYN, Flow Table Overflow, Traffic Diversion, Blackhole, and Port Scanning.…”

Section: Experimental Results and Analysis A Setupmentioning

confidence: 99%

Bringing To Light: Adversarial Poisoning Detection in Multi-controller Software-defined Networks

Das¹,

Shukla²,

Rath³

et al. 2023

Preprint

View full text Add to dashboard Cite

<p>Machine learning (ML)-based network intrusion detection systems (NIDS) have become a contemporary approach to efficiently protect network communications from cyber attacks. However, ML models can become exploited by adversarial poisonings, like random label manipulation (RLM), which can compromise multi-controller software-defined network (MSDN) operations. In this paper, we develop the Trans-controller Adversarial Perturbation Detection (TAPD) framework for NIDS in multi-controller SDN setups. The detection framework takes advantage of the SDN architecture and focuses on the periodic transference of network intrusion detection models across the SDN controllers in the topology, and validates the models using the local datasets to calculate errors in their predictions with the ground truth. We demonstrate the efficacy of this framework in detecting RLM attacks in an MSDN setup. Results indicate efficient detection performance achieved by the TAPD framework in determining the presence of Random Label Manipulation attacks and the localization of the compromised controllers. We find that the framework works well even when there is a significant number of compromised agents in a large multi-controller setting. However, the performance begins to deteriorate when more than 40% of the SDN controllers in the MSDN have become compromised. </p>

show abstract

UNR-IDD: Intrusion Detection Dataset using Network Port Statistics

Cited by 2 publications

References 0 publications

OptimizedLightGBMmodel for security and privacy issues incyber‐physicalsystems

OptimizedLightGBMmodel for security and privacy issues incyber‐physicalsystems

Bringing To Light: Adversarial Poisoning Detection in Multi-controller Software-defined Networks

Contact Info

Product

Resources

About