مطالب مرتبط با کلیدواژه

NSL-KDD dataset


۱.

Intrusion Detection with Low False Alarms using Decision Tree-based SVM Classifier(مقاله علمی وزارت علوم)

تعداد بازدید : ۳۲۴ تعداد دانلود : ۹۳
Todays, Intrusion Detection Systems (IDS) are considered as key components of security networks. However, high false positive and false negative rates are the important problems of these systems. On the other hand, many of the existing solutions in the articles are restricted to class datasets due to the use of a specific technique, but in real applications they may have multi-variant datasets. With the impetus of the facts, this paper presents a new anomaly based intrusion detection system using J48 Decision Tree, Support Vector Classifier (SVC) and k-means clustering algorithm in order to reduce false alarm rates and enhance the system performance. J48 decision tree algorithm is used to select the best features and optimize the dataset. Also, an SVM classifier and a modified k-means clustering algorithm are used to build a profile of normal and anomalous behaviors of dataset. Simulation results on benchmark NSL-KDD, CICIDS2017 and synthetic datasets confirm that the proposed method has significant performance in comparison with previous approaches.
۲.

A Novel Anomaly-based Intrusion Detection System using Whale Optimization Algorithm WOA-Based Intrusion Detection System(مقاله علمی وزارت علوم)

تعداد بازدید : ۳۰۶ تعداد دانلود : ۹۵
The Internet has become an important part of many people’s daily activities. Therefore, numerous attacks threaten Internet users. IDS is a network intrusion detection tool used to quickly identify and categorize intrusions, attacks, or security issues in network-level and host-level infrastructure. Although much research has been done to improve IDS performance, many key issues remain. IDSs need to be able to more accurately detect different types of intrusions with fewer false alarms and other challenges. In this paper, we attempt to improve the performance of IDS using Whale Optimization Algorithm (WOA). The results are compared with other algorithms. NSL-KDD dataset is used to evaluate and compare the results. K-means clustering was chosen for pre-processing after a comparison between some of the existing classifier algorithms. The proposed method has proven to be a competitive method in terms of detection rate and false alarm rate base on a comparison with some of the other existing methods.