Study on deep neural networks and big data is merging now by several aspects to enhance the capabilities of intrusion detection system (IDS). Many IDS models has been introduced to provide security over big data. This study focuses on the intrusion detection in computer networks using big datasets. The advent of big data has agitated the comprehensive assistance in cyber security by forwarding a brunch of affluent algorithms to classify and analysis patterns and making a better prediction more efficiently. In this study, to detect intrusion a detection model has been propounded applying deep neural networks. We applied the suggested model on the latest dataset available at online, formatted with packet based, flow based data and some additional metadata. The dataset is labeled and imbalanced with 79 attributes and some classes having much less training samples compared to other classes. The proposed model is build using Keras and Google Tensorflow deep learning environment. Experimental result shows that intrusions are detected with the accuracy over 99% for both binary and multiclass classification with selected best features. Receiver operating characteristics (ROC) and precision-recall curve average score is also 1. The outcome implies that Deep Neural Networks offers a novel research model with great accuracy for intrusion detection model, better than some models presented in the literature.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
Evaluation of network intrusion detection using markov chainIJCI JOURNAL
Day today life internet threat has been increased significantly. There is a need to develop model in order to
maintain security of system. The most effective techniques are Intrusion Detection System (IDS).The
purpose of intrusion system through the security devices detect and deal with it. In this paper, a
mathematical approach is used effectively to predict and detect intrusion in the network. Here we discuss
about two algorithms ‘K-Means + Apriori’, a method which classify normal and abnormal activities in
computer network. In K-Means process, it partitions the training set into K-clusters using Euclidean
distance and introduce an outlier factor, then it build Apriori Algorithm to prune the data by removing
infrequent data in the database. Based on defined state the degree of incoming data is evaluated through
the experiment using sample DARPA2000 dataset, and achieves high detection performance in level of
attack in stages.
Classification Rule Discovery Using Ant-Miner Algorithm: An Application Of N...IJMER
Enormous studies on intrusion detection have widely applied data mining techniques to
finding out the useful knowledge automatically from large amount of databases, while few studies have
proposed classification data mining approaches. In an actual risk assessment process, the discovery of
intrusion detection prediction knowledge from experts is still regarded as an important task because
experts’ predictions depend on their subjectivity. Traditional statistical techniques and artificial
intelligence techniques are commonly used to solve this classification decision making. This paper
proposes an ant-miner based data mining method for discovering network intrusion detection rules from
large dataset. The obtained result of this experiment shows that clearly the ant-miner is superior than
ID3, J48, ADtree, BFtree, Simple cart. Although different classification models have been developed for
network intrusion detection, each of them has its strength and weakness, including the most commonly
applied Support Vector Machine(SVM)method and the clustering based on Self Organized Ant Colony
Network (CSOACN).Our algorithm is implemented and evaluated using a standard bench mark KDD99
dataset. Experiments show that ant-miner algorithm out performs than other methods in terms of both
classification rate and accuracy
A survey of Network Intrusion Detection using soft computing Techniqueijsrd.com
with the impending era of internet, the network security has become the key foundation for lot of financial and business application. Intrusion detection is one of the looms to resolve the problem of network security. An Intrusion Detection System (IDS) is a program that analyses what happens or has happened during an execution and tries to find indications that the computer has been misused. Here we propose a new approach by utilizing neuro fuzzy and support vector machine with fuzzy genetic algorithm for higher rate of detection.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
Evaluation of network intrusion detection using markov chainIJCI JOURNAL
Day today life internet threat has been increased significantly. There is a need to develop model in order to
maintain security of system. The most effective techniques are Intrusion Detection System (IDS).The
purpose of intrusion system through the security devices detect and deal with it. In this paper, a
mathematical approach is used effectively to predict and detect intrusion in the network. Here we discuss
about two algorithms ‘K-Means + Apriori’, a method which classify normal and abnormal activities in
computer network. In K-Means process, it partitions the training set into K-clusters using Euclidean
distance and introduce an outlier factor, then it build Apriori Algorithm to prune the data by removing
infrequent data in the database. Based on defined state the degree of incoming data is evaluated through
the experiment using sample DARPA2000 dataset, and achieves high detection performance in level of
attack in stages.
Classification Rule Discovery Using Ant-Miner Algorithm: An Application Of N...IJMER
Enormous studies on intrusion detection have widely applied data mining techniques to
finding out the useful knowledge automatically from large amount of databases, while few studies have
proposed classification data mining approaches. In an actual risk assessment process, the discovery of
intrusion detection prediction knowledge from experts is still regarded as an important task because
experts’ predictions depend on their subjectivity. Traditional statistical techniques and artificial
intelligence techniques are commonly used to solve this classification decision making. This paper
proposes an ant-miner based data mining method for discovering network intrusion detection rules from
large dataset. The obtained result of this experiment shows that clearly the ant-miner is superior than
ID3, J48, ADtree, BFtree, Simple cart. Although different classification models have been developed for
network intrusion detection, each of them has its strength and weakness, including the most commonly
applied Support Vector Machine(SVM)method and the clustering based on Self Organized Ant Colony
Network (CSOACN).Our algorithm is implemented and evaluated using a standard bench mark KDD99
dataset. Experiments show that ant-miner algorithm out performs than other methods in terms of both
classification rate and accuracy
A survey of Network Intrusion Detection using soft computing Techniqueijsrd.com
with the impending era of internet, the network security has become the key foundation for lot of financial and business application. Intrusion detection is one of the looms to resolve the problem of network security. An Intrusion Detection System (IDS) is a program that analyses what happens or has happened during an execution and tries to find indications that the computer has been misused. Here we propose a new approach by utilizing neuro fuzzy and support vector machine with fuzzy genetic algorithm for higher rate of detection.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
An approach for ids by combining svm and ant colony algorithmeSAT Journals
Abstract This piece of work researches the intrusion detection problem of the network sanctuary; the primary task is to classify network behavior as normal or abnormal while reducing misclassification. In this paper, two efficient data mining algorithms are combined together to detect the network intrusion. Combining SVM and Ant colony (CSVAC) used for well-organized data classification, this technique takes the advantage of both the algorithm while avoiding their weaknesses. This algorithm is implemented and evaluated using standard benchmark KDDCUP99 data set. Experimental results drastically well produce superior results than the other algorithm in terms of accuracy rate and run time efficiency, and this algorithm able to detect the new types of attacks Keywords: Intrusion Detection; Support Vector Machine; Ant colony; Combined Support vector with ant colony
The main goal of Intrusion Detection Systems (IDSs) is
to detect intrusions. This kind of detection system represents a
significant tool in traditional computer based systems for ensuring
cyber security. IDS model can be faster and reach more accurate
detection rates, by selecting the most related features from the
input dataset. Feature selection is an important stage of any IDs to
select the optimal subset of features that enhance the process of the
training model to become faster and reduce the complexity while
preserving or enhancing the performance of the system. In this
paper, we proposed a method that based on dividing the input
dataset into different subsets according to each attack. Then we
performed a feature selection technique using information gain
filter for each subset. Then the optimal features set is generated by
combining the list of features sets that obtained for each attack.
Experimental results that conducted on NSL-KDD dataset shows
that the proposed method for feature selection with fewer features,
make an improvement to the system accuracy while decreasing the
complexity. Moreover, a comparative study is performed to the
efficiency of technique for feature selection using different
classification methods. To enhance the overall performance,
another stage is conducted using Random Forest and PART on
voting learning algorithm. The results indicate that the best
accuracy is achieved when using the product probability rule.
Now a day the technology is improving day by day. The wired network has been changed to wireless network. There are many advantages of wireless network over wired network. One of the main advantage is we can walk around freely in a network area and accesses internet. Security is one of the challenging issues. Intrusion Detection System is one of the systematic ways to detect malicious node in a mobile ad hoc network MANET and it is driven by battery power. This paper gives a survey on various intrusion detection systems in MANET. Praveen Mourya | Prof. Avinash Sharma ""Review on Intrusion Detection in MANETs"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-2 , February 2020, URL: https://www.ijtsrd.com/papers/ijtsrd29970.pdf
Paper Url : https://www.ijtsrd.com/engineering/computer-engineering/29970/review-on-intrusion-detection-in-manets/praveen-mourya
A SURVEY ON THE USE OF DATA CLUSTERING FOR INTRUSION DETECTION SYSTEM IN CYBE...IJNSA Journal
In the present world, it is difficult to realize any computing application working on a standalone computing device without connecting it to the network. A large amount of data is transferred over the network from one device to another. As networking is expanding, security is becoming a major concern. Therefore, it has become important to maintain a high level of security to ensure that a safe and secure connection is established among the devices. An intrusion detection system (IDS) is therefore used to differentiate between the legitimate and illegitimate activities on the system. There are different techniques are used for detecting intrusions in the intrusion detection system. This paper presents the different clustering techniques that have been implemented by different researchers in their relevant articles. This survey was carried out on 30 papers and it presents what different datasets were used by different researchers and what evaluation metrics were used to evaluate the performance of IDS. This paper also highlights the pros and cons of each clustering technique used for IDS, which can be used as a basis for future work.
LSTM deep learning method for network intrusion detection system IJECEIAES
The security of the network has become a primary concern for organizations. Attackers use different means to disrupt services, these various attacks push to think of a new way to block them all in one manner. In addition, these intrusions can change and penetrate the devices of security. To solve these issues, we suggest, in this paper, a new idea for Network Intrusion Detection System (NIDS) based on Long Short-Term Memory (LSTM) to recognize menaces and to obtain a long-term memory on them, in order to stop the new attacks that are like the existing ones, and at the same time, to have a single mean to block intrusions. According to the results of the experiments of detections that we have realized, the Accuracy reaches up to 99.98 % and 99.93 % for respectively the classification of two classes and several classes, also the False Positive Rate (FPR) reaches up to only 0,068 % and 0,023 % for respectively the classification of two classes and several classes, which proves that the proposed model is effective, it has a great ability to memorize and differentiate between normal traffic and attacks, and its identification is more accurate than other Machine Learning classifiers.
Current issues - International Journal of Network Security & Its Applications...IJNSA Journal
nternational Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
A Survey of Various Intrusion Detection Systemsijsrd.com
In this paper, we present an overview of existing intrusion detection techniques. All these algorithms are described more or less on their own. Intrusion detection system is a very popular and computationally expensive task. We also explain the fundamentals of intrusion detection system. We describe today's approaches for intrusion detection system. From the broad variety of efficient techniques that have been developed we will compare the most important ones. We will systematize the techniques and analyze their performance based on both their run time performance and theoretical considerations. Their strengths and weaknesses are also investigated. It turns out that the behavior of the algorithms is much more similar as to be expected.
Integrated Framework for Secure and Energy Efficient Communication System in ...IJECEIAES
Irrespective of different forms and strategies implementing for securing Wireless Sensor Network (WSN), there are very less strategies that offers cost effective security over heterogeneous network. Therefore, this paper presents an integrated set of different processes that emphasize over secure routing, intellectual and delay-compensated routing, and optimization principle with a sole intention of securing the communication to and from the sensor nodes during data aggregation. The processed system advocates the non-usage of complex cryptography and encourages the usage of probability their and analytical modelling in order to render more practical implementation. The simulated outcome of study shows that proposed system offers reduced delay, more throughputs, and reduced energy consumption in contrast to existing system.
Multi-stage secure clusterhead selection using discrete rule-set against unkn...IJECEIAES
Security is the rising concern of the wireless network as there are various forms of reonfigurable network that is arised from it. Wireless sensor network (WSN) is one such example that is found to be an integral part of cyber-physical system in upcoming times. After reviewing the existing system, it can be seen that there are less dominant and robust solutions towards mitigating the threats of upcoming applications of WSN. Therefore, this paper introduces a simple and cost-effective modelling of a security system that offers security by ensuring secure selection of clusterhead during the data aggregation process in WSN. The proposed system also makes construct a rule-set in order to learn the nature of the communication iin order to have a discrete knowledge about the intensity of adversaries. With an aid of simulation-based approach over MEMSIC nodes, the proposed system was proven to offer reduced energy consumption with good data delivery performance in contrast to existing approach.
AN EFFICIENT INTRUSION DETECTION SYSTEM WITH CUSTOM FEATURES USING FPA-GRADIE...IJCNCJournal
An efficient Intrusion Detection System has to be given high priority while connecting systems with a network to prevent the system before an attack happens. It is a big challenge to the network security group to prevent the system from a variable types of new attacks as technology is growing in parallel. In this paper, an efficient model to detect Intrusion is proposed to predict attacks with high accuracy and less false-negative rate by deriving custom features UNSW-CF by using the benchmark intrusion dataset UNSW-NB15. To reduce the learning complexity, Custom Features are derived and then Significant Features are constructed by applying meta-heuristic FPA (Flower Pollination algorithm) and MRMR (Minimal Redundancy and Maximum Redundancy) which reduces learning time and also increases prediction accuracy. ENC (ElasicNet Classifier), KRRC (Kernel Ridge Regression Classifier), IGBC (Improved Gradient Boosting Classifier) is employed to classify the attacks in the datasets UNSW-CF, UNSW and recorded that UNSW-CF with derived custom features using IGBC integrated with FPA provided high accuracy of 97.38% and a low error rate of 2.16%. Also, the sensitivity and specificity rate for IGB attains a high rate of 97.32% and 97.50% respectively.
Survey of network anomaly detection using markov chainijcseit
Recently an internet threat has been increased. Our motive is detect the intrusion in the network in concise.
The real time issue such as DoS attack in banking, companies, industries and organization have been
increased significantly IDS has been used in both server and host side. The major challenge is to effectively
predict the periods of threats and protect the server from the unauthorized user. In this study, a novel
probabilistic approach is proposed effectively to detect the network intrusions. It uses a Markov chain for
probabilistic modelling of abnormal events in network systems. The degree of abnormality of the incoming
data is performed on the basis of the network states.
Detecting network attacks model based on a convolutional neural network IJECEIAES
Due to the increasing use of networks at present, Internet systems have raised many security problems, and statistics indicate that the rate of attacks or intrusions has increased excessively annually, and in the event of any malicious attack on network vulnerabilities or information systems, it may lead to serious disasters, violating policies on network security, i.e., “confidentiality, integrity, and availability” (CIA). Therefore, many detection systems, such as the intrusion detection system, appeared. In this paper, we built a system that detects network attacks using the latest machine learning algorithms and a convolutional neural network based on a dataset of the CSE-CIC-IDS2018. It is a recent dataset that contains a set of common and recent attacks. The detection rate is 99.7%, distinguishing between aggressive attacks and natural assertiveness.
Deep learning algorithms for intrusion detection systems in internet of thin...IJECEIAES
Due to technological advancements in recent years, the availability and usage of smart electronic gadgets have drastically increased. Adoption of these smart devices for a variety of applications in our day-to-day life has become a new normal. As these devices collect and store data, which is of prime importance, securing is a mandatory requirement by being vigilant against intruders. Many traditional techniques are prevailing for the same, but they may not be a good solution for the devices with resource constraints. The impact of artificial intelligence is not negligible in this concern. This study is an attempt to understand and analyze the performance of deep learning algorithms in intrusion detection. A comparative analysis of the performance of deep neural network, convolutional neural network, and long short-term memory using the CIC-IDS 2017 dataset.
Machine learning-based intrusion detection system for detecting web attacksIAESIJAI
The increasing use of smart devices results in a huge amount of data, which raises concerns about personal data, including health data and financial data. This data circulates on the network and can encounter network traffic at any time. This traffic can either be normal traffic or an intrusion created by hackers with the aim of injecting abnormal traffic into the network. Firewalls and traditional intrusion detection systems detect attacks based on signature patterns. However, this is not sufficient to detect advanced or unknown attacks. To detect different types of unknown attacks, the use of intelligent techniques is essential. In this paper, we analyse some machine learning techniques proposed in recent years. In this study, several classifications were made to detect anomalous behaviour in network traffic. The models were built and evaluated based on the Canadian Institute for Cybersecurity-intrusion detection systems dataset released in 2017 (CIC-IDS-2017), which includes both current and historical attacks. The experiments were conducted using decision tree, random forest, logistic regression, gaussian naïve bayes, adaptive boosting, and their ensemble approach. The models were evaluated using various evaluation metrics such as accuracy, precision, recall, F1-score, false positive rate, receiver operating characteristic curve, and calibration curve.
ATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIERCSEIJJournal
The widespread use of the Internet has an adverse effect of being vulnerable to cyber attacks. Defensive
mechanisms like firewalls and IDSs have evolved with a lot of research contributions happening in these
areas. Machine learning techniques have been successfully used in these defense mechanisms especially
IDSs. Although they are effective to some extent in identifying new patterns and variants of existing
malicious patterns, many attacks are still left as undetected. The objective is to develop an algorithm for
detecting malicious domains based on passive traffic measurements. In this paper, an anomaly-based
intrusion detection system based on an ensemble based machine learning classifier called Random Forest
with gradient boosting is deployed. NSL-KDD cup dataset is used for analysis and out of 41 features, 32
features were identified as significant using feature discretion. Our observations confirm the conjecture
that both the feature selection and stochastic based genetic operators improves the accuracy and the
effectiveness. The training time is shown to be reduced tremendously by 98.59% and accuracy improved to
98.75%.
Attack Detection Availing Feature Discretion using Random Forest ClassifierCSEIJJournal
The widespread use of the Internet has an adverse effect of being vulnerable to cyber attacks. Defensive
mechanisms like firewalls and IDSs have evolved with a lot of research contributions happening in these
areas. Machine learning techniques have been successfully used in these defense mechanisms especially
IDSs. Although they are effective to some extent in identifying new patterns and variants of existing
malicious patterns, many attacks are still left as undetected. The objective is to develop an algorithm for
detecting malicious domains based on passive traffic measurements. In this paper, an anomaly-based
intrusion detection system based on an ensemble based machine learning classifier called Random Forest
with gradient boosting is deployed. NSL-KDD cup dataset is used for analysis and out of 41 features, 32
features were identified as significant using feature discretion.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
An approach for ids by combining svm and ant colony algorithmeSAT Journals
Abstract This piece of work researches the intrusion detection problem of the network sanctuary; the primary task is to classify network behavior as normal or abnormal while reducing misclassification. In this paper, two efficient data mining algorithms are combined together to detect the network intrusion. Combining SVM and Ant colony (CSVAC) used for well-organized data classification, this technique takes the advantage of both the algorithm while avoiding their weaknesses. This algorithm is implemented and evaluated using standard benchmark KDDCUP99 data set. Experimental results drastically well produce superior results than the other algorithm in terms of accuracy rate and run time efficiency, and this algorithm able to detect the new types of attacks Keywords: Intrusion Detection; Support Vector Machine; Ant colony; Combined Support vector with ant colony
The main goal of Intrusion Detection Systems (IDSs) is
to detect intrusions. This kind of detection system represents a
significant tool in traditional computer based systems for ensuring
cyber security. IDS model can be faster and reach more accurate
detection rates, by selecting the most related features from the
input dataset. Feature selection is an important stage of any IDs to
select the optimal subset of features that enhance the process of the
training model to become faster and reduce the complexity while
preserving or enhancing the performance of the system. In this
paper, we proposed a method that based on dividing the input
dataset into different subsets according to each attack. Then we
performed a feature selection technique using information gain
filter for each subset. Then the optimal features set is generated by
combining the list of features sets that obtained for each attack.
Experimental results that conducted on NSL-KDD dataset shows
that the proposed method for feature selection with fewer features,
make an improvement to the system accuracy while decreasing the
complexity. Moreover, a comparative study is performed to the
efficiency of technique for feature selection using different
classification methods. To enhance the overall performance,
another stage is conducted using Random Forest and PART on
voting learning algorithm. The results indicate that the best
accuracy is achieved when using the product probability rule.
Now a day the technology is improving day by day. The wired network has been changed to wireless network. There are many advantages of wireless network over wired network. One of the main advantage is we can walk around freely in a network area and accesses internet. Security is one of the challenging issues. Intrusion Detection System is one of the systematic ways to detect malicious node in a mobile ad hoc network MANET and it is driven by battery power. This paper gives a survey on various intrusion detection systems in MANET. Praveen Mourya | Prof. Avinash Sharma ""Review on Intrusion Detection in MANETs"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-2 , February 2020, URL: https://www.ijtsrd.com/papers/ijtsrd29970.pdf
Paper Url : https://www.ijtsrd.com/engineering/computer-engineering/29970/review-on-intrusion-detection-in-manets/praveen-mourya
A SURVEY ON THE USE OF DATA CLUSTERING FOR INTRUSION DETECTION SYSTEM IN CYBE...IJNSA Journal
In the present world, it is difficult to realize any computing application working on a standalone computing device without connecting it to the network. A large amount of data is transferred over the network from one device to another. As networking is expanding, security is becoming a major concern. Therefore, it has become important to maintain a high level of security to ensure that a safe and secure connection is established among the devices. An intrusion detection system (IDS) is therefore used to differentiate between the legitimate and illegitimate activities on the system. There are different techniques are used for detecting intrusions in the intrusion detection system. This paper presents the different clustering techniques that have been implemented by different researchers in their relevant articles. This survey was carried out on 30 papers and it presents what different datasets were used by different researchers and what evaluation metrics were used to evaluate the performance of IDS. This paper also highlights the pros and cons of each clustering technique used for IDS, which can be used as a basis for future work.
LSTM deep learning method for network intrusion detection system IJECEIAES
The security of the network has become a primary concern for organizations. Attackers use different means to disrupt services, these various attacks push to think of a new way to block them all in one manner. In addition, these intrusions can change and penetrate the devices of security. To solve these issues, we suggest, in this paper, a new idea for Network Intrusion Detection System (NIDS) based on Long Short-Term Memory (LSTM) to recognize menaces and to obtain a long-term memory on them, in order to stop the new attacks that are like the existing ones, and at the same time, to have a single mean to block intrusions. According to the results of the experiments of detections that we have realized, the Accuracy reaches up to 99.98 % and 99.93 % for respectively the classification of two classes and several classes, also the False Positive Rate (FPR) reaches up to only 0,068 % and 0,023 % for respectively the classification of two classes and several classes, which proves that the proposed model is effective, it has a great ability to memorize and differentiate between normal traffic and attacks, and its identification is more accurate than other Machine Learning classifiers.
Current issues - International Journal of Network Security & Its Applications...IJNSA Journal
nternational Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
A Survey of Various Intrusion Detection Systemsijsrd.com
In this paper, we present an overview of existing intrusion detection techniques. All these algorithms are described more or less on their own. Intrusion detection system is a very popular and computationally expensive task. We also explain the fundamentals of intrusion detection system. We describe today's approaches for intrusion detection system. From the broad variety of efficient techniques that have been developed we will compare the most important ones. We will systematize the techniques and analyze their performance based on both their run time performance and theoretical considerations. Their strengths and weaknesses are also investigated. It turns out that the behavior of the algorithms is much more similar as to be expected.
Integrated Framework for Secure and Energy Efficient Communication System in ...IJECEIAES
Irrespective of different forms and strategies implementing for securing Wireless Sensor Network (WSN), there are very less strategies that offers cost effective security over heterogeneous network. Therefore, this paper presents an integrated set of different processes that emphasize over secure routing, intellectual and delay-compensated routing, and optimization principle with a sole intention of securing the communication to and from the sensor nodes during data aggregation. The processed system advocates the non-usage of complex cryptography and encourages the usage of probability their and analytical modelling in order to render more practical implementation. The simulated outcome of study shows that proposed system offers reduced delay, more throughputs, and reduced energy consumption in contrast to existing system.
Multi-stage secure clusterhead selection using discrete rule-set against unkn...IJECEIAES
Security is the rising concern of the wireless network as there are various forms of reonfigurable network that is arised from it. Wireless sensor network (WSN) is one such example that is found to be an integral part of cyber-physical system in upcoming times. After reviewing the existing system, it can be seen that there are less dominant and robust solutions towards mitigating the threats of upcoming applications of WSN. Therefore, this paper introduces a simple and cost-effective modelling of a security system that offers security by ensuring secure selection of clusterhead during the data aggregation process in WSN. The proposed system also makes construct a rule-set in order to learn the nature of the communication iin order to have a discrete knowledge about the intensity of adversaries. With an aid of simulation-based approach over MEMSIC nodes, the proposed system was proven to offer reduced energy consumption with good data delivery performance in contrast to existing approach.
AN EFFICIENT INTRUSION DETECTION SYSTEM WITH CUSTOM FEATURES USING FPA-GRADIE...IJCNCJournal
An efficient Intrusion Detection System has to be given high priority while connecting systems with a network to prevent the system before an attack happens. It is a big challenge to the network security group to prevent the system from a variable types of new attacks as technology is growing in parallel. In this paper, an efficient model to detect Intrusion is proposed to predict attacks with high accuracy and less false-negative rate by deriving custom features UNSW-CF by using the benchmark intrusion dataset UNSW-NB15. To reduce the learning complexity, Custom Features are derived and then Significant Features are constructed by applying meta-heuristic FPA (Flower Pollination algorithm) and MRMR (Minimal Redundancy and Maximum Redundancy) which reduces learning time and also increases prediction accuracy. ENC (ElasicNet Classifier), KRRC (Kernel Ridge Regression Classifier), IGBC (Improved Gradient Boosting Classifier) is employed to classify the attacks in the datasets UNSW-CF, UNSW and recorded that UNSW-CF with derived custom features using IGBC integrated with FPA provided high accuracy of 97.38% and a low error rate of 2.16%. Also, the sensitivity and specificity rate for IGB attains a high rate of 97.32% and 97.50% respectively.
Survey of network anomaly detection using markov chainijcseit
Recently an internet threat has been increased. Our motive is detect the intrusion in the network in concise.
The real time issue such as DoS attack in banking, companies, industries and organization have been
increased significantly IDS has been used in both server and host side. The major challenge is to effectively
predict the periods of threats and protect the server from the unauthorized user. In this study, a novel
probabilistic approach is proposed effectively to detect the network intrusions. It uses a Markov chain for
probabilistic modelling of abnormal events in network systems. The degree of abnormality of the incoming
data is performed on the basis of the network states.
Detecting network attacks model based on a convolutional neural network IJECEIAES
Due to the increasing use of networks at present, Internet systems have raised many security problems, and statistics indicate that the rate of attacks or intrusions has increased excessively annually, and in the event of any malicious attack on network vulnerabilities or information systems, it may lead to serious disasters, violating policies on network security, i.e., “confidentiality, integrity, and availability” (CIA). Therefore, many detection systems, such as the intrusion detection system, appeared. In this paper, we built a system that detects network attacks using the latest machine learning algorithms and a convolutional neural network based on a dataset of the CSE-CIC-IDS2018. It is a recent dataset that contains a set of common and recent attacks. The detection rate is 99.7%, distinguishing between aggressive attacks and natural assertiveness.
Deep learning algorithms for intrusion detection systems in internet of thin...IJECEIAES
Due to technological advancements in recent years, the availability and usage of smart electronic gadgets have drastically increased. Adoption of these smart devices for a variety of applications in our day-to-day life has become a new normal. As these devices collect and store data, which is of prime importance, securing is a mandatory requirement by being vigilant against intruders. Many traditional techniques are prevailing for the same, but they may not be a good solution for the devices with resource constraints. The impact of artificial intelligence is not negligible in this concern. This study is an attempt to understand and analyze the performance of deep learning algorithms in intrusion detection. A comparative analysis of the performance of deep neural network, convolutional neural network, and long short-term memory using the CIC-IDS 2017 dataset.
Machine learning-based intrusion detection system for detecting web attacksIAESIJAI
The increasing use of smart devices results in a huge amount of data, which raises concerns about personal data, including health data and financial data. This data circulates on the network and can encounter network traffic at any time. This traffic can either be normal traffic or an intrusion created by hackers with the aim of injecting abnormal traffic into the network. Firewalls and traditional intrusion detection systems detect attacks based on signature patterns. However, this is not sufficient to detect advanced or unknown attacks. To detect different types of unknown attacks, the use of intelligent techniques is essential. In this paper, we analyse some machine learning techniques proposed in recent years. In this study, several classifications were made to detect anomalous behaviour in network traffic. The models were built and evaluated based on the Canadian Institute for Cybersecurity-intrusion detection systems dataset released in 2017 (CIC-IDS-2017), which includes both current and historical attacks. The experiments were conducted using decision tree, random forest, logistic regression, gaussian naïve bayes, adaptive boosting, and their ensemble approach. The models were evaluated using various evaluation metrics such as accuracy, precision, recall, F1-score, false positive rate, receiver operating characteristic curve, and calibration curve.
ATTACK DETECTION AVAILING FEATURE DISCRETION USING RANDOM FOREST CLASSIFIERCSEIJJournal
The widespread use of the Internet has an adverse effect of being vulnerable to cyber attacks. Defensive
mechanisms like firewalls and IDSs have evolved with a lot of research contributions happening in these
areas. Machine learning techniques have been successfully used in these defense mechanisms especially
IDSs. Although they are effective to some extent in identifying new patterns and variants of existing
malicious patterns, many attacks are still left as undetected. The objective is to develop an algorithm for
detecting malicious domains based on passive traffic measurements. In this paper, an anomaly-based
intrusion detection system based on an ensemble based machine learning classifier called Random Forest
with gradient boosting is deployed. NSL-KDD cup dataset is used for analysis and out of 41 features, 32
features were identified as significant using feature discretion. Our observations confirm the conjecture
that both the feature selection and stochastic based genetic operators improves the accuracy and the
effectiveness. The training time is shown to be reduced tremendously by 98.59% and accuracy improved to
98.75%.
Attack Detection Availing Feature Discretion using Random Forest ClassifierCSEIJJournal
The widespread use of the Internet has an adverse effect of being vulnerable to cyber attacks. Defensive
mechanisms like firewalls and IDSs have evolved with a lot of research contributions happening in these
areas. Machine learning techniques have been successfully used in these defense mechanisms especially
IDSs. Although they are effective to some extent in identifying new patterns and variants of existing
malicious patterns, many attacks are still left as undetected. The objective is to develop an algorithm for
detecting malicious domains based on passive traffic measurements. In this paper, an anomaly-based
intrusion detection system based on an ensemble based machine learning classifier called Random Forest
with gradient boosting is deployed. NSL-KDD cup dataset is used for analysis and out of 41 features, 32
features were identified as significant using feature discretion.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
FORTIFICATION OF HYBRID INTRUSION DETECTION SYSTEM USING VARIANTS OF NEURAL ...IJNSA Journal
Intrusion Detection Systems (IDS) form a key part of system defence, where it identifies abnormal
activities happening in a computer system. In recent years different soft computing based techniques have
been proposed for the development of IDS. On the other hand, intrusion detection is not yet a perfect
technology. This has provided an opportunity for data mining to make quite a lot of important
contributions in the field of intrusion detection. In this paper we have proposed a new hybrid technique
by utilizing data mining techniques such as fuzzy C means clustering, Fuzzy neural network / Neurofuzzy and radial basis function(RBF) SVM for fortification of the intrusion detection system. The
proposed technique has five major steps in which, first step is to perform the relevance analysis, and then
input data is clustered using Fuzzy C-means clustering. After that, neuro-fuzzy is trained, such that each
of the data point is trained with the corresponding neuro-fuzzy classifier associated with the cluster.
Subsequently, a vector for SVM classification is formed and in the last step, classification using RBF-
SVM is performed to detect intrusion has happened or not. Data set used is the KDD cup 1999 dataset
and we have used precision, recall, F-measure and accuracy as the evaluation metrics parameters. Our
technique could achieve better accuracy for all types of intrusions. The results of proposed technique are
compared with the other existing techniques. These comparisons proved the effectiveness of our
technique.
Through the generalization of deep learning, the research community has addressed critical challenges in
the network security domain, like malware identification and anomaly detection. However, they have yet to
discuss deploying them on Internet of Things (IoT) devices for day-to-day operations. IoT devices are often
limited in memory and processing power, rendering the compute-intensive deep learning environment
unusable. This research proposes a way to overcome this barrier by bypassing feature engineering in the
deep learning pipeline and using raw packet data as input. We introduce a feature- engineering-less
machine learning (ML) process to perform malware detection on IoT devices. Our proposed model,”
Feature engineering-less ML (FEL-ML),” is a lighter-weight detection algorithm that expends no extra
computations on “engineered” features. It effectively accelerates the low-powered IoT edge. It is trained
on unprocessed byte-streams of packets. Aside from providing better results, it is quicker than traditional
feature-based methods. FEL-ML facilitates resource-sensitive network traffic security with the added
benefit of eliminating the significant investment by subject matter experts in feature engineering.
EFFICIENT ATTACK DETECTION IN IOT DEVICES USING FEATURE ENGINEERING-LESS MACH...ijcsit
Through the generalization of deep learning, the research community has addressed critical challenges in
the network security domain, like malware identification and anomaly detection. However, they have yet to
discuss deploying them on Internet of Things (IoT) devices for day-to-day operations. IoT devices are often
limited in memory and processing power, rendering the compute-intensive deep learning environment
unusable. This research proposes a way to overcome this barrier by bypassing feature engineering in the
deep learning pipeline and using raw packet data as input. We introduce a feature- engineering-less
machine learning (ML) process to perform malware detection on IoT devices. Our proposed model,”
Feature engineering-less ML (FEL-ML),” is a lighter-weight detection algorithm that expends no extra
computations on “engineered” features. It effectively accelerates the low-powered IoT edge. It is trained
on unprocessed byte-streams of packets. Aside from providing better results, it is quicker than traditional
feature-based methods. FEL-ML facilitates resource-sensitive network traffic security with the added
benefit of eliminating the significant investment by subject matter experts in feature engineering.
Three layer hybrid learning to improve intrusion detection system performanceIJECEIAES
In imbalanced network traffic, malicious cyberattacks can be hidden in a large amount of normal traffic, making it difficult for intrusion detection systems (IDS) to detect them. Therefore, anomaly-based IDS with machine learning is the solution. However, a single machine learning cannot accurately detect all types of attacks. Therefore, a hybrid model that combines long short-term memory (LSTM) and random forest (RF) in three layers is proposed. Building the hybrid model starts with Nearmiss-2 class balancing, which reduces normal samples without increasing minority samples. Then, feature selection is performed using chi-square and RF. Next, hyperparameter tuning is performed to obtain the optimal model. In the first and second layers, LSTM and RF are used for binary classification to detect normal data and attack data. While the third layer model uses RF for multiclass classification. The hybrid model verified using the CSE-CIC-IDS2018 dataset, showed better performance compared to the single algorithm. For multiclass classification, the hybrid model achieved 99.76% accuracy, 99.76% precision, 99.76% recall, and 99.75% F1-score.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...ijcsit
In order to avoid illegitimate use of any intruder, intrusion detection over the network is one of the critical
issues. An intruder may enter any network or system or server by intruding malicious packets into the
system in order to steal, sniff, manipulate or corrupt any useful and secret information, this process is
referred to as intrusion whereas when packets are transmitted by intruder over the network for any purpose
of intrusion is referred to as attack. With the expanding networking technology, millions of servers
communicate with each other and this expansion is always in progress every day. Due to this fact, more
and more intruders get attention; and so to overcome this need of smart intrusion detection model is a
primary requirement.
By analyzing the feature selection methods the identification of essential features of NSL-KDD data set is
done, then by using selected features and machine learning approach and analyzing the basic features of
networks over the data set a hybrid algorithm is made. Finally a model is produced over the algorithm
containing the rules for the network features.
A hybrid misuse intrusion detection model is made to find attacks on system to improve the intrusion
detection. Based on prior features, intrusions on the system can be detected without any previous learning.
This model contains the advantage of feature selection and machine learning techniques with misuse
detection.
Comparison study of machine learning classifiers to detect anomalies IJECEIAES
In this era of Internet ensuring the confidentiality, authentication and integrity of any resource exchanged over the net is the imperative. Presence of intrusion prevention techniques like strong password, firewalls etc. are not sufficient to monitor such voluminous network traffic as they can be breached easily. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database.Thus, the need for real-time detection of aberrations is observed. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database. Machine learning classifiers are implemented here to learn how the values of various fields like source bytes, destination bytes etc. in a network packet decides if the packet is compromised or not . Finally the accuracy of their detection is compared to choose the best suited classifier for this purpose. The outcome thus produced may be useful to offer real time detection while exchanging sensitive information such as credit card details.
Feature Selection using the Concept of Peafowl Mating in IDSIJCNCJournal
Cloud computing has high applicability as an Internet based service that relies on sharing computing resources. Cloud computing provides services that are Infrastructure based, Platform based and Software based. The popularity of this technology is due to its superb performance, high level of computing ability, low cost of services, scalability, availability and flexibility. The obtainability and openness of data in cloud environment make it vulnerable to the world of cyber-attacks. To detect the attacks Intrusion Detection System is used, that can identify the attacks and ensure information security. Such a coherent and proficient Intrusion Detection System is proposed in this paper to achieve higher certainty levels regarding safety in cloud environment. In this paper, the mating behavior of peafowl is incorporated into an optimization algorithm which in turn is used as a feature selection algorithm. The algorithm is used to reduce the huge size of cloud data so that the IDS can work efficiently on the cloud to detect intrusions. The proposed model has been experimented with NSL-KDD dataset as well as Kyoto dataset and have proved to be a better as well as an efficient IDS.
Feature Selection using the Concept of Peafowl Mating in IDSIJCNCJournal
Cloud computing has high applicability as an Internet based service that relies on sharing computing resources. Cloud computing provides services that are Infrastructure based, Platform based and Software based. The popularity of this technology is due to its superb performance, high level of computing ability, low cost of services, scalability, availability and flexibility. The obtainability and openness of data in cloud environment make it vulnerable to the world of cyber-attacks. To detect the attacks Intrusion Detection System is used, that can identify the attacks and ensure information security. Such a coherent and proficient Intrusion Detection System is proposed in this paper to achieve higher certainty levels regarding safety in cloud environment. In this paper, the mating behavior of peafowl is incorporated into an optimization algorithm which in turn is used as a feature selection algorithm. The algorithm is used to reduce the huge size of cloud data so that the IDS can work efficiently on the cloud to detect intrusions. The proposed model has been experimented with NSL-KDD dataset as well as Kyoto dataset and have proved to be a better as well as an efficient IDS.
An Efficient Intrusion Detection System with Custom Features using FPA-Gradie...IJCNCJournal
An efficient Intrusion Detection System has to be given high priority while connecting systems with a network to prevent the system before an attack happens. It is a big challenge to the network security group to prevent the system from a variable types of new attacks as technology is growing in parallel. In this paper, an efficient model to detect Intrusion is proposed to predict attacks with high accuracy and less false-negative rate by deriving custom features UNSW-CF by using the benchmark intrusion dataset UNSW-NB15. To reduce the learning complexity, Custom Features are derived and then Significant Features are constructed by applying meta-heuristic FPA (Flower Pollination algorithm) and MRMR (Minimal Redundancy and Maximum Redundancy) which reduces learning time and also increases prediction accuracy. ENC (ElasicNet Classifier), KRRC (Kernel Ridge Regression Classifier), IGBC (Improved Gradient Boosting Classifier) is employed to classify the attacks in the datasets UNSW-CF, UNSW and recorded that UNSW-CF with derived custom features using IGBC integrated with FPA provided high accuracy of 97.38% and a low error rate of 2.16%. Also, the sensitivity and specificity rate for IGB attains a high rate of 97.32% and 97.50% respectively.
Visualize network anomaly detection by using k means clustering algorithmIJCNCJournal
With the ever increasing amount of new attacks in today’s world the amount of data will keep increasing,
and because of the base-rate fallacy the amount of false alarms will also increase. Another problem with
detection of attacks is that they usually isn’t detected until after the attack has taken place, this makes
defending against attacks hard and can easily lead to disclosure of sensitive information.
In this paper we choose K-means algorithm with the Kdd Cup 1999 network data set to evaluate the
performance of an unsupervised learning method for anomaly detection. The results of the evaluation
showed that a high detection rate can be achieve while maintaining a low false alarm rate .This paper
presents the result of using k-means clustering by applying Cluster 3.0 tool and visualized this result by
using TreeView visualization tool .
Three level intrusion detection system based on conditional generative advers...IJECEIAES
Security threat protection is important in the internet of things (IoT) applications since both the connected device and the captured data can be hacked or hijacked or both at the same time. To tackle the above-mentioned problem, we proposed three-level intrusion detection system conditional generative adversarial network (3LIDS-CGAN) model which includes four phases such as first-level intrusion detection system (IDS), second-level IDS, third-level IDS, and attack type classification. In first-level IDS, features of the incoming packets are extracted by the firewall. Based on the extracted features the packets are classified into three classes such as normal, malicious, and suspicious using support vector machine and golden eagle optimization. Suspicious packets are forwarded to the second-level IDS which classified the suspicious packets as normal or malicious. Here, signature-based intrusions are detected using attack history information, and anomaly-based intrusions are detected using event-based semantic mapping. In third-level IDS, adversary packets are detected using CGAN which automatically learns the adversarial environment and detects adversary packets accurately. Finally, proximal policy optimization is proposed to detect the attack type. Experiments are conducted using the NS-3.26 network simulator and performance is evaluated by various performance metrics which results that the proposed 3LIDS-CGAN model outperforming other existing works.
Similar to An intrusion detection system for packet and flow based networks using deep neural network approach (20)
Bibliometric analysis highlighting the role of women in addressing climate ch...IJECEIAES
Fossil fuel consumption increased quickly, contributing to climate change
that is evident in unusual flooding and draughts, and global warming. Over
the past ten years, women's involvement in society has grown dramatically,
and they succeeded in playing a noticeable role in reducing climate change.
A bibliometric analysis of data from the last ten years has been carried out to
examine the role of women in addressing the climate change. The analysis's
findings discussed the relevant to the sustainable development goals (SDGs),
particularly SDG 7 and SDG 13. The results considered contributions made
by women in the various sectors while taking geographic dispersion into
account. The bibliometric analysis delves into topics including women's
leadership in environmental groups, their involvement in policymaking, their
contributions to sustainable development projects, and the influence of
gender diversity on attempts to mitigate climate change. This study's results
highlight how women have influenced policies and actions related to climate
change, point out areas of research deficiency and recommendations on how
to increase role of the women in addressing the climate change and
achieving sustainability. To achieve more successful results, this initiative
aims to highlight the significance of gender equality and encourage
inclusivity in climate change decision-making processes.
Voltage and frequency control of microgrid in presence of micro-turbine inter...IJECEIAES
The active and reactive load changes have a significant impact on voltage
and frequency. In this paper, in order to stabilize the microgrid (MG) against
load variations in islanding mode, the active and reactive power of all
distributed generators (DGs), including energy storage (battery), diesel
generator, and micro-turbine, are controlled. The micro-turbine generator is
connected to MG through a three-phase to three-phase matrix converter, and
the droop control method is applied for controlling the voltage and
frequency of MG. In addition, a method is introduced for voltage and
frequency control of micro-turbines in the transition state from gridconnected mode to islanding mode. A novel switching strategy of the matrix
converter is used for converting the high-frequency output voltage of the
micro-turbine to the grid-side frequency of the utility system. Moreover,
using the switching strategy, the low-order harmonics in the output current
and voltage are not produced, and consequently, the size of the output filter
would be reduced. In fact, the suggested control strategy is load-independent
and has no frequency conversion restrictions. The proposed approach for
voltage and frequency regulation demonstrates exceptional performance and
favorable response across various load alteration scenarios. The suggested
strategy is examined in several scenarios in the MG test systems, and the
simulation results are addressed.
Enhancing battery system identification: nonlinear autoregressive modeling fo...IJECEIAES
Precisely characterizing Li-ion batteries is essential for optimizing their
performance, enhancing safety, and prolonging their lifespan across various
applications, such as electric vehicles and renewable energy systems. This
article introduces an innovative nonlinear methodology for system
identification of a Li-ion battery, employing a nonlinear autoregressive with
exogenous inputs (NARX) model. The proposed approach integrates the
benefits of nonlinear modeling with the adaptability of the NARX structure,
facilitating a more comprehensive representation of the intricate
electrochemical processes within the battery. Experimental data collected
from a Li-ion battery operating under diverse scenarios are employed to
validate the effectiveness of the proposed methodology. The identified
NARX model exhibits superior accuracy in predicting the battery's behavior
compared to traditional linear models. This study underscores the
importance of accounting for nonlinearities in battery modeling, providing
insights into the intricate relationships between state-of-charge, voltage, and
current under dynamic conditions.
Smart grid deployment: from a bibliometric analysis to a surveyIJECEIAES
Smart grids are one of the last decades' innovations in electrical energy.
They bring relevant advantages compared to the traditional grid and
significant interest from the research community. Assessing the field's
evolution is essential to propose guidelines for facing new and future smart
grid challenges. In addition, knowing the main technologies involved in the
deployment of smart grids (SGs) is important to highlight possible
shortcomings that can be mitigated by developing new tools. This paper
contributes to the research trends mentioned above by focusing on two
objectives. First, a bibliometric analysis is presented to give an overview of
the current research level about smart grid deployment. Second, a survey of
the main technological approaches used for smart grid implementation and
their contributions are highlighted. To that effect, we searched the Web of
Science (WoS), and the Scopus databases. We obtained 5,663 documents
from WoS and 7,215 from Scopus on smart grid implementation or
deployment. With the extraction limitation in the Scopus database, 5,872 of
the 7,215 documents were extracted using a multi-step process. These two
datasets have been analyzed using a bibliometric tool called bibliometrix.
The main outputs are presented with some recommendations for future
research.
Use of analytical hierarchy process for selecting and prioritizing islanding ...IJECEIAES
One of the problems that are associated to power systems is islanding
condition, which must be rapidly and properly detected to prevent any
negative consequences on the system's protection, stability, and security.
This paper offers a thorough overview of several islanding detection
strategies, which are divided into two categories: classic approaches,
including local and remote approaches, and modern techniques, including
techniques based on signal processing and computational intelligence.
Additionally, each approach is compared and assessed based on several
factors, including implementation costs, non-detected zones, declining
power quality, and response times using the analytical hierarchy process
(AHP). The multi-criteria decision-making analysis shows that the overall
weight of passive methods (24.7%), active methods (7.8%), hybrid methods
(5.6%), remote methods (14.5%), signal processing-based methods (26.6%),
and computational intelligent-based methods (20.8%) based on the
comparison of all criteria together. Thus, it can be seen from the total weight
that hybrid approaches are the least suitable to be chosen, while signal
processing-based methods are the most appropriate islanding detection
method to be selected and implemented in power system with respect to the
aforementioned factors. Using Expert Choice software, the proposed
hierarchy model is studied and examined.
Enhancing of single-stage grid-connected photovoltaic system using fuzzy logi...IJECEIAES
The power generated by photovoltaic (PV) systems is influenced by
environmental factors. This variability hampers the control and utilization of
solar cells' peak output. In this study, a single-stage grid-connected PV
system is designed to enhance power quality. Our approach employs fuzzy
logic in the direct power control (DPC) of a three-phase voltage source
inverter (VSI), enabling seamless integration of the PV connected to the
grid. Additionally, a fuzzy logic-based maximum power point tracking
(MPPT) controller is adopted, which outperforms traditional methods like
incremental conductance (INC) in enhancing solar cell efficiency and
minimizing the response time. Moreover, the inverter's real-time active and
reactive power is directly managed to achieve a unity power factor (UPF).
The system's performance is assessed through MATLAB/Simulink
implementation, showing marked improvement over conventional methods,
particularly in steady-state and varying weather conditions. For solar
irradiances of 500 and 1,000 W/m2
, the results show that the proposed
method reduces the total harmonic distortion (THD) of the injected current
to the grid by approximately 46% and 38% compared to conventional
methods, respectively. Furthermore, we compare the simulation results with
IEEE standards to evaluate the system's grid compatibility.
Enhancing photovoltaic system maximum power point tracking with fuzzy logic-b...IJECEIAES
Photovoltaic systems have emerged as a promising energy resource that
caters to the future needs of society, owing to their renewable, inexhaustible,
and cost-free nature. The power output of these systems relies on solar cell
radiation and temperature. In order to mitigate the dependence on
atmospheric conditions and enhance power tracking, a conventional
approach has been improved by integrating various methods. To optimize
the generation of electricity from solar systems, the maximum power point
tracking (MPPT) technique is employed. To overcome limitations such as
steady-state voltage oscillations and improve transient response, two
traditional MPPT methods, namely fuzzy logic controller (FLC) and perturb
and observe (P&O), have been modified. This research paper aims to
simulate and validate the step size of the proposed modified P&O and FLC
techniques within the MPPT algorithm using MATLAB/Simulink for
efficient power tracking in photovoltaic systems.
Adaptive synchronous sliding control for a robot manipulator based on neural ...IJECEIAES
Robot manipulators have become important equipment in production lines, medical fields, and transportation. Improving the quality of trajectory tracking for
robot hands is always an attractive topic in the research community. This is a
challenging problem because robot manipulators are complex nonlinear systems
and are often subject to fluctuations in loads and external disturbances. This
article proposes an adaptive synchronous sliding control scheme to improve trajectory tracking performance for a robot manipulator. The proposed controller
ensures that the positions of the joints track the desired trajectory, synchronize
the errors, and significantly reduces chattering. First, the synchronous tracking
errors and synchronous sliding surfaces are presented. Second, the synchronous
tracking error dynamics are determined. Third, a robust adaptive control law is
designed,the unknown components of the model are estimated online by the neural network, and the parameters of the switching elements are selected by fuzzy
logic. The built algorithm ensures that the tracking and approximation errors
are ultimately uniformly bounded (UUB). Finally, the effectiveness of the constructed algorithm is demonstrated through simulation and experimental results.
Simulation and experimental results show that the proposed controller is effective with small synchronous tracking errors, and the chattering phenomenon is
significantly reduced.
Remote field-programmable gate array laboratory for signal acquisition and de...IJECEIAES
A remote laboratory utilizing field-programmable gate array (FPGA) technologies enhances students’ learning experience anywhere and anytime in embedded system design. Existing remote laboratories prioritize hardware access and visual feedback for observing board behavior after programming, neglecting comprehensive debugging tools to resolve errors that require internal signal acquisition. This paper proposes a novel remote embeddedsystem design approach targeting FPGA technologies that are fully interactive via a web-based platform. Our solution provides FPGA board access and debugging capabilities beyond the visual feedback provided by existing remote laboratories. We implemented a lab module that allows users to seamlessly incorporate into their FPGA design. The module minimizes hardware resource utilization while enabling the acquisition of a large number of data samples from the signal during the experiments by adaptively compressing the signal prior to data transmission. The results demonstrate an average compression ratio of 2.90 across three benchmark signals, indicating efficient signal acquisition and effective debugging and analysis. This method allows users to acquire more data samples than conventional methods. The proposed lab allows students to remotely test and debug their designs, bridging the gap between theory and practice in embedded system design.
Detecting and resolving feature envy through automated machine learning and m...IJECEIAES
Efficiently identifying and resolving code smells enhances software project quality. This paper presents a novel solution, utilizing automated machine learning (AutoML) techniques, to detect code smells and apply move method refactoring. By evaluating code metrics before and after refactoring, we assessed its impact on coupling, complexity, and cohesion. Key contributions of this research include a unique dataset for code smell classification and the development of models using AutoGluon for optimal performance. Furthermore, the study identifies the top 20 influential features in classifying feature envy, a well-known code smell, stemming from excessive reliance on external classes. We also explored how move method refactoring addresses feature envy, revealing reduced coupling and complexity, and improved cohesion, ultimately enhancing code quality. In summary, this research offers an empirical, data-driven approach, integrating AutoML and move method refactoring to optimize software project quality. Insights gained shed light on the benefits of refactoring on code quality and the significance of specific features in detecting feature envy. Future research can expand to explore additional refactoring techniques and a broader range of code metrics, advancing software engineering practices and standards.
Smart monitoring technique for solar cell systems using internet of things ba...IJECEIAES
Rapidly and remotely monitoring and receiving the solar cell systems status parameters, solar irradiance, temperature, and humidity, are critical issues in enhancement their efficiency. Hence, in the present article an improved smart prototype of internet of things (IoT) technique based on embedded system through NodeMCU ESP8266 (ESP-12E) was carried out experimentally. Three different regions at Egypt; Luxor, Cairo, and El-Beheira cities were chosen to study their solar irradiance profile, temperature, and humidity by the proposed IoT system. The monitoring data of solar irradiance, temperature, and humidity were live visualized directly by Ubidots through hypertext transfer protocol (HTTP) protocol. The measured solar power radiation in Luxor, Cairo, and El-Beheira ranged between 216-1000, 245-958, and 187-692 W/m 2 respectively during the solar day. The accuracy and rapidity of obtaining monitoring results using the proposed IoT system made it a strong candidate for application in monitoring solar cell systems. On the other hand, the obtained solar power radiation results of the three considered regions strongly candidate Luxor and Cairo as suitable places to build up a solar cells system station rather than El-Beheira.
An efficient security framework for intrusion detection and prevention in int...IJECEIAES
Over the past few years, the internet of things (IoT) has advanced to connect billions of smart devices to improve quality of life. However, anomalies or malicious intrusions pose several security loopholes, leading to performance degradation and threat to data security in IoT operations. Thereby, IoT security systems must keep an eye on and restrict unwanted events from occurring in the IoT network. Recently, various technical solutions based on machine learning (ML) models have been derived towards identifying and restricting unwanted events in IoT. However, most ML-based approaches are prone to miss-classification due to inappropriate feature selection. Additionally, most ML approaches applied to intrusion detection and prevention consider supervised learning, which requires a large amount of labeled data to be trained. Consequently, such complex datasets are impossible to source in a large network like IoT. To address this problem, this proposed study introduces an efficient learning mechanism to strengthen the IoT security aspects. The proposed algorithm incorporates supervised and unsupervised approaches to improve the learning models for intrusion detection and mitigation. Compared with the related works, the experimental outcome shows that the model performs well in a benchmark dataset. It accomplishes an improved detection accuracy of approximately 99.21%.
Developing a smart system for infant incubators using the internet of things ...IJECEIAES
This research is developing an incubator system that integrates the internet of things and artificial intelligence to improve care for premature babies. The system workflow starts with sensors that collect data from the incubator. Then, the data is sent in real-time to the internet of things (IoT) broker eclipse mosquito using the message queue telemetry transport (MQTT) protocol version 5.0. After that, the data is stored in a database for analysis using the long short-term memory network (LSTM) method and displayed in a web application using an application programming interface (API) service. Furthermore, the experimental results produce as many as 2,880 rows of data stored in the database. The correlation coefficient between the target attribute and other attributes ranges from 0.23 to 0.48. Next, several experiments were conducted to evaluate the model-predicted value on the test data. The best results are obtained using a two-layer LSTM configuration model, each with 60 neurons and a lookback setting 6. This model produces an R 2 value of 0.934, with a root mean square error (RMSE) value of 0.015 and a mean absolute error (MAE) of 0.008. In addition, the R 2 value was also evaluated for each attribute used as input, with a result of values between 0.590 and 0.845.
A review on internet of things-based stingless bee's honey production with im...IJECEIAES
Honey is produced exclusively by honeybees and stingless bees which both are well adapted to tropical and subtropical regions such as Malaysia. Stingless bees are known for producing small amounts of honey and are known for having a unique flavor profile. Problem identified that many stingless bees collapsed due to weather, temperature and environment. It is critical to understand the relationship between the production of stingless bee honey and environmental conditions to improve honey production. Thus, this paper presents a review on stingless bee's honey production and prediction modeling. About 54 previous research has been analyzed and compared in identifying the research gaps. A framework on modeling the prediction of stingless bee honey is derived. The result presents the comparison and analysis on the internet of things (IoT) monitoring systems, honey production estimation, convolution neural networks (CNNs), and automatic identification methods on bee species. It is identified based on image detection method the top best three efficiency presents CNN is at 98.67%, densely connected convolutional networks with YOLO v3 is 97.7%, and DenseNet201 convolutional networks 99.81%. This study is significant to assist the researcher in developing a model for predicting stingless honey produced by bee's output, which is important for a stable economy and food security.
A trust based secure access control using authentication mechanism for intero...IJECEIAES
The internet of things (IoT) is a revolutionary innovation in many aspects of our society including interactions, financial activity, and global security such as the military and battlefield internet. Due to the limited energy and processing capacity of network devices, security, energy consumption, compatibility, and device heterogeneity are the long-term IoT problems. As a result, energy and security are critical for data transmission across edge and IoT networks. Existing IoT interoperability techniques need more computation time, have unreliable authentication mechanisms that break easily, lose data easily, and have low confidentiality. In this paper, a key agreement protocol-based authentication mechanism for IoT devices is offered as a solution to this issue. This system makes use of information exchange, which must be secured to prevent access by unauthorized users. Using a compact contiki/cooja simulator, the performance and design of the suggested framework are validated. The simulation findings are evaluated based on detection of malicious nodes after 60 minutes of simulation. The suggested trust method, which is based on privacy access control, reduced packet loss ratio to 0.32%, consumed 0.39% power, and had the greatest average residual energy of 0.99 mJoules at 10 nodes.
Fuzzy linear programming with the intuitionistic polygonal fuzzy numbersIJECEIAES
In real world applications, data are subject to ambiguity due to several factors; fuzzy sets and fuzzy numbers propose a great tool to model such ambiguity. In case of hesitation, the complement of a membership value in fuzzy numbers can be different from the non-membership value, in which case we can model using intuitionistic fuzzy numbers as they provide flexibility by defining both a membership and a non-membership functions. In this article, we consider the intuitionistic fuzzy linear programming problem with intuitionistic polygonal fuzzy numbers, which is a generalization of the previous polygonal fuzzy numbers found in the literature. We present a modification of the simplex method that can be used to solve any general intuitionistic fuzzy linear programming problem after approximating the problem by an intuitionistic polygonal fuzzy number with n edges. This method is given in a simple tableau formulation, and then applied on numerical examples for clarity.
The performance of artificial intelligence in prostate magnetic resonance im...IJECEIAES
Prostate cancer is the predominant form of cancer observed in men worldwide. The application of magnetic resonance imaging (MRI) as a guidance tool for conducting biopsies has been established as a reliable and well-established approach in the diagnosis of prostate cancer. The diagnostic performance of MRI-guided prostate cancer diagnosis exhibits significant heterogeneity due to the intricate and multi-step nature of the diagnostic pathway. The development of artificial intelligence (AI) models, specifically through the utilization of machine learning techniques such as deep learning, is assuming an increasingly significant role in the field of radiology. In the realm of prostate MRI, a considerable body of literature has been dedicated to the development of various AI algorithms. These algorithms have been specifically designed for tasks such as prostate segmentation, lesion identification, and classification. The overarching objective of these endeavors is to enhance diagnostic performance and foster greater agreement among different observers within MRI scans for the prostate. This review article aims to provide a concise overview of the application of AI in the field of radiology, with a specific focus on its utilization in prostate MRI.
Seizure stage detection of epileptic seizure using convolutional neural networksIJECEIAES
According to the World Health Organization (WHO), seventy million individuals worldwide suffer from epilepsy, a neurological disorder. While electroencephalography (EEG) is crucial for diagnosing epilepsy and monitoring the brain activity of epilepsy patients, it requires a specialist to examine all EEG recordings to find epileptic behavior. This procedure needs an experienced doctor, and a precise epilepsy diagnosis is crucial for appropriate treatment. To identify epileptic seizures, this study employed a convolutional neural network (CNN) based on raw scalp EEG signals to discriminate between preictal, ictal, postictal, and interictal segments. The possibility of these characteristics is explored by examining how well timedomain signals work in the detection of epileptic signals using intracranial Freiburg Hospital (FH), scalp Children's Hospital Boston-Massachusetts Institute of Technology (CHB-MIT) databases, and Temple University Hospital (TUH) EEG. To test the viability of this approach, two types of experiments were carried out. Firstly, binary class classification (preictal, ictal, postictal each versus interictal) and four-class classification (interictal versus preictal versus ictal versus postictal). The average accuracy for stage detection using CHB-MIT database was 84.4%, while the Freiburg database's time-domain signals had an accuracy of 79.7% and the highest accuracy of 94.02% for classification in the TUH EEG database when comparing interictal stage to preictal stage.
Analysis of driving style using self-organizing maps to analyze driver behaviorIJECEIAES
Modern life is strongly associated with the use of cars, but the increase in acceleration speeds and their maneuverability leads to a dangerous driving style for some drivers. In these conditions, the development of a method that allows you to track the behavior of the driver is relevant. The article provides an overview of existing methods and models for assessing the functioning of motor vehicles and driver behavior. Based on this, a combined algorithm for recognizing driving style is proposed. To do this, a set of input data was formed, including 20 descriptive features: About the environment, the driver's behavior and the characteristics of the functioning of the car, collected using OBD II. The generated data set is sent to the Kohonen network, where clustering is performed according to driving style and degree of danger. Getting the driving characteristics into a particular cluster allows you to switch to the private indicators of an individual driver and considering individual driving characteristics. The application of the method allows you to identify potentially dangerous driving styles that can prevent accidents.
Hyperspectral object classification using hybrid spectral-spatial fusion and ...IJECEIAES
Because of its spectral-spatial and temporal resolution of greater areas, hyperspectral imaging (HSI) has found widespread application in the field of object classification. The HSI is typically used to accurately determine an object's physical characteristics as well as to locate related objects with appropriate spectral fingerprints. As a result, the HSI has been extensively applied to object identification in several fields, including surveillance, agricultural monitoring, environmental research, and precision agriculture. However, because of their enormous size, objects require a lot of time to classify; for this reason, both spectral and spatial feature fusion have been completed. The existing classification strategy leads to increased misclassification, and the feature fusion method is unable to preserve semantic object inherent features; This study addresses the research difficulties by introducing a hybrid spectral-spatial fusion (HSSF) technique to minimize feature size while maintaining object intrinsic qualities; Lastly, a soft-margins kernel is proposed for multi-layer deep support vector machine (MLDSVM) to reduce misclassification. The standard Indian pines dataset is used for the experiment, and the outcome demonstrates that the HSSF-MLDSVM model performs substantially better in terms of accuracy and Kappa coefficient.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdffxintegritypublishin
Advancements in technology unveil a myriad of electrical and electronic breakthroughs geared towards efficiently harnessing limited resources to meet human energy demands. The optimization of hybrid solar PV panels and pumped hydro energy supply systems plays a pivotal role in utilizing natural resources effectively. This initiative not only benefits humanity but also fosters environmental sustainability. The study investigated the design optimization of these hybrid systems, focusing on understanding solar radiation patterns, identifying geographical influences on solar radiation, formulating a mathematical model for system optimization, and determining the optimal configuration of PV panels and pumped hydro storage. Through a comparative analysis approach and eight weeks of data collection, the study addressed key research questions related to solar radiation patterns and optimal system design. The findings highlighted regions with heightened solar radiation levels, showcasing substantial potential for power generation and emphasizing the system's efficiency. Optimizing system design significantly boosted power generation, promoted renewable energy utilization, and enhanced energy storage capacity. The study underscored the benefits of optimizing hybrid solar PV panels and pumped hydro energy supply systems for sustainable energy usage. Optimizing the design of solar PV panels and pumped hydro energy supply systems as examined across diverse climatic conditions in a developing country, not only enhances power generation but also improves the integration of renewable energy sources and boosts energy storage capacities, particularly beneficial for less economically prosperous regions. Additionally, the study provides valuable insights for advancing energy research in economically viable areas. Recommendations included conducting site-specific assessments, utilizing advanced modeling tools, implementing regular maintenance protocols, and enhancing communication among system components.
Saudi Arabia stands as a titan in the global energy landscape, renowned for its abundant oil and gas resources. It's the largest exporter of petroleum and holds some of the world's most significant reserves. Let's delve into the top 10 oil and gas projects shaping Saudi Arabia's energy future in 2024.
Hierarchical Digital Twin of a Naval Power SystemKerry Sado
A hierarchical digital twin of a Naval DC power system has been developed and experimentally verified. Similar to other state-of-the-art digital twins, this technology creates a digital replica of the physical system executed in real-time or faster, which can modify hardware controls. However, its advantage stems from distributing computational efforts by utilizing a hierarchical structure composed of lower-level digital twin blocks and a higher-level system digital twin. Each digital twin block is associated with a physical subsystem of the hardware and communicates with a singular system digital twin, which creates a system-level response. By extracting information from each level of the hierarchy, power system controls of the hardware were reconfigured autonomously. This hierarchical digital twin development offers several advantages over other digital twins, particularly in the field of naval power systems. The hierarchical structure allows for greater computational efficiency and scalability while the ability to autonomously reconfigure hardware controls offers increased flexibility and responsiveness. The hierarchical decomposition and models utilized were well aligned with the physical twin, as indicated by the maximum deviations between the developed digital twin hierarchy and the hardware.
2. Int J Elec & Comp Eng ISSN: 2088-8708
An intrusion detection system for packet and flow based networks using deep neural ... (Kaniz Farhana)
5515
immediately. Cyberattacks that appeared from 2001 to 2013 are discussed in [1]. Intrusion detection systems
(IDSs) are the combination of hardware and software which keep tracks of the flow of data through networks
and computers, also analyze the data flow to detect the threats and anomalies. It is significant for any critical
network that includes security administration to get alarmed from some unauthorized activities.
There are two kinds of intrusion detection systems based on location, called host-based and
network-based intrusion detection systems. Host-based intrusion detection systems work on collected
information from an individual computer system while a network-based intrusion detection system collects
raw data packets from the network to look for vulnerabilities. There are also two kinds of the detection
system is in use based on the techniques, named as Anomaly detection and Misuse detection. Anomaly
detection finds out changes in patterns or behavior on the original system or from normal traffic.
The activities different from the usual activities are looked for and observed. This approach gives a high
detection rate but, if the traffic is not profiled correctly or fully, this scheme can show a high false-positive
rate. While misuse detection technique works by finding out abnormal behavior from both known normal and
attack signatures. Then real network traffics is compared with the already collected data. This system is less
productive for attacks without certain and untold patterns. Raw data packets containing the information of
the network data flow, patterns are collected from networks and computers, used as big data for IDSs.
An IDS classifies a network activity as 'normal' or ‘attack’ (abnormal). In this paper, we exert on the multi-
class and binary classification for intrusion detection.
As time passed the amount of real-time data has increased immensely which makes it difficult for
traditional intrusion detection approaches such as, support vector machines (SVM), ruled based system, data
mining, fuzzy logic, machine learning (ML) [2] to handle those datasets. Also using traditional machine
learning approaches for classification on training data available from large scale networks is not productive.
However, deep learning organize arranges learning algorithms in layers, which can learn and make decisions
by itself [3-7]. It is also being used for security measures, identifying threats and attacks. Latterly, deep
neural network (DNN) techniques are showing improvement in handling big datasets with real-time
computing cost and predictive accuracy. Several works can be found in the literature which discusses
the intrusion detection systems thoroughly and applies current trends and techniques. Also, due to the lack of
relevant datasets and limitations of traditional methods dedicated to revealing threats over the network shows
despondent accuracy results.
Kim et al. [8] proposed an intrusion detection system based on Deep Neural Network (DNN).
They preprocessed the data set thoroughly. The classification model was trained and tested on kdd-CUP'99
data set. The DNN model contained four hidden layers and a hundred layer units. Approximately 99%
accuracy is obtained, the model also gave relatively small false rate scores. A deep belief network (IDBN)
using the kdd-cup'99 data set is proposed by Liu and Zhang [9]. A deep belief network is created and
the proposed model is implemented to train the network data. 92.4% accuracy is gained within 47.2s using
the belief network and 91.8% accuracy is by 22.7s using IDBN. An LSTM model utilizing a rmsprop
optimizer is proposed by Sara, Eric, and Kaushik [10]. The model constructed a multi-class intrusion
detection system. The LSTM model is applied to the CIDDS-001 dataset and showed 0.8483 accuracies.
A RandonForest based anomaly detection model is presented and assessed on the kdd-cup'99 data
set by Zhang and Zulkermine [11]. They considered two attack types and gained a detection rate of 94.7% on
binary attack types. Gao et al. [12] proposed an IDS using the KDD-CUP-1999 dataset. The classification
used Deep Belief Networks and performance evaluation is done by comparing the model with Support
Vector Machines and Artificial Neural Networks. Using ANN obtained accuracy is 82.30% and SVM model
accuracy is 86.82%. The highest accuracy is achieved with DBN at 93.49%. An intrusion detection system
using Support Vector Machine has been applied on the CICIDS2017 dataset is presented by Vijayanand,
Devaraj, and Kannapiran [13]. Several SVM models have been trained on multiple attack types.
99% accuracy rate is obtained.
In [14] Bipraneel and Hon introduced a deep learning technique named bi-directional long
short-term memory recurrent neural network (BLSTM). After feature extraction data set training and testing
were implied. The experiment result shows over 95% accuracy for the UNSW-NB15 dataset.
They performed for binary classification problems with 100% precision. MD. Moin et al. [15] implemented
a deep learning method for intrusion detection on the kdd and nsl-kdd dataset. They trained a deep CNN
structure for feature extraction, the training also continued as a 1-NN classifier to detect the attack and
achieved over 94% accuracies for both datasets.
Serpil, Zeynep and Muhammed [16] presented an intrusion detection system. They applied random
forest for recursive feature elimination, also used deep learning classifiers on the CICIDS2017 data set.
They achieved 91% accuracy by implementing a deep multilayer perceptron structure on features obtained
from recursive feature elimination. Ustebay et al. [17] presented different ANN models to detect malicious
activities. To reduce features of the CICIDS2017 dataset they employed Deep Neural Network, Shallow
3. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 10, No. 5, October 2020 : 5514 - 5525
5516
Neural Network, and Auto Encoder. They compared the accuracy among these models. Their study showed
several accuracies with 98.45% accuracy rate. An IDS system proposed by G. Watson [18] using
the CICIDS2107 dataset. For their study the applied the model on 27 features. They gained 94.5% accuracy
only for MLP, while 95.2% accuracy is obtained by using MLP and Payload model together.
Deep neural networks techniques focus on learning from attributes and perform better on
imbalanced big datasets. This paper propounds a simulation of deep neural network model on CICIDS2017
publically available dataset [19] for intrusion detection and performance is evaluated for binary and
multiclass with selected best features [20]. The model is executed using the Python environment, Keras and
Google TensorFlow. Google developed TensorFlow, open-source software for machine learning and Deep
Learning practices. Keras is a high-level application programming interface for learning, which is CPU and
GPU enabled. It supports programming language python, which can run on TensorFlow.
The contents of this study are disposed of as follows. The Dataset section explores the used dataset
in this study. The next section includes data preprocessing. The model implementation section explains
the deep neural network model. Then the model test result and result analysis section show the experimental
analysis and section conclusion deduces the paper.
2. DATASET
For intrusion detection, it is important to have certain properties in network-based datasets, such as
the format and the labeling of data. For both supervised and unsupervised intrusion detection methods these
properties are significantly explained at Markus et al. [21]. This section discusses the background of
the CICIDS2017 dataset that is used as an intrusion detection dataset for this study. The dataset introduced by
the Canadian Institute for Cybersecurity, it is wide open for all researchers [19]. It is one of the latest datasets
in the literature for network intrusion detection that contains 2830743 records with 79 network traffic
features and 15 attack types are available at [22]. The records in the dataset are the collection of real-world
data [19, 20], spread over eight files containing five-day benign and attack activity. The format of the records
is mainly packet-based and bifacial flow-based, including additional metadata [21]. Also, the dataset is fully
labeled. The intention of generating the dataset is for network intrusion detection, therefore it focuses on
the attack types mentioned in Table 1. For binary classification all attack types are considered as '1' and
benign attacks are considered as '0'. For multi-classification, each attack type is considered as they are given.
The attacks are comprised of seven common attack families as Botnet, DoS attack, DDoS attack,
Brute force attack, Web attack, Infiltration attack, and Heartbleed attack. Brute force attack is used to crack
passwords, locate hidden contents, hit and try an attack. Botnet attacks perform attacks through
internet-connected devices and send spam. DoS attack makes the system unavailable for some time,
it overloads the system networks. DDoS attack occurs when multiple systems fall into a victim. Web attacks
are software programs written to attack the user system, look for vulnerabilities. In an infiltration attack,
after exploiting the user system a backdoor will be created to execute attacks on the system. Heartbleed
attack works by deceiving servers, gaining private encryption key and leaking their information.
Table 1. Dataset and attack types
File Names (.csv file format) + Activity Day Instances Attack Types
Friday Working Hours Afternoon DDos 225745 Benign, DDoS
Friday Working Hours Afternoon PortScan 286467 Benign, Port Scan
Friday Working Hours Morning 191033 Benign, Bot
Monday Working Hours 529918 Benign
Thursday Working Hours Afternoon Infiltration 288602 Benign, Infiltration
Thursday Working Hours Morning WebAttacks 170366
Benign, Web Attack Brute Force,
Web Attack Sql Injection,
Web Attack XSS
Tuesday Working Hours 445909 Benign, FTP Patator, SSH Patator
Wednesday Working Hours 692703
Benign, DoS-GoldenEye,
DoS-Hulk, DoS Slowhttptest, DoS-Slowloris, Heartbleed
3. DATA PREPROCESSING
The phase of data preprocessing is significant to transform raw data into the penetrable format as
real-world data is often imperfect, incompatible in certain ways. It minimizes the ambiguity present in
the used dataset and to bring out the accurate statistics of the detection system. The data preprocessing phase
differs from data to data and study by study. In this section data preprocessing is discussed through
sub-sections as feature selection, removing duplicates, class imbalance, normalization, and label encoding.
Figure 1 manifests the process of data-preprocessing.
4. Int J Elec & Comp Eng ISSN: 2088-8708
An intrusion detection system for packet and flow based networks using deep neural ... (Kaniz Farhana)
5517
Figure 1. Data preprocessing
3.1. Feature selection
When working with high dimensional data, models can retch because of the increased training time.
Training time is influenced by the number of features, also there is a chance of overfitting if too many
features are used while training the model. So, feature reduction is important for building a model with high
dimensional data without much loss of total information. The creator of the CICIDS2017 dataset explained
the optimal features set depending on each attack type in [19]. Random Forest Regressor has been used as
a classifier and observes the best features for each attack type among 79 features according to the weight of
the features. In this study, 24 features including class label [19, 20] have been considered as the best-selected
features for detection. Table 2 describes the selected features [23, 24].
Table 2. Best features
Feature Name Description
Flow duration Flow duration
Total length of the forward packets Combined size of the packets in forward direction
Subflow forward_bytes Average number of the bytes present in a subflow to the forward direction
Backward packet length std Standard deviation length of packets in the backward direction
Flow IAT Min Minimum Time between two packets passed through the flow
Flow IAT Mean Mean time across two packets passed in the flow
Flow IAT std Time of standard deviation between two packets
Forward IAT Min Minimum time across two packets passed in the forward direction
Active Min Before turning into idle the minimum activation time of a flow
Active Mean Before turning into idle the mean active time of a flow
Average_Packet_Size Average measurement of packet
Backward Packet Length Min Minimum packet length in the backward direction
Forward_IAT_Mean Mean time across two packets passed into forward direction
Backward_IAT_Mean Mean time across two packets passed into backward direction
Initial Win bytes forward Total number of bytes passed through initial window into forward direction
ACK flag _Count Number of packets on acknowledgment
SYN flag_Count Number of packets on synchronization
Forward push_flag Numbers of how many times push flag set in packets to travel into forward direction
Flow_packets Number of packets carried per second
Initial win_bytes backward Total number of bytes passed through initial window into backward direction
Forward Packet Length Mean Mean packet length into forward direction
Backward Packets Number of packets carried per second
Push Flag_Count Packet numbers on PUSH
3.2. Removing duplicates
Some of the records in the dataset have duplicate values. For precise evaluation, it was necessary to
remove duplicate values from the dataset. After removing duplicate records number of instances has
reduced to 2286604 for multi-class attack types. Figure 2 shows the distribution of each class label for
multi-classification.
5. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 10, No. 5, October 2020 : 5514 - 5525
5518
3.3. Class imbalance
It is observed that the size of the dataset combined is huge, also the class imbalance situation can be
seen from Figure 2. If the combined dataset is used for training the model, then the model will likely show
results biased towards the majority class type. Because of this class imbalance issue, the model can give
a high false alarm rate with low accuracy. For this study, to reduce the effect of class imbalance problem
'Monday-WorkingHours.pcap_ISCX.csv' dataset which contains only benign records has been taken out of
consideration. The amount of benign record is more than 80% which can make the classifier over-fitted
towards the normal attack. Without the mentioned dataset the total number of instances for the multi-class
dataset is 1835569.
Figure 2. Attack instances number for multi-class
3.4. Normalization
Normalization is important for data preparation in neural networks because the layers in the model
act sensitive depending on the weights of the data. The features of the CICIDS2017 dataset have values of
different ranges which make the dataset incomparable. So, to keep the values in a common range
normalization is applied, which makes the learning process easier for neural network layers. All the values
are normalized within a range of 0 to 1 using max-min normalization.
x' = (x - min)/(max - min) * (new_max – new_min) + new_min
The status of each record before and after normalization is shown below.
Before Normalization (snippet of dataset)
3, 12, 6, 0, 0, 3, 0, 3, 3, 3, 0, 0, 666666.7, 0, 0, 0, 1, 9, 12, 33, -1, 0, 0, BENIGN
After Normalization (snippet of dataset)
0, 0.000066, 0.001552, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0.222222, 0, 0, 0, 1, 0.00356, 0.000066, 0.000519, 0, 0, 0,
BENIGN
3.5. Label encoding
For binary classification benign and attack are considered as '0' and '1' respectively. And for
multi-class classification Label encoding has been applied on the dataset because the multi-class labels have
string names. It is vital to binarize those string names into numeral values before passing the dataset through
the classification model. Label encoding is used rather than randomly numbering the strings to avoid any
biases in the model towards the hierarchy of the numbers of class type. After encoding the class type into
binary codes it is used as the output layer for the multi-classification with n classes. Label encoding is
summarized in Algorithm 1. After label encoding, the class attribute for each record forms an array with
binary values assigned to every 15 classes randomly. Each record looks like the below array fragment.
6. Int J Elec & Comp Eng ISSN: 2088-8708
An intrusion detection system for packet and flow based networks using deep neural ... (Kaniz Farhana)
5519
[1, 0, 0, ..., 0, 0, 0]
[1, 0, 0, ..., 0, 1, 0]
[1, 0, 0, ..., 0, 0, 0]
……………..........
[1, 0, 0, ..., 0, 0, 0]
[1, 0, 0, ..., 1, 0, 0]
[1, 0, 0, ..., 0, 0, 0]
Algorithm 1 : Label Encoding for multi-class classification
Input: Dataset D with features f0, f1, ………, fn-1 and attack classes (1…….C) for each records
in the dataset
Output: label encoded class feature
1: LabelBinarizer()
2: lb.fit_transform()
3: y ⃪ label_binarize() #binary coded class label
4: end
After encoding, class distribution is shown in Table 3.
Table 3. Class distribution
Class number Class name
Class-0 Benign
Class-1 Bot
Class-2 DDoS
Class-3 DoS Goldeneye
Class-4 DoS Hulk
Class-5 DoS Slowhttptest
Class-6 DoS Slowloris
Class-7 FTP-Patator
Class-8 Heartbleed
Class-9 Infiltration
Class-10 PortScan
Class-11 SSH-Patator
Class-12 Web Attack-Brute Force
Class-13 Web Attack-Sql Injection
Class-14 Web Attack-XSS
4. RESEARCH METHOD
For the implementation process, we used Jupyter notebook, python programming environment
through TensorFlow and Keras library. After data preprocessing all the datasets are separated into two files
for binary and multi-class classification. Figure 3 depicts the methodology of this study. First, the dataset is
preprocessed so that the model can be applied to the dataset thoroughly. The dataset with selected 24 features
(including the class type) has been divided into 65% of the training set and 35% of the test set. The datasets
are divided with the same proportion for both binary and multi-class classification.
Figure 3. Methodology
7. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 10, No. 5, October 2020 : 5514 - 5525
5520
4.1. Proposed model
The proposed deep neural network model is built with four layers, where all the nodes in the layers
are fully connected uses backpropagation for the learning model. DNN produces output values by calculating
the hidden layer neuron weights. So, the model constructs with one input layer, two hidden layers, and one
output layer. The number of hidden layers is not increased to avoid the vanishing gradient problem,
also many hidden layers can produce results with very high sensitivity. Figure 4 gives an idea of
the proposed model.
Figure 4. Deep neural network
As activation function, ReLu is used in both input and hidden layer for easier mathematical
operation, while sigmoid function is activated for binary classification and activation function softmax is
employed on the final layer for multi-class classification respectively. Input dim is set as 23 as the input
features, excluding the class type feature. The first layer is set for 128 nodes, two hidden nodes layers are set
to 64 and 32 respectively while the output layer node is set as 1 for binary class model and for the multi-class
problem it is set according to the N class number. N classes are the count of benign and attack types. For both
scenarios training batch size is set as 10 thousand (for a single batch of the sample) and the epoch is set to
150 (total pass number over the complete training set). The proposed model is summarized in Algorithm 2.
Algorithm 2: Proposed DNN model
Input: Dataset D with features f0, f1, ………, fn-1 and attack label encoded (1…….C) for each
record
1. Train test split
2. Build the model on training dataset - Sequential()
3. Adding layers to the neural network - model.add()
4. Compile the model and calculate the accuracy
model.fit( )
for i to n - 1 Each layer according to the batch size and epochs
calculate the performance (lose, accuracy) of each layer
5. End
return ⃪ accuracy
6. ROC and Precision-recall calculation
return ⃪ roc and precision-recall curve
Here, step 2 defines the Keras model for classification. On step 3 new layers are added to the model.
Then, the model is trained over 65% of the dataset, calculating the accuracy, loss score for each layer.
After step 4, the average value of accuracy and loss is counted. Finally, roc and precision-recall
scores are calculated to understand the performance of the proposed model on both multi-class and binary
classification problems.
5. TEST RESULT AND PERFORMANCE ANALYSIS
We measured the values of the loss function and accuracy on the test dataset for binary and
multi-class classification with 24 best-selected features including the class label. The performance of
the model is also estimated under the receiver operating characteristic (ROC) curve and precision-recall
curve. ROC refers to a graphical illustration to show the potential of a classifier. True positive and false
positive rates are the two parameters used in roc. Metrics defined below are used to measure accuracy,
roc and precision-recall curve [25].
8. Int J Elec & Comp Eng ISSN: 2088-8708
An intrusion detection system for packet and flow based networks using deep neural ... (Kaniz Farhana)
5521
- True Positive-TP -represents attack data which is correctly classified as an attack type.
- False Positive-FP -refers to the data that is not correctly identified as an attack type.
- True Negative-TN -alludes to data that is correctly identified as a normal type.
- False Negative-FN -refers to attack data that is not correctly categorized as a normal type.
Precision, recall score delivers the success of prediction on the imbalanced classes. Precision refers
to the result of relevancy, where recall calculates true relevant events that have been found. Precision refers
to tp/tp+fp and Recall refers to tp/tp+fn. The precision-recall curve illustrates the trade-off relation between
recall and precision for non-identical thresholds. The top area under the curve means peak values for recall
and precision, but top precision means the lowest false-positive rate and top recall means lowest
false-negative rate. Peak scores show that classifier giving precise results as high point precision. Table 4
gives the result, where the DNN model with two hidden layers achieved high accuracy rates. For binary
classification Table 5 shows the precision, recall scores. And, the plot is shown in Figure 5 shows the ROC
curve value as 1 for binary classification.
Table 4. Test result 1
Binary Classification Multi-class Classification
Accuracy 99.13% 99.29%
Loss 0.0232 0.0289
Table 5. Test result 2
Binary classification
Precision 0.99
Recall 0.96
Figure 5. ROC for binary classification
The plot is shown in Figure 6 is the ROC for multiclass, which gives ROC area under the curve
value as 1 for all 15 classes. ROC AUC value varies between 0 and 1, while 1 is considered as a perfect
performance. Figure 7 depicts the Precision-recall curve for multi-class attacks. Table 6 shows
the precision-recall curve scores concerning the attack name and it is observed from Table 6,
that the precision-recall curve score for attack classes 8, 9 and 13 is 0. Class 8, 9 and represents the attacks
‘Heartbleed’, ‘Infiltration’ and ‘Web Attack Sql injection’ respectively. From Figure 2, we can see that these
attack types have a very small percentage compared to other attack types. This class imbalance problem and
a small number of attack instances are the reason why the model cannot give the precision-recall curve score
for those specific attack types. Percentage and precision-recall curve scores for other Web attacks are also
relatively low.
9. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 10, No. 5, October 2020 : 5514 - 5525
5522
Figure 6. ROC for multi-classification
Figure 7. The precision-recall curve for multi-class
10. Int J Elec & Comp Eng ISSN: 2088-8708
An intrusion detection system for packet and flow based networks using deep neural ... (Kaniz Farhana)
5523
Table 6. Test result 3
Class name Precision-recall curve score
Benign (Class 0) 1
Bot (Class 1) 0.54
DDoS (Class 2) 1
DoS Goldeneye (Class 3) 0.99
DoS Hulk (Class 4) 1
DoS Slowhttptest (Class 5) 0.82
DoS Slowloris (Class 6) 0.97
FTP-Patator (Class 7) 0.99
Heartbleed (Class 8) 0
Infiltration (Class 9) 0
PortScan (Class 10) 0.69
SSH-Patator (Class 11) 0.94
Web Attack Brute Force (Class 12) 0.24
Web Attack Sql Injection (Class 13) 0
Web Attack XSS (Class 14) 0.19
Figure 8 shows the average returned for the precision-recall curve score as 1. CICIDS2017 is one of
the inclusive data set used in literature. From Table 4 we have seen that the accuracy of the model for binary
and multi-class classification is relatively better in contrast with the studies [16, 17] that used the same
dataset for deep neural networks. Table 7 shows a performance comparison between the proposed model and
other studies.
It is also visible that feature selection and data-preprocessing effects the performance of models
used in the classification. In this study, the selected features and data-preprocessing results over a 99%
accuracy rate that makes the DNN model better than the previously mentioned studies [16, 17] of
the DNN model.
Figure 8. Averaged precision-recall curve for multi-class
Table 7. Comparison
The proposed method The study [16] The study [17]
Binary
Classification
Multi-class
Classification
Binary
Classification
Multi-class Classification
All
features
10
features
20
features
30
features
Accuracy 99.13% 99.29% 89% 98.40% 94.72% 95.92% 96.71%
6. CONCLUSION
An IDS model is proposed in this study using Deep neural networks and the model is trained and
tested on the CICIDS2017 dataset, contains real network traffic data. The huge size of the dataset was
a challenge to handle. Label Encoding is performed on the data preprocessing stage to ensure that the model
does not show biasness for any attack classes. The deep neural network is used so that the dataset can
produce results with good accuracy and speed. In this study, the proposed neural network model gives
11. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 10, No. 5, October 2020 : 5514 - 5525
5524
99.13% accuracy for binary classification and 99.29% for multi-class classification. The model also scores
100% for the precision-recall curve and roc curve. Also, the model gives faintly better accuracy results for
multi-class classification results than binary classification.
However, the model could not classify 'Heartbleed', 'Infiltration' and 'Web Attack Sql injection',
due to the low number of records presented in the data set itself. This study offers a contribution to
the literature over the performance measure of IDS using DNN on the packet and flow-based dataset,
as the CICIDS2017 dataset has been also updated by creators. This study provides an overview for
the researchers to focus on the limitations of detecting the low numbered instances and also help to design,
analyze and understand the intrusion detection model using other relevant deep learning techniques over
the dataset. In the future, we are planning to work on a detection model to detect the low numbered instances.
REFERENCES
[1] T. Vaidya, “2001-2013: Survey and analysis of major cyberattacks,” arXiv preprint arXiv: 1507.06673, 2015.
[2] H. Azwar, et al., “Intrusion Detection in secure network for Cybersecurity systems using Machine Learning and
Data Mining,” 2018 IEEE 5th International Conference on Engineering Technologies and Applied Sciences
(ICETAS), Bangkok, Thailand, pp. 1-9, 2018.
[3] S. Naseer, et al., “Enhanced Network Anomaly Detection Based on Deep Neural Networks,” in IEEE Access,
vol. 6, pp. 48231-48246, 2018.
[4] G. Karatas, et al., “Deep Learning in Intrusion Detection Systems,” 2018 International Congress on Big Data,
Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), Ankara, Turkey, pp. 113-116, 2018.
[5] F. A. Khan, et al., “A Novel Two-Stage Deep Learning Model for Efficient Network Intrusion Detection,” in IEEE
Access, vol. 7, pp. 30373-30385, 2019.
[6] N. Shone, et al., “A Deep Learning Approach to Network Intrusion Detection,” in IEEE Transactions on Emerging
Topics in Computational Intelligence, vol. 2, no. 1, pp. 41-50, Feb. 2018.
[7] F. Farahnakian and J. Heikkonen, “A deep auto-encoder based approach for intrusion detection system,” 2018 20th
International Conference on Advanced Communication Technology (ICACT), Chuncheon-si Gangwon-do, Korea
(South), pp. 1-1, 2018.
[8] J. Kim, et al., “Method of Intrusion Detection using Deep Neural Network,” 2017 IEEE International Conference
on Big Data and Smart Computing (BigComp), Jeju, pp. 313-316, 2017.
[9] Y. Liu and X. Zhang, “Intrusion Detection Based on IDBM, in 2016 IEEE 14th Intl Conference on Dependable,
Autonomic and Secure Computing,” 14th
Intl Conf on Pervasive Intelligence and Computing, 2nd Intl Conf on Big
Data Intelligence and Computing and Cyber Science and Technology Congress, pp. 173-177, 2016.
[10] S. A. Althubiti, et al., “LSTM for Anomaly-Based Network Intrusion Detection,” 2018 28th International
Telecommunication Networks and Applications Conference (ITNAC), Sydney, NSW, pp. 1-3, 2018.
[11] J. Zhang and M. Zulkernine, “A hybrid network intrusion detection technique using random forests,” in The First
International Conference on Availability, Reliability and Security, (ARES 2006), 2006.
[12] N. Gao, et al., “An Intrusion Detection Model Based on Deep Belief Networks,” in 2014 Second International
Conference on Advanced Cloud and Big Data, pp. 247-252, 2014.
[13] R. Vijayanand, et al., “Intrusion detection system for wireless mesh network using multiple support vector machine
classifiers with genetic-algorithm-based feature selection,” Computer and Security, vol. 77, pp. 304-314, 2018.
[14] B. Roy and H. Cheung, “A Deep Learning Approach for Intrusion Detection in Internet of Things using Bi-
Directional Long Short Term Memory Recurrent Neural Network,” 2018 28th International Telecommunication
Networks and Applications Conference (ITNAC), Sydney, NSW, pp. 1-6, 2018.
[15] M. M. U. Chowdhury, et al., “A few-shot deep learning approach for improved intrusion detection,” 2017 IEEE 8th
Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), New York, NY,
pp. 456-462, 2017.
[16] S. Ustebay, et al., “Intrusion Detection System with Recursive Feature Elimination by Using Random Forest and
Deep Learning Classifier,” 2018 International Congress on Big Data, Deep Learning and Fighting Cyber
Terrorism (IBIGDELFT), Ankara, Turkey, pp. 71-76, 2018.
[17] S. Ustebay, et al., “Cyber Attack Detection by Using Neural Network Approaches: Shallow Neural Network, Deep
Neural Network and AutoEncoder,” in International Conference on Computer Netwoks, pp. 144-155, 2019.
[18] G. Watson, “A Comparison of Header and Deep Packet Features when Detecting Network Intrusions,” University
of Maryland, 2018.
[19] I. Sharafaldin, et al., “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic
Characterization,” 4th International Conference on Information Systems Security and Privacy, pp. 108-116, 2018.
[20] I. Sharafaldin, et al., “A Detailed Analysis of the CICIDS2017 Data Set,” International Conference on Information
Systems Security and Privacy, pp. 172-188, 2019.
[21] M. Ring, et al., “A Survey of Network-based Intrusion Detection Data Sets,” arXiv: 1903.02460, 2019.
[22] UNB, “Intrusion Detection Evaluation Dataset (CICIDS2017),” University of New Brunswick. Available:
https://www.unb.ca/cic/datasets/ids-2017.html.
[23] A. H. Lashkari, et al., “Characterization of Tor Traffic using Time based Features,” in Proceedings of the 3rd
International Conference on Information Systems Security and Privacy, vol. 1, pp. 253-262, 2017.
12. Int J Elec & Comp Eng ISSN: 2088-8708
An intrusion detection system for packet and flow based networks using deep neural ... (Kaniz Farhana)
5525
[24] Arash H. L., et al., “CICFLOWMETER,” UNB, Canadian Institute for Cybersecurity, [Online], Available:
www.netflowmeter.ca.
[25] A. L. Buczak and E. Guven, "A Survey of Data Mining and Machine Learning Methods for Cyber Security
Intrusion Detection," in IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153-1176, 2016.
BIOGRAPHIES OF AUTHORS
Kaniz Farhana, Graduate Student at Port City International University (Bangladesh), completed
B.Sc. Engineering at University of Science & Technology, Chittagong (USTC) in the year of
2018. Research interest includes Deep Learning Approaches, Cyber Security, Performance
Analysis. Working as an Information and Communication Technology (ICT) lecturer at South
Point School and College (Bangladesh).
Maqsudur Rahman, Senior Lecturer at Department of Computer Science and Engineering, Port
City International University, (Bangladesh). Teaching area includes Computer Programming,
Computer Networks, Data Communication & Mobile Communication. Research interests lie at
Digital Communication, IoT and Network Security.
Md. Tofael Ahmed, Associate Professor of ICT, Comilla University (Bangladesh). Research
area includes Cyberbulling Detection, Data Mining, Text Analytic, Big Data, Online Social
Network analysis.