مطالب مرتبط با کلیدواژه

Intrusion Detection


۱.

Intrusion Detection with Low False Alarms using Decision Tree-based SVM Classifier(مقاله علمی وزارت علوم)

تعداد بازدید : ۳۲۳ تعداد دانلود : ۹۳
Todays, Intrusion Detection Systems (IDS) are considered as key components of security networks. However, high false positive and false negative rates are the important problems of these systems. On the other hand, many of the existing solutions in the articles are restricted to class datasets due to the use of a specific technique, but in real applications they may have multi-variant datasets. With the impetus of the facts, this paper presents a new anomaly based intrusion detection system using J48 Decision Tree, Support Vector Classifier (SVC) and k-means clustering algorithm in order to reduce false alarm rates and enhance the system performance. J48 decision tree algorithm is used to select the best features and optimize the dataset. Also, an SVM classifier and a modified k-means clustering algorithm are used to build a profile of normal and anomalous behaviors of dataset. Simulation results on benchmark NSL-KDD, CICIDS2017 and synthetic datasets confirm that the proposed method has significant performance in comparison with previous approaches.
۲.

A Novel Anomaly-based Intrusion Detection System using Whale Optimization Algorithm WOA-Based Intrusion Detection System(مقاله علمی وزارت علوم)

تعداد بازدید : ۳۰۶ تعداد دانلود : ۹۵
The Internet has become an important part of many people’s daily activities. Therefore, numerous attacks threaten Internet users. IDS is a network intrusion detection tool used to quickly identify and categorize intrusions, attacks, or security issues in network-level and host-level infrastructure. Although much research has been done to improve IDS performance, many key issues remain. IDSs need to be able to more accurately detect different types of intrusions with fewer false alarms and other challenges. In this paper, we attempt to improve the performance of IDS using Whale Optimization Algorithm (WOA). The results are compared with other algorithms. NSL-KDD dataset is used to evaluate and compare the results. K-means clustering was chosen for pre-processing after a comparison between some of the existing classifier algorithms. The proposed method has proven to be a competitive method in terms of detection rate and false alarm rate base on a comparison with some of the other existing methods.
۳.

An Improved K-Means Clustering Feature Selection and Biogeography Based Optimization for Intrusion Detection(مقاله علمی وزارت علوم)

تعداد بازدید : ۲۱ تعداد دانلود : ۱۶
In order to resolve the issues with Intrusion Detection Systems (IDS), a preprocessing step known as feature selection is utilized. The main objectives of this step are to enhance the accuracy of classification, improve the clustering operation on imbalance dataset and reduce the storage space required. During feature selection, a subset of pertinent and non-duplicative features is chosen from the original set. In this paper, a novel approach for feature selection in intrusion detection is introduced, leveraging an enhanced k-means clustering algorithm. The clustering operation is further improved using the combination of Gravity Search Algorithm (GSA) and Particle Swarm Optimization (PSO) techniques. Additionally, Biogeography Based Optimization (BBO) technique known for its successful performance in addressing classification problems is also employed. To evaluate the proposed approach, it is tested on the UNSW-NB15 intrusion detection dataset. Finally, a comparative analysis is conducted, and the results demonstrate the effectiveness of the proposed approach, in such a way that the value of the detection accuracy parameter in the proposed method was 99.8% and in other methods it was a maximum of 99.2%.