Network Attack Detection Using Machine Learning Methods (original) (raw)
Related papers
Intrusion Detection using Machine Learning Techniques: An Experimental Comparison
2021 International Congress of Advanced Technology and Engineering (ICOTEN)
Due to an exponential increase in the number of cyber-attacks, the need for improved Intrusion Detection Systems (IDS) is apparent than ever. In this regard, Machine Learning (ML) techniques are playing a pivotal role in the early classification of the attacks in case of intrusion detection within the system. However, due to the large number of algorithms available, the selection of the right method is a challenging task. To resolve this issue, this paper analyses some of the current state of the art intrusion detection methods and discusses their pros and cons. Further, a review of different ML methods is carried out with four methods showing to be the most suitable one for classifying attacks. Several algorithms are selected and investigated to evaluate the performance of IDS. These IDS classifies binary and multiclass attacks in terms of detecting whether or not the traffic has been considered as benign or an attack. The experimental results demonstrate that binary classification has greater consistency in their accuracy results which ranged from 0.9938 to 0.9977, while multiclass ranges from 0.9294 to 0.9983. However, it has been also observed that multiclass provides the best results with the algorithm k-Nearest neighbor giving an accuracy score of 0.9983 while the binary classification highest score is 0.9977 from Random Forest. The experimental results demonstrate that multiclass classification produces better performance in terms of intrusion detection by specifically differentiating between the attacks and allowing a more targeted response to an attack.
Machine Learning for Network Intrusion Detection—A Comparative Study
Future Internet
Modern society has quickly evolved to utilize communication and data-sharing media with the advent of the internet and electronic technologies. However, these technologies have created new opportunities for attackers to gain access to confidential electronic resources. As a result, data breaches have significantly impacted our society in multiple ways. To mitigate this situation, researchers have developed multiple security countermeasure techniques known as Network Intrusion Detection Systems (NIDS). Despite these techniques, attackers have developed new strategies to gain unauthorized access to resources. In this work, we propose using machine learning (ML) to develop a NIDS system capable of detecting modern attack types with a very high detection rate. To this end, we implement and evaluate several ML algorithms and compare their effectiveness using a state-of-the-art dataset containing modern attack types. The results show that the random forest model outperforms other models, ...
Detection of Network Attacks using Machine Learning: A New Approach
International Journal for Research in Applied Science & Engineering Technology (IJRASET), 2021
The Cyber-attacks become the most important security problems in the today's world. With the increase in use of computing resources connected to the Internet like computers, mobiles, sensors, IoTs in networks, Big Data, Web Applications/Server, Clouds and other computing resources, hackers and malicious users are planning new ways of network intrusions. Many techniques have been developed to detect these intrusions which are based on data mining and machine learning methods. These intrusions detection techniques have been applied on various IDS datasets. UNSW-NB15 is the latest dataset. This data set contains different modern attack types and wide varieties of real normal activities. In this paper, we compare Naïve Bays algorithm with proposed probability based supervised machine learning algorithms using reduced UNSW NB15 dataset.
INTERNATIONAL JOURNAL OF ADVANCE RESEARCH, IDEAS AND INNOVATIONS IN TECHNOLOGY
In the current era of Big Data, a high volume of data is being grown in vast and the speed of generating the new data is accelerating quickly. Machine Learning algorithms are used for such large datasets to teach computers how to reply to and act like humans. In machine learning with the help of generalization ability, the increase in the size of the training set increases the scope of testing. In this paper, we analyze the results of the attacks classified using Intrusion Detection System, and the training time of Random Forest algorithm is measured by increasing the size of the KDD dataset in intervals thereby observing the changes in the final evaluation metrics obtained
Intrusion Detection System Using Machine Learning Approaches
2018
Network security is becoming an important issue in the field of information security. Hackers and Intruders can make many successful attempts to break down into networks or computer systems, and so overcome the need to create a powerful Intrusion Detection System (IDS) is a primary need. IDS is the art of detecting attacks and any attempt to break down networks, also it‟s an effective tool to prevent unauthorized access to any network by analyzing its traffic. The aim of this research is to build an Intrusion Detection Framework able to classify network activities, „Normal‟ or „Attack‟, using different Machine Learning algorithms, Random Forest (RF), Multi-Layer Perceptron (MLP), and Library for Support Vector Machine (LIBSVM). The proposed model had been tested by using a common dataset called NSL-KDD. This paper investigates two techniques, the first technique is to apply the different Machine Learning algorithms over the NSL-KDD dataset, and the second technique used a Feature Se...
Intrusion Detection Attacks Classification using Machine Learning Techniques
Journal of Computational Science and Intelligent Technologies, 2021
Distributing numerous services over the internet is called Cloud Computing. Applications and tools like networking, data storage, databases, servers, software are examples of the resources. The service provider is required to provide the resource always and from any location. However, the network is the most important factor in gaining access to data in the cloud. When leveraging the cloud network, the cloud threats take advantage. An intrusion Detection System (IDS) observes the network and detects and reports threats. The anomaly method is significant in Intrusion Detection Systems. IDS monitors known and unknown data whenever a virtual machine is developed. If any anonymous data is detected, the Intrusion Detection System identifies it using an anomaly classification algorithm and sends a report to the administrator. Naive Bayes, Decision tree (CART), Support Vector Machine, and random forest techniques are utilized in this work to classify unknown data. These algorithms are assisting in reducing the percentage of false alarms. This proposed work was carried out utilizing the WEKA tool for generating the report, yielding a best result in less computing time.
Network Intrusion Classification Employing Machine Learning: A Survey
2019
In this modern era computer network security is a vital issue. Network security is developed by an efficient Intrusion Detection System (IDS). It is used to identify unauthorized access, malicious attacks and give an alert when monitors any kind of unusual activity. Over the past 30 years, there have been lots of work on intrusion detection system using machine learning algorithms. Basically, realizing the present status of application of machine learning algorithms for solving intrusion classification task, this review work gives a proper guideline. This survey work selected 84 papers based on highest citations number from the years of 2009-2018. This thesis work gives an overview of a different intrusion detection systems, a statistical comparison based on different classifier like single, hybrid and ensemble learning. In addition, we have discussed best machine learning classifiers, best datasets and some feature selections process in this thesis work.
Cybersecurity Attack Detection Model, Using Machine Learning Techniques
Acta Polytechnica Hungarica, 2023
Millions of people use the web every day, in this age of technology and the internet. Protecting the privacy and security of these users is a significant challenge for cybersecurity developers. With tremendous technological advancements, there is a noticeable improvement in the cyber-attackers' capabilities. At the same time, traditional Intrusion Detection Systems (IDS) are no longer effective at detecting intrusions. After the tremendous competences achieved by Artificial Intelligence (AI) techniques in all fields, great interest has developed in its use in the field of cybersecurity. There have been many studies that use Machine Learning (ML)-based intrusion detection systems. Despite the strong performance of ML techniques in detecting malicious activities, some challenges still reduce accuracy of performance. Knowing the proper technique, as well as knowing the features, is essential for effective intrusion detection. Therefore, this study proposes an effective network intrusion detection system based on ML and feature selection techniques. The performance of four ML techniques, the Random Forest (RF), K-Nearest Neighbors (KNN), Support Vector Machine (SVM) and the Decision Tree (DT) systems for intrusion detection are explored. In addition, feature selection techniques are employed for the selection of important features. Among the techniques used, the RF technique achieved the best performance, outperforming other techniques, with an accuracy of 99.72%. This study elaborates on the detection of malicious and benign cyber-attacks, with a new-level, high accuracy.
Classifying network attack types with machine learning approach
2011
The growing rate of network attacks including hacker, cracker, and criminal enterprises have been increasing, which impact to the availability, confidentiality, and integrity of critical information data. In this paper, we propose a network-based Intrusion Detection and Classification System (IDCS) using well-known machine learning technique to classify an online network data that is preprocessed to have only 12 features. The number of features affects to the detection speed and resource consumption. Unlike other intrusion detection approaches where a few attack types are classified, our IDCS can classify normal network activities and identify 17 different attack types. Hence, our detection and classification approach can greatly reduce time to diagnose and prevent the network attacks.
Machine Learning for Networking, 2020
Intrusion and anomaly detection are particularly important in the time of increased vulnerability in computer networks and communication. Therefore, this research aims to detect network intrusion with the highest accuracy and fastest time. To achieve this, nine supervised machine learning algorithms were first applied to the UNSW-NB15 dataset for network anomaly detection. In addition, different attacks are investigated with different mitigation techniques that help determine the types of attacks. Once detection was done, the feature set was reduced according to existing research work to increase the speed of the model without compromising accuracy. Furthermore, seven supervised machine learning algorithms were also applied to the newly released BoT-IoT dataset with around three million network flows. The results show that the Random Forest is the best in terms of accuracy (97.9121%) and Naïve Bayes the fastest algorithm with 0.69s for the UNSW-NB15 dataset. C4.5 is the most accurate one (87.66%), with all the features considered to identify the types of anomalies. For BoT-IoT, six of the seven algorithms have a close to 100% detection rate, except Naïve Bayes.