Experimental Study of Machine Learning Methods in Anomaly Detection (original) (raw)
Related papers
Classification Ensemble Based Anomaly Detection in Network Traffic
Review of Computer Engineering Research, 2019
Recently, the expansion of information technologies and the exponential increase of the digital data have deepened more the security and confidentiality issues in computer networks. In the Big Data era information security has become the main direction of scientific research and Big Data analytics is considered being the main tool in the solution of information security issue. Anomaly detection is one of the main issues in data analysis and used widely for detecting network threats. The potential sources of outliers can be noise and errors, events, and malicious attacks on the network. In this work, a short review of network anomaly detection methods is given, is looked at related works. In the article, a more exact and simple multi-classifier model is proposed for anomaly detection in network traffic based on Big Data. Experiments have been performed on the NSL-KDD data set by using the Weka. The offered model has shown decent results in terms of anomaly detection accuracy. Contribution/Originality: This study proposed multi-classifier model for increasing anomaly detection accuracy in network traffic. The model consists of the J48, LogitBoost, IBk, AdaBoost, RandomTree classifiers. This work performed a comparative analysis of used classifiers and their combination to see which one will give the best result In study classifiers and their combination have been implemented on NSL-KDD open source dataset using WEKA tool. The results show that the ensemble classifiers provide the better result than using these classifiers individually. The computer network traffic analysis with employment of our model can help network engineers and administrators to create a more reliable network, avoid possible discharges and take precautionary measures.
Analysis of Various Machine Learning Approach to Detect Anomaly from Network Traffic
International journal of computer science and mobile computing, 2022
Although conventional network security measures have been effective up until now, machine learning techniques are a strong contender in the present network environment due to their flexibility. In this study, we evaluate how well the latter can identify security issues in a corporative setting Network. In order to do so, we configure and contrast a number of models to determine which one best our demands. In addition, we spread the computational load and storage to support large quantities of data. Our model-building methods, Random Forest and Naive Bayes.
MAIDEn: A Machine Learning Approach for Intrusion Detection using Ensemble Technique
International Journal of Computer Applications
An Intrusion detection system is a machine or software that monitors the traffic in a network and on detection of a malicious packet, informs the user or a specific acting unit which can take further action and avoid the malicious packet from entering the network. This paper discusses a way to implement an intelligent IDS which classifies the normal traffic in a network with abnormal or attacked ones. This paper explains the method used to generate such a system and the various classifiers used in the generation process. The proposed system of Intrusion Detection, classifies data with three different classifiers and an Ensemble technique which selects the majority of the three classifiers to assign the packet in the network as anomaly or normal. The dataset used to train the classifiers is the NSL-KDD dataset. The IDS proposed serves many applications in the field of Military Systems, Banks and Social Networking websites where data is very sensitive. The paper also explains related work done in this field and briefly explains every classifier, the network attacks and the dataset.
Supervised Machine Learning-Based Classification of Network Threats/Attacks Against Computer Systems
DergiPark (Istanbul University), 2022
With the developing technology, number of people who use computers are increasing nowadays. This increase in computer usage causes an increase in the variety of attacks and the number of attacks against computer systems. This situation reveals the importance of the protection of data processed on the computers and the concept of information security. Thanks to the intrusion detection systems, which have an important place in the protection of computer systems, attacks against computers and computer networks can be detected before they affect systems. Considering the increasing variety of attacks, the development of machine learning-based attack detection systems has been the subject of many studies recently. Although supervised and unsupervised machine learning have separate features, they make different contributions to the areas in which they are used. Within the scope of this study, NSL KDD data set, one of the most frequently used data sets in previous studies to simulate network traffic, was applied to a number of supervised and unsupervised learning algorithms in the WEKA application. When the results are evaluated under certain criteria, it has been determined that supervised learning algorithms give more accurate results, where unsupervised learning algorithms give faster results in the detection of attacks.
Comparative Evaluation of Machine Learning Algorithms for Network Intrusion Detection Using Weka
The past few years has seen computer intrusion attacks becoming more sophisticated and the volume, velocity and variance of traffic data has greatly increased. Because the conventional methods and tools have become impotent in detection of intrusion attacks, most intrusion detection systems now embrace the use of machine learning tools and algorithms for efficiency. This is because of their ability to process large volume, velocity and very high variance data. This work reviews and analyses the performance of three out of the most commonly used machine learning algorithms in network intrusion. In this work, the performance of Naïve Bayes, Decision tree and Random Forest algorithms were evaluated as they were being trained and tested with the KDD CUP 1999 data set from DARPA using a big data and machine learning tool called Weka. These classification algorithms are evaluated based on their precision, sensitivity and accuracy.
A Result Analysis of Supervised Machine Learning Approach to Detect Anomaly from Network Traffic
International journal of computer science and mobile computing, 2022
Supervised Machine Learning (SML) is the quest for algorithms that reason from externally given cases to develop general hypotheses, which subsequently make predictions about future instances. Supervised categorization is one of the jobs most commonly carried out by the intelligent systems. This article presents numerous Supervised Machine Learning (ML) classification strategies, evaluates various supervised learning algorithms as well as finds the most effective classification algorithm depending on the data set, the number of instances and variables (features) (features). Seven alternative machine learning methods were considered: Decision Table, Random Forest (RF) , Naïve Bayes (NB) , Support Vector Machine (SVM), utilizing Waikato Environment for Knowledge Analysis (WEKA)machine learning program. To develop the algorithms, Diabetes data set was utilized for the classification with 786 cases with eight attributes as independent variable and one as dependent variable for the analysis. The findings suggest that SVM was determined to be the method with maximum precision and accuracy. Naïve Bayes and Random Forest classification algorithms were shown to be the next accurate after SVM appropriately. The research demonstrates that time spent to create a model and precision (accuracy) is a factor on one hand; while kappa statistic and Mean Absolute Error (MAE) is another element on the other side. Therefore, ML techniques demands precision, accuracy and least error to have supervised predictive machine learning.
A Machine Learning Approach for Intrusion Detection using Ensemble Technique-A Survey
An Intrusion detection system is a machine or software that monitors the traffic in a network and on detection of a malicious packet, informs the user or a specific acting unit which can take further action and avoid the malicious packet from entering the network. In network intrusion, there may be multiple computing nodes attacked by intruders. The evidences of intrusions have to gather from all such attacked nodes. An intruder may move between multiple nodes in the network to conceal the origin of attack, or misuse some compromised hosts to launch the attack on other nodes. To detect such intrusion activities spread over the whole network, we present a new intrusion detection system (IDS) that classifies data with three different classifiers and an Ensemble technique that selects the majority of the three classifiers to assign the packet in the network as anomaly or normal. In this paper, we discuss a different ways to implement intelligent IDS, which classifies the normal traffic...
Application of Machine Learning Approaches in Intrusion Detection System: A Survey
Network security is one of the major concerns of the modern era. With the rapid development and massive usage of internet over the past decade, the vulnerabilities of network security have become an important issue. Intrusion detection system is used to identify unauthorized access and unusual attacks over the secured networks. Over the past years, many studies have been conducted on the intrusion detection system. However, in order to understand the current status of implementation of machine learning techniques for solving the intrusion detection problems this survey paper enlisted the 49 related studies in the time frame between 2009 and 2014 focusing on the architecture of the single, hybrid and ensemble classifier design. This survey paper also includes a statistical comparison of classifier algorithms, datasets being used and some other experimental setups as well as consideration of feature selection step.
Prediction of Network Attacks Using Machine Learning Techniques
International Journal of Engineering Applied Sciences and Technology
The networked systems become more and more pervasive and businesses still acquire a lot of sensitive data online, so that the quantity and class of cyber-attacks and network security breaches has risen dramatically. There are also instances that so many volumes of data are hacked even without the knowledge of the people concerned. So far setting an Intrusion Detection System (IDS), it is obvious to set the true working environment to model the possibilities of attacks. Therefore, it is imperative to design a software that will be able to identify network intrusions, in order to protect a computer network from the unknown users. For overcoming this challenge, it is essential to predict whether the connection is targeted or not from KDDCup99 dataset utilizing machine learning techniques. The objective of this work is to investigate machine learning based algorithms for enhancing packet connection transfers forecasting using ensemble learning voting classifier techniques. It is propose...
Anomaly based Intrusion Detection System using Machine Learning
IJRASET, 2021
Attacks on the computer infrastructures are becoming an increasingly serious issue. The problem is ubiquitous and we need a reliable system to prevent it. An anomaly detection-based network intrusion detection system is vital to any security framework within a computer network. The existing Intrusion detection system have a high detection rate but they also have mendacious alert rates. With the use of Machine Learning, we can implement an efficient and reliable model for Intrusion detection and stop some of the hazardous attacks in the network. This paper focuses on detailed study on NSL-KDD dataset after extracting some of the relevant records and then several experiments have been performed and evaluated to assess various machine learning classifiers based on dataset. The implemented experiments demonstrated that the Random forest classifier has achieved the highest average accuracy and has outperformed the other models in various evaluations.