This document presents a study that constructs a predictive model for network intrusion detection using data mining techniques. The study uses the KDD Cup 99 intrusion detection dataset to build classification models using J48 decision tree, JRip rule induction, Naive Bayes, and multilayer perceptron algorithms. The J48 decision tree algorithm achieved the highest accuracy of 99.91% and was selected to build the predictive model. This model was then integrated with a knowledge-based system to build an intelligent network intrusion detection system capable of automatically detecting network attacks, mapping detections to attack categories, and updating the training data over time. Experimental evaluation found the integrated system achieved 91.43% accuracy and 83% user acceptance in detecting network intrusions
A SURVEY ON THE USE OF DATA CLUSTERING FOR INTRUSION DETECTION SYSTEM IN CYBE...IJNSA Journal
In the present world, it is difficult to realize any computing application working on a standalone computing device without connecting it to the network. A large amount of data is transferred over the network from one device to another. As networking is expanding, security is becoming a major concern. Therefore, it has become important to maintain a high level of security to ensure that a safe and secure connection is established among the devices. An intrusion detection system (IDS) is therefore used to differentiate between the legitimate and illegitimate activities on the system. There are different techniques are used for detecting intrusions in the intrusion detection system. This paper presents the different clustering techniques that have been implemented by different researchers in their relevant articles. This survey was carried out on 30 papers and it presents what different datasets were used by different researchers and what evaluation metrics were used to evaluate the performance of IDS. This paper also highlights the pros and cons of each clustering technique used for IDS, which can be used as a basis for future work.
Classification Rule Discovery Using Ant-Miner Algorithm: An Application Of N...IJMER
Enormous studies on intrusion detection have widely applied data mining techniques to
finding out the useful knowledge automatically from large amount of databases, while few studies have
proposed classification data mining approaches. In an actual risk assessment process, the discovery of
intrusion detection prediction knowledge from experts is still regarded as an important task because
experts’ predictions depend on their subjectivity. Traditional statistical techniques and artificial
intelligence techniques are commonly used to solve this classification decision making. This paper
proposes an ant-miner based data mining method for discovering network intrusion detection rules from
large dataset. The obtained result of this experiment shows that clearly the ant-miner is superior than
ID3, J48, ADtree, BFtree, Simple cart. Although different classification models have been developed for
network intrusion detection, each of them has its strength and weakness, including the most commonly
applied Support Vector Machine(SVM)method and the clustering based on Self Organized Ant Colony
Network (CSOACN).Our algorithm is implemented and evaluated using a standard bench mark KDD99
dataset. Experiments show that ant-miner algorithm out performs than other methods in terms of both
classification rate and accuracy
Current issues - International Journal of Network Security & Its Applications...IJNSA Journal
nternational Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
New Hybrid Intrusion Detection System Based On Data Mining Technique to Enhan...ijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...ijcsit
In order to avoid illegitimate use of any intruder, intrusion detection over the network is one of the critical
issues. An intruder may enter any network or system or server by intruding malicious packets into the
system in order to steal, sniff, manipulate or corrupt any useful and secret information, this process is
referred to as intrusion whereas when packets are transmitted by intruder over the network for any purpose
of intrusion is referred to as attack. With the expanding networking technology, millions of servers
communicate with each other and this expansion is always in progress every day. Due to this fact, more
and more intruders get attention; and so to overcome this need of smart intrusion detection model is a
primary requirement.
By analyzing the feature selection methods the identification of essential features of NSL-KDD data set is
done, then by using selected features and machine learning approach and analyzing the basic features of
networks over the data set a hybrid algorithm is made. Finally a model is produced over the algorithm
containing the rules for the network features.
A hybrid misuse intrusion detection model is made to find attacks on system to improve the intrusion
detection. Based on prior features, intrusions on the system can be detected without any previous learning.
This model contains the advantage of feature selection and machine learning techniques with misuse
detection.
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
Software-Defined Networking (SDN) has become an essential networking concept towards escalating the networking capabilities that are highly demanded future internet system, which is immensely distributed in nature. Owing to the novel concept in the field of network, it is still shrouded with security problems. It is also found that the Distributed Denial-of-Service (DDoS) attack is one of the prominent problems in the SDN environment. After reviewing existing research solutions towards resisting DDoS attack in SDN, it is found that still there are many open-end issues. Therefore, these issues are identified and are addressed in this paper in the form of a preemptive model of security. Different from existing approaches, this model is capable of identifying any malicious activity that leads to a DDoS attack by performing a correct classification of attack strategy using a machine learning approach. The paper also discusses the applicability of best classifiers using machine learning that is effective against DDoS attack.
Balancing Trade-off between Data Security and Energy Model for Wireless Senso...IJECEIAES
An extensive effort to evolve various routing protocol to ensure optimal data delivery in energy efficient way is beneficial only if there is additional means of security process is synchronized. However, the security process consideration introduces additional overhead thus a security mechanism is needed to accomplish an optimal trade-off that exists in-between security as well as resource utilization especially energy. The prime purpose of this paper is to develop a process of security in the context of wireless sensor networks (WSN) by introducing two types of sensor node deployed with different capabilities. The proposed algorithm Novel Model of Secure Paradigm (N-MSP) which is further integrated with WSN. However, this algorithm uses a Hash-based Message Authentication Code (HMAC) authentication followed by pairwise key establishment during data aggregation process in a WSN. The extensive simulation carried out in a numerical platform called MATLAB that depicts that the proposed N-MSP achieves optimal processing time along with energy efficient pairwise key establishment during data aggregation process.
A SURVEY ON THE USE OF DATA CLUSTERING FOR INTRUSION DETECTION SYSTEM IN CYBE...IJNSA Journal
In the present world, it is difficult to realize any computing application working on a standalone computing device without connecting it to the network. A large amount of data is transferred over the network from one device to another. As networking is expanding, security is becoming a major concern. Therefore, it has become important to maintain a high level of security to ensure that a safe and secure connection is established among the devices. An intrusion detection system (IDS) is therefore used to differentiate between the legitimate and illegitimate activities on the system. There are different techniques are used for detecting intrusions in the intrusion detection system. This paper presents the different clustering techniques that have been implemented by different researchers in their relevant articles. This survey was carried out on 30 papers and it presents what different datasets were used by different researchers and what evaluation metrics were used to evaluate the performance of IDS. This paper also highlights the pros and cons of each clustering technique used for IDS, which can be used as a basis for future work.
Classification Rule Discovery Using Ant-Miner Algorithm: An Application Of N...IJMER
Enormous studies on intrusion detection have widely applied data mining techniques to
finding out the useful knowledge automatically from large amount of databases, while few studies have
proposed classification data mining approaches. In an actual risk assessment process, the discovery of
intrusion detection prediction knowledge from experts is still regarded as an important task because
experts’ predictions depend on their subjectivity. Traditional statistical techniques and artificial
intelligence techniques are commonly used to solve this classification decision making. This paper
proposes an ant-miner based data mining method for discovering network intrusion detection rules from
large dataset. The obtained result of this experiment shows that clearly the ant-miner is superior than
ID3, J48, ADtree, BFtree, Simple cart. Although different classification models have been developed for
network intrusion detection, each of them has its strength and weakness, including the most commonly
applied Support Vector Machine(SVM)method and the clustering based on Self Organized Ant Colony
Network (CSOACN).Our algorithm is implemented and evaluated using a standard bench mark KDD99
dataset. Experiments show that ant-miner algorithm out performs than other methods in terms of both
classification rate and accuracy
Current issues - International Journal of Network Security & Its Applications...IJNSA Journal
nternational Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
New Hybrid Intrusion Detection System Based On Data Mining Technique to Enhan...ijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...ijcsit
In order to avoid illegitimate use of any intruder, intrusion detection over the network is one of the critical
issues. An intruder may enter any network or system or server by intruding malicious packets into the
system in order to steal, sniff, manipulate or corrupt any useful and secret information, this process is
referred to as intrusion whereas when packets are transmitted by intruder over the network for any purpose
of intrusion is referred to as attack. With the expanding networking technology, millions of servers
communicate with each other and this expansion is always in progress every day. Due to this fact, more
and more intruders get attention; and so to overcome this need of smart intrusion detection model is a
primary requirement.
By analyzing the feature selection methods the identification of essential features of NSL-KDD data set is
done, then by using selected features and machine learning approach and analyzing the basic features of
networks over the data set a hybrid algorithm is made. Finally a model is produced over the algorithm
containing the rules for the network features.
A hybrid misuse intrusion detection model is made to find attacks on system to improve the intrusion
detection. Based on prior features, intrusions on the system can be detected without any previous learning.
This model contains the advantage of feature selection and machine learning techniques with misuse
detection.
Preemptive modelling towards classifying vulnerability of DDoS attack in SDN ...IJECEIAES
Software-Defined Networking (SDN) has become an essential networking concept towards escalating the networking capabilities that are highly demanded future internet system, which is immensely distributed in nature. Owing to the novel concept in the field of network, it is still shrouded with security problems. It is also found that the Distributed Denial-of-Service (DDoS) attack is one of the prominent problems in the SDN environment. After reviewing existing research solutions towards resisting DDoS attack in SDN, it is found that still there are many open-end issues. Therefore, these issues are identified and are addressed in this paper in the form of a preemptive model of security. Different from existing approaches, this model is capable of identifying any malicious activity that leads to a DDoS attack by performing a correct classification of attack strategy using a machine learning approach. The paper also discusses the applicability of best classifiers using machine learning that is effective against DDoS attack.
Balancing Trade-off between Data Security and Energy Model for Wireless Senso...IJECEIAES
An extensive effort to evolve various routing protocol to ensure optimal data delivery in energy efficient way is beneficial only if there is additional means of security process is synchronized. However, the security process consideration introduces additional overhead thus a security mechanism is needed to accomplish an optimal trade-off that exists in-between security as well as resource utilization especially energy. The prime purpose of this paper is to develop a process of security in the context of wireless sensor networks (WSN) by introducing two types of sensor node deployed with different capabilities. The proposed algorithm Novel Model of Secure Paradigm (N-MSP) which is further integrated with WSN. However, this algorithm uses a Hash-based Message Authentication Code (HMAC) authentication followed by pairwise key establishment during data aggregation process in a WSN. The extensive simulation carried out in a numerical platform called MATLAB that depicts that the proposed N-MSP achieves optimal processing time along with energy efficient pairwise key establishment during data aggregation process.
The Royal Split Paradigm: Real-Time Data Fragmentation and Distributed Networ...CSCJournals
With data encryption, access control, and monitoring technology, high profile data breaches still
occur. To address this issue, this work focused on securing data at rest and data in motion by
utilizing current distributed network technology in conjunction with a data fragmenting and
defragmenting algorithm. Software prototyping was used to exhaustively test this new paradigm
within the confines of the Defense Technology Experimental Research (DETER) virtual testbed.
The virtual testbed was used to control all aspects within the testing network including: node
population, topology, file size, and number of fragments. In each topology, and for each
population size, different sized files were fragmented, distributed to nodes on the network,
recovered, and defragmented. All of these tests were recorded and documented. The results
produced by this prototype showed, with the max wait time removed, an average wait time of
.0287 s/fragment and by increasing the number of fragments, N, the complexity, X, would
increase as demonstrated in the formula: X = (.00287N!).
User Selective Encryption Method for Securing MANETs IJECEIAES
Security issue is getting important day by day. At present, there are a variety of methodologies to provide protection for data confidentiality. MANETs have lots of security challenges than traditional networks like infrastructureless and self-organizing requirements. As t he MANETs are dynamic networks that’s make every transmission in such networks vulnerable to many attacks and improving security level becomes a main issue. This paper introduces a user selective encryption method by operating Data Encryption Standard (DES ), Triple DES (3DES), Advanced Encryption Standard (AES) and the Diffie-Hellman Key Exchange (DHKE) protocol for key management in order to improve MANET security. Through the Network Simulator-2 (NS-2), the we investigat e the performance of the proposed method in terms of data transfer time and network throughput for different data sizes and different sender-to-receiver number of hops. The results show the superiority of AES over other encryption algorithms. Furthermore, the effectiveness of our proposed method is verified through comparing our results with those obtained from previous studies.
WLI-FCM and Artificial Neural Network Based Cloud Intrusion Detection SystemEswar Publications
Security and Performance aspects of cloud computing are the major issues which have to be tended to in Cloud Computing. Intrusion is one such basic and imperative security problem for Cloud Computing. Consequently, it is essential to create an Intrusion Detection System (IDS) to detect both inside and outside assaults with high detection precision in cloud environment. In this paper, cloud intrusion detection system at hypervisor layer is developed and assesses to detect the depraved activities in cloud computing environment. The cloud intrusion detection system uses a hybrid algorithm which is a fusion of WLI- FCM clustering algorithm and Back propagation artificial Neural Network to improve the detection accuracy of the cloud intrusion detection system. The proposed system is implemented and compared with K-means and classic FCM. The DARPA’s KDD cup dataset 1999 is used for simulation. From the detailed performance analysis, it is clear that the proposed system is able to detect the anomalies with high detection accuracy and low false alarm rate.
DESIGN AND IMPLEMENTATION OF THE ADVANCED CLOUD PRIVACY THREAT MODELING IJNSA Journal
Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat
modeling as a part of requirements engineering in secure software development provides a structured
approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities
in a system. This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for
privacy threat modeling in relation to processing sensitive data in cloud computing environments. It
describes the modeling methodology that involved applying Method Engineering to specify characteristics
of a cloud privacy threat modeling methodology, different steps in the proposed methodology and
corresponding products. In addition, a case study has been implemented as a proof of concept to
demonstrate the usability of the proposed methodology. We believe that the extended methodology
facilitates the application of a privacy-preserving cloud software development approach from requirements
engineering to design.
A Wireless Sensor Network is a multiple collection of large number of sensor nodes. These sensor nodes are used to collect the information from the surroundings and pass it to the base station. Data Aggregation is an important technique to achieve power resource effectively in the sensor network. Because sensor node has limited battery power so data aggregation techniques have been proposed for WSN. The data from the multiple sensor nodes are aggregated is usually performed by averaging method. The aggregated data are stored into header aggregator node and it is highly susceptible to attacks. To address this security issue, Iterative Filtering algorithms are used to monitor sensor nodes and provide great promise by detecting vulnerable errors. For transferring aggregator data from aggregated node to base station, this paper introduces Cryptography and Random Key Generation technique. We use encryption technique for original message and simultaneously create a key for that encrypted message. That generated key and encrypted message will be sent to the receiver through the possible paths where the hackers cannot hack the original message.
FSDA: Framework for Secure Data Aggregation in Wireless Sensor Network for En...IJECEIAES
An effective key management plays a crucial role in imposing a resilient security technique in Wireless Sensor Network (WSN). After reviewing the existing approaches of key management, it is confirmed that existing approachs does not offer good coverage on all potential security breaches in WSN. With WSN being essential part of Internet-of-Things (IoT), the existing approaches of key management can definitely not address such security breaches. Therefore, this paper introduces a Framework for Secure Data Aggregation (FSDA) that hybridizes the public key encryption mechanism in order to obtain a novel key management system. The proposed system does not target any specific attacks but is widely applicable for both internal and external attacks in WSN owing to its design principle. The study outcome exhibits that proposed FSDA offers highly reduced computational burden, minimal delay, less energy consumption, and higher data transmission perforance in contrast to frequency used encryption schemes in WSN.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
A review on privacy preservation in data miningijujournal
The main focus of privacy preserving data publishing was to enhance traditional data mining techniques for masking sensitive information through data modification. The major issues were how to modify the data and how to recover the data mining result from the altered data. The reports were often tightly coupled with the data mining algorithms under consideration. Privacy preserving data publishing focuses on techniques for publishing data, not techniques for data mining. In case, it is expected that standard data mining techniques are applied on the published data. Anonymization of the data is done by hiding the identity of record owners, whereas privacy preserving data mining seeks to directly belie the sensitive data. This survey carries out the various privacy preservation techniques and algorithms.
A Review on Privacy Preservation in Data Miningijujournal
The main focus of privacy preserving data publishing was to enhance traditional data mining techniques
for masking sensitive information through data modification. The major issues were how to modify the data
and how to recover the data mining result from the altered data. The reports were often tightly coupled
with the data mining algorithms under consideration. Privacy preserving data publishing focuses on
techniques for publishing data, not techniques for data mining. In case, it is expected that standard data
mining techniques are applied on the published data. Anonymization of the data is done by hiding the
identity of record owners, whereas privacy preserving data mining seeks to directly belie the sensitive data.
This survey carries out the various privacy preservation techniques and algorithms.
A predictive model for network intrusion detection using stacking approach IJECEIAES
Due to the emerging technological advances, cyber-attacks continue to hamper information systems. The changing dimensionality of cyber threat landscape compel security experts to devise novel approaches to address the problem of network intrusion detection. Machine learning algorithms are extensively used to detect intrusions by dint of their remarkable predictive power. This work presents an ensemble approach for network intrusion detection using a concept called Stacking. As per the popular no free lunch theorem of machine learning, employing single classifier for a problem at hand may not be ideal to achieve generalization. Therefore, the proposed work on network intrusion detection emphasizes upon a combinative approach to improve performance. A robust processing paradigm called Graphlab Create, capable of upholding massive data has been used to implement the proposed methodology. Two benchmark datasets like UNSW NB-15 and UGR’ 16 datasets are considered to demonstrate the validity of predictions. Empirical investigation has illustrated that the performance of the proposed approach has been reasonably good. The contribution of the proposed approach lies in its finesse to generate fewer misclassifications pertaining to various attack vectors considered in the study.
n-Tier Modelling of Robust Key management for Secure Data Aggregation in Wire...IJECEIAES
Security problems in Wireless Sensor Network (WSN) have been researched from more than a decade. There are various security approaches being evolving towards resisting various forms of attack using different methodologies. After reviewing the existing security approaches, it can be concluded that such security approaches are highly attack-specific and doesnt address various associated issues in WSN. It is essential for security approach to be computationally lightweight. Therefore, this paper presents a novel analytical modelling that is based on n-tier approach with a target to generate an optimized secret key that could ensure higher degree of security during the process of data aggregation in WSN. The study outcome shows that proposed system is computationally lightweight with good performance on reduced delay and reduced energy consumption. It also exhibits enhanced response time and good data delivery performance to balance the need of security and data forwarding performance in WSN.
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...IJCI JOURNAL
The process of protecting information by transformi
ng (encrypting) it into an unreadable format is cal
led
cryptography. Only those who possess secret key can
decipher (decrypt) the message into plain text.
Encrypted messages can sometimes be broken by crypt
analysis, also called code breaking, so there is a
need for strong and fast cryptographic methods for
securing the data from attackers. Although modern
cryptography techniques are virtually unbreakable,
sometimes they also tend to attack.
As the Internet, big data, cloud data storage and
other forms of electronic communication become more
prevalent, electronic security is becoming increasi
ngly important. Cryptography is used to protect e-m
ail
messages, credit card information, corporate data,
cloud data and big data so on... So there is a need
for
best and fast cryptographic methods for protecting
the data. In this paper a method is proposed to pro
tect
the data in faster way by using classical cryptogra
phy. The encryption and decryption are done in par
allel
using threads with the help of underlying hardware.
The time taken by sequential and parallel method i
s
analysed
Utilizing Data Mining Approches in the Detection of Intrusion in IPv6 Network...IDES Editor
The development of Internet protocols are greatly
needed as the network security becomes one of the most
important issues. This brings the need to develop IPv4 into
IPv6 in order to proceed towards increasing the network
capacity.
Now Intruders are considered as one of the most serious
threats to the internet security. Data mining techniques have
been successfully utilized in many applications. Many
research projects have applied data mining techniques to
intrusion detection. Furthermore different types of data
mining algorithms are very much useful to intrusion detection
such as Classification, Link Analysis and Sequence Analysis.
Moreover, one of the major challenges in securing fast
networks is the online detection of suspicious anomalies in
network traffic pattern. Most of the current security solutions
failed to perform the security task in online mode because of
the time needed to capture the packets and making decision
about it.
Practically, this study provides alliterative survey for the
enhancement associated with IPv6 in terms of its security
related functions. It is worthy mentioned that this study is
concurred with the data mining approaches that have been
used to detect intrusions.
A NOVEL HEADER MATCHING ALGORITHM FOR INTRUSION DETECTION SYSTEMSIJNSA Journal
The evolving necessity of the Internet increases the demand on the bandwidth. Therefore, this demand opens the doors for the hackers’ community to develop new methods and techniques to gain control over networking systems. Hence, the intrusion detection systems (IDS) are insufficient to prevent/detect unauthorized access the network. Network Intrusion Detection System (NIDS) is one example that still suffers from performance degradation due the increase of the link speed in today’s networks. In This paper we proposed a novel algorithm to detect the intruders, who’s trying to gain access to the network using the packets header parameters such as;
source/destination address, source/destination port, and protocol without the need to inspect each packet content looking for signatures/patterns. However, the “Packet Header Matching” algorithm enhances the overall speed of the matching process between the incoming packet headers against the rule set. We ran the proposed algorithm to proof the proposed concept in coping with the traffic arrival speeds and the various bandwidth demands. The achieved results were of significant enhancement of the overall performance in terms of detection speed.
Intrusion detection with Parameterized Methods for Wireless Sensor Networksrahulmonikasharma
Current network intrusion detection systems lack adaptability to the frequently changing network environments. Furthermore, intrusion detection in the new distributed architectures is now a major requirement. In this paper, we propose two Adaboost based intrusion detection algorithms. In the first algorithm, a traditional online Adaboost process is used where decision stumps are used as weak classifiers. In the second algorithm, an improved online Adaboost process is proposed, and online Gaussian mixture models (GMMs) are used as weak classifiers. We further propose a distributed intrusion detection framework, in which a local parameterized detection model is constructed in each node using the online Adaboost algorithm. A global detection model is constructed in each node by combining the local parametric models using a small number of samples in the node. This combination is achieved using an algorithm based on particle swarm optimization (PSO) and support vector machines. The global model in each node is used to detect intrusions. Experimental results show that the improved online Adaboost process with GMMs obtains a higher detection rate and a lower false alarm rate than the traditional online Adaboost process that uses decision stumps. Both the algorithms outperform existing intrusion detection algorithms. It is also shown that our PSO, and SVM-based algorithm effectively combines the local detection models into the global model in each node; the global model in a node can handle the intrusion types that are found in other nodes, without sharing the samples of these intrusion types.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
Machine learning-based intrusion detection system for detecting web attacksIAESIJAI
The increasing use of smart devices results in a huge amount of data, which raises concerns about personal data, including health data and financial data. This data circulates on the network and can encounter network traffic at any time. This traffic can either be normal traffic or an intrusion created by hackers with the aim of injecting abnormal traffic into the network. Firewalls and traditional intrusion detection systems detect attacks based on signature patterns. However, this is not sufficient to detect advanced or unknown attacks. To detect different types of unknown attacks, the use of intelligent techniques is essential. In this paper, we analyse some machine learning techniques proposed in recent years. In this study, several classifications were made to detect anomalous behaviour in network traffic. The models were built and evaluated based on the Canadian Institute for Cybersecurity-intrusion detection systems dataset released in 2017 (CIC-IDS-2017), which includes both current and historical attacks. The experiments were conducted using decision tree, random forest, logistic regression, gaussian naïve bayes, adaptive boosting, and their ensemble approach. The models were evaluated using various evaluation metrics such as accuracy, precision, recall, F1-score, false positive rate, receiver operating characteristic curve, and calibration curve.
The Royal Split Paradigm: Real-Time Data Fragmentation and Distributed Networ...CSCJournals
With data encryption, access control, and monitoring technology, high profile data breaches still
occur. To address this issue, this work focused on securing data at rest and data in motion by
utilizing current distributed network technology in conjunction with a data fragmenting and
defragmenting algorithm. Software prototyping was used to exhaustively test this new paradigm
within the confines of the Defense Technology Experimental Research (DETER) virtual testbed.
The virtual testbed was used to control all aspects within the testing network including: node
population, topology, file size, and number of fragments. In each topology, and for each
population size, different sized files were fragmented, distributed to nodes on the network,
recovered, and defragmented. All of these tests were recorded and documented. The results
produced by this prototype showed, with the max wait time removed, an average wait time of
.0287 s/fragment and by increasing the number of fragments, N, the complexity, X, would
increase as demonstrated in the formula: X = (.00287N!).
User Selective Encryption Method for Securing MANETs IJECEIAES
Security issue is getting important day by day. At present, there are a variety of methodologies to provide protection for data confidentiality. MANETs have lots of security challenges than traditional networks like infrastructureless and self-organizing requirements. As t he MANETs are dynamic networks that’s make every transmission in such networks vulnerable to many attacks and improving security level becomes a main issue. This paper introduces a user selective encryption method by operating Data Encryption Standard (DES ), Triple DES (3DES), Advanced Encryption Standard (AES) and the Diffie-Hellman Key Exchange (DHKE) protocol for key management in order to improve MANET security. Through the Network Simulator-2 (NS-2), the we investigat e the performance of the proposed method in terms of data transfer time and network throughput for different data sizes and different sender-to-receiver number of hops. The results show the superiority of AES over other encryption algorithms. Furthermore, the effectiveness of our proposed method is verified through comparing our results with those obtained from previous studies.
WLI-FCM and Artificial Neural Network Based Cloud Intrusion Detection SystemEswar Publications
Security and Performance aspects of cloud computing are the major issues which have to be tended to in Cloud Computing. Intrusion is one such basic and imperative security problem for Cloud Computing. Consequently, it is essential to create an Intrusion Detection System (IDS) to detect both inside and outside assaults with high detection precision in cloud environment. In this paper, cloud intrusion detection system at hypervisor layer is developed and assesses to detect the depraved activities in cloud computing environment. The cloud intrusion detection system uses a hybrid algorithm which is a fusion of WLI- FCM clustering algorithm and Back propagation artificial Neural Network to improve the detection accuracy of the cloud intrusion detection system. The proposed system is implemented and compared with K-means and classic FCM. The DARPA’s KDD cup dataset 1999 is used for simulation. From the detailed performance analysis, it is clear that the proposed system is able to detect the anomalies with high detection accuracy and low false alarm rate.
DESIGN AND IMPLEMENTATION OF THE ADVANCED CLOUD PRIVACY THREAT MODELING IJNSA Journal
Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat
modeling as a part of requirements engineering in secure software development provides a structured
approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities
in a system. This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for
privacy threat modeling in relation to processing sensitive data in cloud computing environments. It
describes the modeling methodology that involved applying Method Engineering to specify characteristics
of a cloud privacy threat modeling methodology, different steps in the proposed methodology and
corresponding products. In addition, a case study has been implemented as a proof of concept to
demonstrate the usability of the proposed methodology. We believe that the extended methodology
facilitates the application of a privacy-preserving cloud software development approach from requirements
engineering to design.
A Wireless Sensor Network is a multiple collection of large number of sensor nodes. These sensor nodes are used to collect the information from the surroundings and pass it to the base station. Data Aggregation is an important technique to achieve power resource effectively in the sensor network. Because sensor node has limited battery power so data aggregation techniques have been proposed for WSN. The data from the multiple sensor nodes are aggregated is usually performed by averaging method. The aggregated data are stored into header aggregator node and it is highly susceptible to attacks. To address this security issue, Iterative Filtering algorithms are used to monitor sensor nodes and provide great promise by detecting vulnerable errors. For transferring aggregator data from aggregated node to base station, this paper introduces Cryptography and Random Key Generation technique. We use encryption technique for original message and simultaneously create a key for that encrypted message. That generated key and encrypted message will be sent to the receiver through the possible paths where the hackers cannot hack the original message.
FSDA: Framework for Secure Data Aggregation in Wireless Sensor Network for En...IJECEIAES
An effective key management plays a crucial role in imposing a resilient security technique in Wireless Sensor Network (WSN). After reviewing the existing approaches of key management, it is confirmed that existing approachs does not offer good coverage on all potential security breaches in WSN. With WSN being essential part of Internet-of-Things (IoT), the existing approaches of key management can definitely not address such security breaches. Therefore, this paper introduces a Framework for Secure Data Aggregation (FSDA) that hybridizes the public key encryption mechanism in order to obtain a novel key management system. The proposed system does not target any specific attacks but is widely applicable for both internal and external attacks in WSN owing to its design principle. The study outcome exhibits that proposed FSDA offers highly reduced computational burden, minimal delay, less energy consumption, and higher data transmission perforance in contrast to frequency used encryption schemes in WSN.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
A review on privacy preservation in data miningijujournal
The main focus of privacy preserving data publishing was to enhance traditional data mining techniques for masking sensitive information through data modification. The major issues were how to modify the data and how to recover the data mining result from the altered data. The reports were often tightly coupled with the data mining algorithms under consideration. Privacy preserving data publishing focuses on techniques for publishing data, not techniques for data mining. In case, it is expected that standard data mining techniques are applied on the published data. Anonymization of the data is done by hiding the identity of record owners, whereas privacy preserving data mining seeks to directly belie the sensitive data. This survey carries out the various privacy preservation techniques and algorithms.
A Review on Privacy Preservation in Data Miningijujournal
The main focus of privacy preserving data publishing was to enhance traditional data mining techniques
for masking sensitive information through data modification. The major issues were how to modify the data
and how to recover the data mining result from the altered data. The reports were often tightly coupled
with the data mining algorithms under consideration. Privacy preserving data publishing focuses on
techniques for publishing data, not techniques for data mining. In case, it is expected that standard data
mining techniques are applied on the published data. Anonymization of the data is done by hiding the
identity of record owners, whereas privacy preserving data mining seeks to directly belie the sensitive data.
This survey carries out the various privacy preservation techniques and algorithms.
A predictive model for network intrusion detection using stacking approach IJECEIAES
Due to the emerging technological advances, cyber-attacks continue to hamper information systems. The changing dimensionality of cyber threat landscape compel security experts to devise novel approaches to address the problem of network intrusion detection. Machine learning algorithms are extensively used to detect intrusions by dint of their remarkable predictive power. This work presents an ensemble approach for network intrusion detection using a concept called Stacking. As per the popular no free lunch theorem of machine learning, employing single classifier for a problem at hand may not be ideal to achieve generalization. Therefore, the proposed work on network intrusion detection emphasizes upon a combinative approach to improve performance. A robust processing paradigm called Graphlab Create, capable of upholding massive data has been used to implement the proposed methodology. Two benchmark datasets like UNSW NB-15 and UGR’ 16 datasets are considered to demonstrate the validity of predictions. Empirical investigation has illustrated that the performance of the proposed approach has been reasonably good. The contribution of the proposed approach lies in its finesse to generate fewer misclassifications pertaining to various attack vectors considered in the study.
n-Tier Modelling of Robust Key management for Secure Data Aggregation in Wire...IJECEIAES
Security problems in Wireless Sensor Network (WSN) have been researched from more than a decade. There are various security approaches being evolving towards resisting various forms of attack using different methodologies. After reviewing the existing security approaches, it can be concluded that such security approaches are highly attack-specific and doesnt address various associated issues in WSN. It is essential for security approach to be computationally lightweight. Therefore, this paper presents a novel analytical modelling that is based on n-tier approach with a target to generate an optimized secret key that could ensure higher degree of security during the process of data aggregation in WSN. The study outcome shows that proposed system is computationally lightweight with good performance on reduced delay and reduced energy consumption. It also exhibits enhanced response time and good data delivery performance to balance the need of security and data forwarding performance in WSN.
A PPLICATION OF C LASSICAL E NCRYPTION T ECHNIQUES FOR S ECURING D ATA -...IJCI JOURNAL
The process of protecting information by transformi
ng (encrypting) it into an unreadable format is cal
led
cryptography. Only those who possess secret key can
decipher (decrypt) the message into plain text.
Encrypted messages can sometimes be broken by crypt
analysis, also called code breaking, so there is a
need for strong and fast cryptographic methods for
securing the data from attackers. Although modern
cryptography techniques are virtually unbreakable,
sometimes they also tend to attack.
As the Internet, big data, cloud data storage and
other forms of electronic communication become more
prevalent, electronic security is becoming increasi
ngly important. Cryptography is used to protect e-m
ail
messages, credit card information, corporate data,
cloud data and big data so on... So there is a need
for
best and fast cryptographic methods for protecting
the data. In this paper a method is proposed to pro
tect
the data in faster way by using classical cryptogra
phy. The encryption and decryption are done in par
allel
using threads with the help of underlying hardware.
The time taken by sequential and parallel method i
s
analysed
Utilizing Data Mining Approches in the Detection of Intrusion in IPv6 Network...IDES Editor
The development of Internet protocols are greatly
needed as the network security becomes one of the most
important issues. This brings the need to develop IPv4 into
IPv6 in order to proceed towards increasing the network
capacity.
Now Intruders are considered as one of the most serious
threats to the internet security. Data mining techniques have
been successfully utilized in many applications. Many
research projects have applied data mining techniques to
intrusion detection. Furthermore different types of data
mining algorithms are very much useful to intrusion detection
such as Classification, Link Analysis and Sequence Analysis.
Moreover, one of the major challenges in securing fast
networks is the online detection of suspicious anomalies in
network traffic pattern. Most of the current security solutions
failed to perform the security task in online mode because of
the time needed to capture the packets and making decision
about it.
Practically, this study provides alliterative survey for the
enhancement associated with IPv6 in terms of its security
related functions. It is worthy mentioned that this study is
concurred with the data mining approaches that have been
used to detect intrusions.
A NOVEL HEADER MATCHING ALGORITHM FOR INTRUSION DETECTION SYSTEMSIJNSA Journal
The evolving necessity of the Internet increases the demand on the bandwidth. Therefore, this demand opens the doors for the hackers’ community to develop new methods and techniques to gain control over networking systems. Hence, the intrusion detection systems (IDS) are insufficient to prevent/detect unauthorized access the network. Network Intrusion Detection System (NIDS) is one example that still suffers from performance degradation due the increase of the link speed in today’s networks. In This paper we proposed a novel algorithm to detect the intruders, who’s trying to gain access to the network using the packets header parameters such as;
source/destination address, source/destination port, and protocol without the need to inspect each packet content looking for signatures/patterns. However, the “Packet Header Matching” algorithm enhances the overall speed of the matching process between the incoming packet headers against the rule set. We ran the proposed algorithm to proof the proposed concept in coping with the traffic arrival speeds and the various bandwidth demands. The achieved results were of significant enhancement of the overall performance in terms of detection speed.
Intrusion detection with Parameterized Methods for Wireless Sensor Networksrahulmonikasharma
Current network intrusion detection systems lack adaptability to the frequently changing network environments. Furthermore, intrusion detection in the new distributed architectures is now a major requirement. In this paper, we propose two Adaboost based intrusion detection algorithms. In the first algorithm, a traditional online Adaboost process is used where decision stumps are used as weak classifiers. In the second algorithm, an improved online Adaboost process is proposed, and online Gaussian mixture models (GMMs) are used as weak classifiers. We further propose a distributed intrusion detection framework, in which a local parameterized detection model is constructed in each node using the online Adaboost algorithm. A global detection model is constructed in each node by combining the local parametric models using a small number of samples in the node. This combination is achieved using an algorithm based on particle swarm optimization (PSO) and support vector machines. The global model in each node is used to detect intrusions. Experimental results show that the improved online Adaboost process with GMMs obtains a higher detection rate and a lower false alarm rate than the traditional online Adaboost process that uses decision stumps. Both the algorithms outperform existing intrusion detection algorithms. It is also shown that our PSO, and SVM-based algorithm effectively combines the local detection models into the global model in each node; the global model in a node can handle the intrusion types that are found in other nodes, without sharing the samples of these intrusion types.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
Machine learning-based intrusion detection system for detecting web attacksIAESIJAI
The increasing use of smart devices results in a huge amount of data, which raises concerns about personal data, including health data and financial data. This data circulates on the network and can encounter network traffic at any time. This traffic can either be normal traffic or an intrusion created by hackers with the aim of injecting abnormal traffic into the network. Firewalls and traditional intrusion detection systems detect attacks based on signature patterns. However, this is not sufficient to detect advanced or unknown attacks. To detect different types of unknown attacks, the use of intelligent techniques is essential. In this paper, we analyse some machine learning techniques proposed in recent years. In this study, several classifications were made to detect anomalous behaviour in network traffic. The models were built and evaluated based on the Canadian Institute for Cybersecurity-intrusion detection systems dataset released in 2017 (CIC-IDS-2017), which includes both current and historical attacks. The experiments were conducted using decision tree, random forest, logistic regression, gaussian naïve bayes, adaptive boosting, and their ensemble approach. The models were evaluated using various evaluation metrics such as accuracy, precision, recall, F1-score, false positive rate, receiver operating characteristic curve, and calibration curve.
An intrusion detection system for packet and flow based networks using deep n...IJECEIAES
Study on deep neural networks and big data is merging now by several aspects to enhance the capabilities of intrusion detection system (IDS). Many IDS models has been introduced to provide security over big data. This study focuses on the intrusion detection in computer networks using big datasets. The advent of big data has agitated the comprehensive assistance in cyber security by forwarding a brunch of affluent algorithms to classify and analysis patterns and making a better prediction more efficiently. In this study, to detect intrusion a detection model has been propounded applying deep neural networks. We applied the suggested model on the latest dataset available at online, formatted with packet based, flow based data and some additional metadata. The dataset is labeled and imbalanced with 79 attributes and some classes having much less training samples compared to other classes. The proposed model is build using Keras and Google Tensorflow deep learning environment. Experimental result shows that intrusions are detected with the accuracy over 99% for both binary and multiclass classification with selected best features. Receiver operating characteristics (ROC) and precision-recall curve average score is also 1. The outcome implies that Deep Neural Networks offers a novel research model with great accuracy for intrusion detection model, better than some models presented in the literature.
Detecting network attacks model based on a convolutional neural network IJECEIAES
Due to the increasing use of networks at present, Internet systems have raised many security problems, and statistics indicate that the rate of attacks or intrusions has increased excessively annually, and in the event of any malicious attack on network vulnerabilities or information systems, it may lead to serious disasters, violating policies on network security, i.e., “confidentiality, integrity, and availability” (CIA). Therefore, many detection systems, such as the intrusion detection system, appeared. In this paper, we built a system that detects network attacks using the latest machine learning algorithms and a convolutional neural network based on a dataset of the CSE-CIC-IDS2018. It is a recent dataset that contains a set of common and recent attacks. The detection rate is 99.7%, distinguishing between aggressive attacks and natural assertiveness.
Evaluation of network intrusion detection using markov chainIJCI JOURNAL
Day today life internet threat has been increased significantly. There is a need to develop model in order to
maintain security of system. The most effective techniques are Intrusion Detection System (IDS).The
purpose of intrusion system through the security devices detect and deal with it. In this paper, a
mathematical approach is used effectively to predict and detect intrusion in the network. Here we discuss
about two algorithms ‘K-Means + Apriori’, a method which classify normal and abnormal activities in
computer network. In K-Means process, it partitions the training set into K-clusters using Euclidean
distance and introduce an outlier factor, then it build Apriori Algorithm to prune the data by removing
infrequent data in the database. Based on defined state the degree of incoming data is evaluated through
the experiment using sample DARPA2000 dataset, and achieves high detection performance in level of
attack in stages.
FORTIFICATION OF HYBRID INTRUSION DETECTION SYSTEM USING VARIANTS OF NEURAL ...IJNSA Journal
Intrusion Detection Systems (IDS) form a key part of system defence, where it identifies abnormal
activities happening in a computer system. In recent years different soft computing based techniques have
been proposed for the development of IDS. On the other hand, intrusion detection is not yet a perfect
technology. This has provided an opportunity for data mining to make quite a lot of important
contributions in the field of intrusion detection. In this paper we have proposed a new hybrid technique
by utilizing data mining techniques such as fuzzy C means clustering, Fuzzy neural network / Neurofuzzy and radial basis function(RBF) SVM for fortification of the intrusion detection system. The
proposed technique has five major steps in which, first step is to perform the relevance analysis, and then
input data is clustered using Fuzzy C-means clustering. After that, neuro-fuzzy is trained, such that each
of the data point is trained with the corresponding neuro-fuzzy classifier associated with the cluster.
Subsequently, a vector for SVM classification is formed and in the last step, classification using RBF-
SVM is performed to detect intrusion has happened or not. Data set used is the KDD cup 1999 dataset
and we have used precision, recall, F-measure and accuracy as the evaluation metrics parameters. Our
technique could achieve better accuracy for all types of intrusions. The results of proposed technique are
compared with the other existing techniques. These comparisons proved the effectiveness of our
technique.
Feature Selection using the Concept of Peafowl Mating in IDSIJCNCJournal
Cloud computing has high applicability as an Internet based service that relies on sharing computing resources. Cloud computing provides services that are Infrastructure based, Platform based and Software based. The popularity of this technology is due to its superb performance, high level of computing ability, low cost of services, scalability, availability and flexibility. The obtainability and openness of data in cloud environment make it vulnerable to the world of cyber-attacks. To detect the attacks Intrusion Detection System is used, that can identify the attacks and ensure information security. Such a coherent and proficient Intrusion Detection System is proposed in this paper to achieve higher certainty levels regarding safety in cloud environment. In this paper, the mating behavior of peafowl is incorporated into an optimization algorithm which in turn is used as a feature selection algorithm. The algorithm is used to reduce the huge size of cloud data so that the IDS can work efficiently on the cloud to detect intrusions. The proposed model has been experimented with NSL-KDD dataset as well as Kyoto dataset and have proved to be a better as well as an efficient IDS.
Feature Selection using the Concept of Peafowl Mating in IDSIJCNCJournal
Cloud computing has high applicability as an Internet based service that relies on sharing computing resources. Cloud computing provides services that are Infrastructure based, Platform based and Software based. The popularity of this technology is due to its superb performance, high level of computing ability, low cost of services, scalability, availability and flexibility. The obtainability and openness of data in cloud environment make it vulnerable to the world of cyber-attacks. To detect the attacks Intrusion Detection System is used, that can identify the attacks and ensure information security. Such a coherent and proficient Intrusion Detection System is proposed in this paper to achieve higher certainty levels regarding safety in cloud environment. In this paper, the mating behavior of peafowl is incorporated into an optimization algorithm which in turn is used as a feature selection algorithm. The algorithm is used to reduce the huge size of cloud data so that the IDS can work efficiently on the cloud to detect intrusions. The proposed model has been experimented with NSL-KDD dataset as well as Kyoto dataset and have proved to be a better as well as an efficient IDS.
The main goal of Intrusion Detection Systems (IDSs) is
to detect intrusions. This kind of detection system represents a
significant tool in traditional computer based systems for ensuring
cyber security. IDS model can be faster and reach more accurate
detection rates, by selecting the most related features from the
input dataset. Feature selection is an important stage of any IDs to
select the optimal subset of features that enhance the process of the
training model to become faster and reduce the complexity while
preserving or enhancing the performance of the system. In this
paper, we proposed a method that based on dividing the input
dataset into different subsets according to each attack. Then we
performed a feature selection technique using information gain
filter for each subset. Then the optimal features set is generated by
combining the list of features sets that obtained for each attack.
Experimental results that conducted on NSL-KDD dataset shows
that the proposed method for feature selection with fewer features,
make an improvement to the system accuracy while decreasing the
complexity. Moreover, a comparative study is performed to the
efficiency of technique for feature selection using different
classification methods. To enhance the overall performance,
another stage is conducted using Random Forest and PART on
voting learning algorithm. The results indicate that the best
accuracy is achieved when using the product probability rule.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
An approach for ids by combining svm and ant colony algorithmeSAT Journals
Abstract This piece of work researches the intrusion detection problem of the network sanctuary; the primary task is to classify network behavior as normal or abnormal while reducing misclassification. In this paper, two efficient data mining algorithms are combined together to detect the network intrusion. Combining SVM and Ant colony (CSVAC) used for well-organized data classification, this technique takes the advantage of both the algorithm while avoiding their weaknesses. This algorithm is implemented and evaluated using standard benchmark KDDCUP99 data set. Experimental results drastically well produce superior results than the other algorithm in terms of accuracy rate and run time efficiency, and this algorithm able to detect the new types of attacks Keywords: Intrusion Detection; Support Vector Machine; Ant colony; Combined Support vector with ant colony
COPYRIGHTThis thesis is copyright materials protected under the .docxvoversbyobersby
COPYRIGHT
This thesis is copyright materials protected under the Berne Convection, the copyright Act 1999 and other international and national enactments in that behalf, on intellectual property. It may not be reproduced by any means in full or in part except for short extracts in fair dealing so for research or private study, critical scholarly review or discourse with acknowledgment, with written permission of the Dean School of Graduate Studies on behalf of both the author and XXX XXX University.ABSTRACT
With Fast growing internet world the risk of intrusion has also increased, as a result Intrusion Detection System (IDS) is the admired key research field. IDS are used to identify any suspicious activity or patterns in the network or machine, which endeavors the security features or compromise the machine. IDS majorly use all the features of the data. It is a keen observation that all the features are not of equal relevance for the detection of attacks. Moreover every feature does not contribute in enhancing the system performance significantly. The main aim of the work done is to develop an efficient denial of service network intrusion classification model. The specific objectives included: to analyse existing literature in intrusion detection systems; what are the techniques used to model IDS, types of network attacks, performance of various machine learning tools, how are network intrusion detection systems assessed; to find out top network traffic attributes that can be used to model denial of service intrusion detection; to develop a machine learning model for detection of denial of service network intrusion.Methods: The research design was experimental and data was collected by simulation using NSL-KDD dataset. By implementing Correlation Feature Selection (CFS) mechanism using three search algorithms, a smallest set of features is selected with all the features that are selected very frequently. Findings: The smallest subset of features chosen is the most nominal among all the feature subset found. Further, the performances using Artificial neural networks(ANN), decision trees, Support Vector Machines (SVM) and K-Nearest Neighbour (KNN) classifiers is compared for 7 subsets found by filter model and 41 attributes. Results: The outcome indicates a remarkable improvement in the performance metrics used for comparison of the two classifiers. The results show that using 17/18 selected features improves DOS types classification accuracies as compared to using the 41 features in the NSL-KDD dataset. It was further observed that using an ensemble of three classifiers with decision fusion performs better as compared to using a single classifier for DOS type’s classification. Among machine learning tools experimented, ANN achieved best classification accuracies followed by SVM and DT. KNN registered the lowest classification accuracies. Application: The proposed work with such an improved detection rate and lesser classification time and lar.
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
In order to the rapid growth of the network application, new kinds of network attacks are emerging
endlessly. So it is critical to protect the networks from attackers and the Intrusion detection
technology becomes popular. Therefore, it is necessary that this security concern must be articulate
right from the beginning of the network design and deployment. The intrusion detection technology is the
process of identifying network activity that can lead to a compromise of security policy. Lot of work has
been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a
novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and
manage misuse and anomaly detects
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
In order to the rapid growth of the network application, new kinds of network attacks are emerging endlessly. So it is critical to protect the networks from attackers and the Intrusion detection technology becomes popular. Therefore, it is necessary that this security concern must be articulate right from the beginning of the network design and deployment. The intrusion detection technology is the process of identifying network activity that can lead to a compromise of security policy. Lot of work has been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and manage misuse and anomaly detects.
New Hybrid Intrusion Detection System Based On Data Mining Technique to Enhan...ijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Three level intrusion detection system based on conditional generative advers...IJECEIAES
Security threat protection is important in the internet of things (IoT) applications since both the connected device and the captured data can be hacked or hijacked or both at the same time. To tackle the above-mentioned problem, we proposed three-level intrusion detection system conditional generative adversarial network (3LIDS-CGAN) model which includes four phases such as first-level intrusion detection system (IDS), second-level IDS, third-level IDS, and attack type classification. In first-level IDS, features of the incoming packets are extracted by the firewall. Based on the extracted features the packets are classified into three classes such as normal, malicious, and suspicious using support vector machine and golden eagle optimization. Suspicious packets are forwarded to the second-level IDS which classified the suspicious packets as normal or malicious. Here, signature-based intrusions are detected using attack history information, and anomaly-based intrusions are detected using event-based semantic mapping. In third-level IDS, adversary packets are detected using CGAN which automatically learns the adversarial environment and detects adversary packets accurately. Finally, proximal policy optimization is proposed to detect the attack type. Experiments are conducted using the NS-3.26 network simulator and performance is evaluated by various performance metrics which results that the proposed 3LIDS-CGAN model outperforming other existing works.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
ER(Entity Relationship) Diagram for online shopping - TAEHimani415946
https://bit.ly/3KACoyV
The ER diagram for the project is the foundation for the building of the database of the project. The properties, datatypes, and attributes are defined by the ER diagram.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
Constructing a predictive model for an intelligent network intrusion detection
1. Constructing a Predictive Model for an Intelligent
Network Intrusion Detection
Alebachew Chiche1
, Million Meshesha (PHD) 2
1
Mizan-Tepi University, School of Computing and Informatics, Tepi, Ethiopia
alebachew.chz@gmail.com
2
Addis Ababa University, School of Information Science, Addis Ababa, Ethiopia
meshe84@gmail.com
Abstract-With the wide use of Internet and network connectivity, it is important to prevent unauthorized access
to system resources and data. In this study, we present a new Network Intrusion Detection System by integrating
data mining and knowledge based system to detect a network attacks. Hybrid data mining process model is
followed for data mining tasks to extract hidden knowledge from KDDCup’99 intrusion dataset. J48 decision
tree, JRip rule induction, Naïve Bayes and Multilayer Perceptron (MLP) Neural Network are adopted to
construct a predictive model on total datasets of 63, 661 instances. This study supports network administrators to
fill the knowledge gap they have to detect network attacks efficiently and effectively. Experimental result shows
that, the proposed system performs 91.43 percent and 83 percent accuracy and user acceptance, respectively.
Further work is required to acquire and integrate prevention knowledge automatically with the predictive
model.
Keywords: Intrusion Detection, Data Mining, Network Intrusions, Integration, Knowledge based system
1. Introduction
In the era of information society, a network-based
computer system plays fundamental roles in modern
society [1] [2]. Accordingly, Network based attacks
are frequently increasing, resulting in a huge
financial loss to the organizations and causing the
network to be paralyzed for several hours. There are
many methods to strengthen the network security at
the moment, such as encryption, VPN, firewall, etc.
[3], but all of these are too static to give an effective
protection. However, intrusion detection is a dynamic
one, which can give dynamic protection to the
network security in monitoring, attack and counter-
attack. Thus, Intrusion Detection Systems (IDS) have
become a necessity in computer security systems
because of the increase in unauthorized accesses and
attacks. In spite of this, intrusion detection systems
(IDSs) are designed to detect a wide range of security
violations from attempted break-ins by outsiders to
system penetrations and abuses by insiders [4].
Network intrusion has many types which falls into
one of the following four main categories [2]:
Denials-of Service (DoS), Probing, User-to-Root
(U2R) and Remote-to-Local (R2L) attacks.
According to Mohammadreza et al [3] traditional
intrusion protection paradigms such as firewall are to
too static for effective protection. However, intrusion
detection can give dynamic protection to the network
security in monitoring attack and counter-attack.
Hence, Intrusion detection systems (IDSs) play a
major role in providing security to networks and have
been applied to detect network intrusions [2].
Intrusion detection is the process of monitoring the
events occurring in a computer system or network
and analysing them for signs of possible
intrusions, which are violations or imminent
threats of violation of computer security policies,
acceptable use policies, or standard security
practices [5].
Generally, there are two techniques for IDSs,
misuse detection and anomaly detection. Misuse
detection aims to detect the attacks through the
predefined signatures of them. Whereas, anomaly
detection uses normal network behaviours to identify
unknown attacks by detecting significance deviation
from the established normal patterns [4]. In the case
of detecting data target, intrusion detection system
can be classified as host-based and network-based
that employs one or both of the intrusion detection
methods [6]. Host-based systems base their
decisions on information obtained from a single
host, while network-based intrusion detection
systems obtain data by monitoring the traffic in the
network to which the hosts are connected.
Most commercially available IDS systems today,
such as SNORT[7] employ signature-base detection
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 3, March 2017
392 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
2. techniques that works by matching the coming
traffics with the knowledge encoded within it[8].
But it is very difficult to analyse huge network traffic
and also specify intrusions using the rules as well.
Therefore, to overcome the limitations of the
signature-based systems, a number of IDSs employ
data mining techniques [9]. Data mining can
efficiently extract patterns of intrusions for
misuse (signature-based) detection, establish
profiles of normal network activities for
anomaly detection, and build classifiers to detect
attacks, especially for the vast amount of audit data
[10].
In this study, we proposed intrusion detection
systems which integrate data mining with knowledge
based system so as to come up with an adaptive
network intrusion detection hat predict attacks as
efficient and effective as possible for network
administrators.
2. Related works
There are a number of research works to design
an intrusion detection system using machine
learning algorithms. Kalpana et al [11] have proposed
a hybrid approach for intrusion detection using k-
means, support vector machine and association rule
mining algorithms. Also, Saale and Kale [12]
proposed an intrusion detection method by
combining Naïve Bayesian and support vector
machine for intrusion detection based on
KDDCUP99 dataset. The experimental result shows
that support vector machine (SVM) has high
detection rate than naïve Bayes. The result verified
that the hybrid algorithm minimized false positives
and maximizes detection rates. Further, Sandhya et
al. [13] proposed a hybrid DT–SVM for intrusion
detection and evaluated their performance based on
the benchmark KDD Cup 99 Intrusion data. The
empirical result shows that 99% accuracy is achieved
by the hybrid approach. Based on experimental
result, they concluded that the hybrid approach or
model of any intrusion detection works better than
the individual DT and SVM for normal class.
Panda and Patra [14] proposed a framework of
NIDS based on Naïve Bayes algorithm on
KDDcup’99 intrusion dataset. The proposed
technique performs better in terms of cost,
accuracy and computational time when applied to
KDD’99 data sets compared to a back propagation
neural network based approach. Sagane and Hande
[15] proposed an anomaly based intrusion detection
using naïve Bayes data mining algorithms based on
KDDCup99 intrusion dataset. The proposed method
has achieved 97% prediction accuracy on
KDDCup’99. The proposed approach achieve higher
detection rate, less time consuming and has low
cost factor with more false positives. Kumar and
Gupta [9] presented an Intrusion Detection System
by applying genetic algorithm with Neural Network
to efficiently detect various types of network
intrusions from KDD dataset. The result indicated
that resilient back propagation with sigmoid
function is the best one and used for
classification. Kosamkar and Chaudhari [7] have
used hybrid of C4.5 decision tree and Support Vector
Machine (SVM) algorithms for developing the
intrusion detection system. The experimental result
shows that the combined algorithms increase the
accuracy and detection rate and decrease false alarm
rate. The finding implies that building an effective
intrusion detection models with good accuracy and
performance are very essential.
Tigabu [16] proposed a semi-supervised approach
for modelling a network intrusion detection using
decision tree and naïve Bayes as classification
algorithm with a k-means clustering algorithm based
on KDDCup’99 intrusion dataset. The finding
verified that J48 decision tree algorithm is better
than Naïve Bayes method in terms of both false
positives and detection rate as well as prediction
accuracy.
In this paper, we propose a Network Intrusion
Detection System by integrating data mining and
knowledge based system for detecting network
intrusions.
3. Modelling
For this study the hybrid data mining process model
[17] is followed for extracting hidden knowledge for
constructing Network intrusion detection model. To
construct a predictive model KDDCup99 intrusion
data is collected from Massachusetts Institute of
Technology (MIT) Lincon laboratory (URL), which
is available for domain researchers. This data set was
prepared by Stolfo et al. [18], and is built based on
the data captured in DARPA’98 IDS evaluation
program.
3.1. Data preparation
To understand the problem domain, the researcher
used direct observation by closely working with
domain experts, interviewing experts as well as
domain researchers, reviewing documents, reports
and literatures. This helped us to define the research
problem and determine the research goals. After
problem understanding, the KDDCup’99 dataset
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 3, March 2017
393 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
3. were collected as per the objective set. During data
understanding task we checked the syntax of the
KDDCup’99 dataset, attributes and classes as well as
the quality of the content.
To improve the quality of intrusion data set, pre-
processing tasks, such as data cleaning, dataset
reduction, attribute selection and balancing tasks are
performed.
A higher sample size data require more
computational resources, and hence strategically
sampled data may work well to achieve once goal.
Accordingly, representative sample data selected
from KDDCup99 have been used in this study for
constructing a model. Resampling method has been
applied on the KDD dataset to select 63,661
instances. Table 1.shows that the pre-processed
dataset for the five classes. This is followed by
attribute selection. To select the best attributes for
data mining, we used information gain ratio method
which exists in WEKA data mining tool to get 14 out
of 41attributes.
Balancing is needed if one target class has much
lower frequency than the other target class in the
given dataset [19]. As shown in table 1, there is
imbalance instance distribution for each class. DOS
is almost taking higher share out of the four intrusion
types. In order to balance the data set, we applied
SMOTE (Synthetic Minority Over-sampling
Technique), which is an over-sampling approach that
generates synthetic examples in a less application
specific manner [20]. The minority class is over-
sampled by taking each minority class sample and
introducing synthetic examples along the line
segments joining any/all of the k minority class
nearest neighbours. For this study the class imbalance
exists with the sampled dataset were balanced using
SMOTE.
Table 1: Number of records after pre-processing
Classes Share of each
class Before
balancing
Share of each
class after
balancing
Count In
percent
(%)
Count In
percent
(%)
Normal 21,352 52.99 21,352 33.54
DOS 18,469 45.23 18,469 29.01
Probe 626 1.53 10,016 15.73
U2R 7 0.22 7,168 11.26
R2L 104 0.028 6,656 10.46
Total 40,558 100 63,661 100
3.2. Experimentation
In this study, we conducted four experiments using
four classification algorithms namely J48 decision
tree, JRip rule induction, Naïve Bayes and MLP
neural network with test mode, tenfold (10) Cross-
Validation.
The summary of experimental results is shown
below in table 2. The comparisons between the
results of the four algorithms are done for attack
prediction.
Table 2.Summery result of the four Algorithms
Algorithms
J48 JRip Naïve
Bayes
MLP
Prediction
accuracy
99.91 % 99.89
%
67.69
%
98.01
%
TP rate 99.9 % 99.9
%
67.7 % 98 %
FP rate 0 % 0 % 10.7 % 0.8 %
As shown in table 2, the accuracy of J48, JRip, Naïve
Bayes and MLP classifiers is 99.91%, 99.89%,
67.69% and 98.01% respectively. From results of
experiments, the average TP rates is 99.9%, 99.9
%, 67.7% and 98% for J48,JRip,Naïve Bayes and
MLP algorithms respectively. The FP rate results of
four algorithms are 0 %, 0%, 10.7% and 0.8% for
J48, JRip, Naïve Bayes and MLP algorithms. From
this evaluation, we understood that J48 decision tree
have a better performance than the remaining three
algorithms to predict attacks. Hence, J48 decision
tree with 10-fold cross validation is selected as a
working algorithm for this study. The confusion
matrix for the selected classifier is presented in table
3below.
Table 3. Confusion matrix for J48 decision tree
algorithm before integration
Actual
classes
Predicted classes
Normal DOS Probe U2R R2L
Normal 21331 7 8 1 5
DoS 10 18457 1 0 1
Probe 9 0 10,007 0 0
U2R 1 0 0 7165 2
R2L 11 0 0 2 6643
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 3, March 2017
394 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
4. So, from the confusion matrix one can understand
that selected algorithm classified most of the
instances into their proper class. However, there are
cases where normal instances are miss-classified with
DOS or Probe instances, alternatively.
Finally, the selected algorithm has been integrated
with knowledge based system to come up with an
intelligent network intrusion detection system.
4. System architecture
The proposed architecture of the network intrusion
detection system in this work consists of two major
components, namely, data mining, and knowledge
based system, as shown in Figure 1.
Figure 2. Architecture of the proposed system
The data mining technology is used to construct a
predictive model using selected J48 decision tree
algorithm. The knowledge based system (use of
knowledge) is used on the other hand to predict
network attacks automatically, map the numeric class
value returned by the detection model to appropriate
attack categories, and track log file and add this trails
into the training dataset automatically. This makes
our system to learn incrementally and adaptively. To
do this, java programming was used to integrate
WEKA result with the Knowledge Based System
automatically. And also ‘swiweka’ is used as an
interface that allows the use of WEKA API for
classification; weka.jar, Weka _src.jar are used to
construct a model when called from interface through
swiweka package, jpl library to connect the Java
layer with the Prolog layer.
The various modules of the proposed system
performing detection of attacks are described below.
Arff_writer module: this module accepts the
attribute value form user interface and, writes
the input values by changing into arff file
format.
Arff_reader module: The reader module reads
the original ARFF file for training purpose and
sample ARFF file created from user input for
prediction. Beside this, the class index is set on
both original and sample arff files for the
classification task.
Build classifier module: it is the responsibility of
this module to construct a predictive model on
the original dataset using the selected J48
decision tree algorithm.
Detection module: this module integrates the
predictive model with the knowledge based
system for predicting network attack. Further,
the knowledge based system provides the
comprehensive description for detected attack.
A user interacts with the system through dialogue.
The system forwards successive questions for user to
predict an attack. Thereafter the system displays the
predicted attack with available options for user.
5. System evaluation
The system has been evaluated in two ways; system
performance testing and user acceptance testing.
System performance testing is done to verify
whether the proposed system could work correctly in
the absence of domain expert or not. For this study,
the researcher prepared 35 test cases for testing
performance of the proposed system. For testing
purpose, the attributes and their corresponding value
of the instances need not have a label so that the
expert only feed attribute values of an instance for the
system. As a result the proposed system performs in
the absence of domain experts with 91.34% which
indicates that the model is effective in detecting a
network attack. The evaluation result is shown below.
Table 4. Confusion matrix of Intelligent Network
Intrusion Detection System
Actual class
labelled
System predicted value
Normal DoS Probe R2L U2R
Normal 10 0 0 0 0
DoS
probe
R2L
U2R
0
0
2
4
7
0
0
0
0
6
0
0
0
0
3
0
0
0
0
1
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 3, March 2017
395 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
5. As we can observe from the table above, the
integrated system performs better in all test cases.
However, we can understand from the above table
that there are cases that R2L and U2R are classified
as normal by the integrated intrusion detection
system. Since the sample size of class U2R attack
and R2L attack is too small, the detection accuracy
for U2R and R2L attack is low. The test result
indicates that as samples in training data set and test
data set do not have similar feature signature, the
accuracy of the Intrusion Detection System less after
the integration task.
6. Conclusion
In this study we present a new Intrusion detection
system that can predict a network attack and provide
description about predicted attacks. The systems are
developed by integrating data mining model and
knowledge based system. J48 decision tree
algorithm, JRip rule induction, MLP neural
network and the Naive Bayes algorithms are
experimented as a classification algorithm for
constructing a network intrusion predictive model.
The dataset used in this study is collected from MIT
Lincoln lab. Evaluation of the system shows that, the
proposed system achieved an encouraging results
with 91.43% system performance. Since the test
cases is unknown for classifier and different in
feature signature, the system confused to classify
U2R and R2L correctly. We are now working
towards adding knowledge for prevention
mechanisms.
References
[1] Subaira, A.S and Anitha, P. (2014) Efficient
Classification Mechanism for Network Intrusion
Detection System Based on Data Mining Techniques:
a Survey. In Proceedings of 8thInternational
Conference on Intelligent Systems and Control
(ISCO), Coimbatore, 2014(Coimbatore: IEEE), pp.
274-280.
[2] Sandeep, D. and M.S.Chadhari. (2014) Review on
Data Mining Techniques for Intrusion Detection
System. International Journal of Innovative Research
in Computer and Communication Engineering. Vol.2
(no.1):pp. 2587-2592.
[3] Mohammadreza, E., Sara, M., Fatimah, S. and Lilly,
S.A. (2010) Intrusion Detection Using Data Mining
Techniques. IEEE: pp. 200-203.
[4] Nannan, L., Shingo, M., Tuo, W. and Kotaro,
H.(2012) Integrated Fuzzy GNP Rule Mining with
Distance-based Classification for Intrusion Detection
System. In Proceedings of 2012 IEEE International
Conference on Systems, Man, and Cybernetics, Seoul,
Korea, October 14-17, 2012(Korea: IEEE), pp. 1569-
1574.
[5] Karen, S. And Peter, M. (2007) Guide to Intrusion
Detection and Prevention Systems (U.S Department
of Commerce: Gaithersburg).
[6] Shubhangi, S., Gujar and B.M.patil. (2014)Intrusion
detection using Naive Bayes for real time data.
International Journal of Advances in Engineering and
Technology, vol. 7(no. 2): pp. 568-574.
[7] Vaishali, K. and Sangita, S .C.(2014) Improved
Intrusion Detection System using C4.5 Decision Tree
and Support Vector Machine.(IJCSIT) International
Journal of Computer Science and Information
Technologies, vol. 5(no. 2): pp. 1464.
[8] Ahmed, Y. and Ahmed, E. (2011) Network Intrusion
Detection using Data mining techniques and network
Behaviour Analysis. International Journal of
Computer Science & Information Technology
(IJCSIT), vol. 3(no. 6): pp. 87-98.
[9] Praveen, K. and Nitin, G. (2014) A Hybrid Intrusion
Detection System Using Genetic-Neural Network. In
Proceedings of 29thNational Conference on Advances
in Engineering and Technology, Maharishi, March
2014(Maharishi: International Journal of Engineering
Research and Applications), pp. 59-63.
[10] Deepthy, K. D. and Anita, J. (2012) Survey on data
mining techniques to enhance intrusion detection. In
Proceedings of International Conference on
Computer Communication and Informatics (ICCCI),
Coimbatore, January 10-12, 2012(India: IEEE),
[11] Kalpana ,J.,Praveen, K. and Seema, R.(2015) Design
and Development of a Prototype Application for
Intrusion Detection using Data mining. In
proceedings of 4th International Conference on
Reliability, Infocom Technologies and Optimization
(ICRITO) (Trends and Future Directions),
India,September 2-4. 2015(India: IEEE).
[12] Amit, D. S. and Swati, G. K. (2014) Combining
Naive Bayesian and Support Vector Machine for
Intrusion Detection System. International Journal of
Computing and Technology, vol. 1(no. 3):pp. 64.
[13] Sandhya, P., Ajith, A., Crina, G. and Johnson, T.
(2007) Modelling intrusion detection system using
hybrid intelligent systems. Journal of Network and
Computer Applications, vol. 30:pp. 144-152.
[14] Mrutyunjaya, P. and Manas, R. P.(2007) Network
Intrusion Detection using naive bayes.(IJCSNS
)International Journal of Computer Science and
Network Security, vol. 7(no. 1): pp. 258-263.
[15] Anikt, p. S. and S.S.Dhande. (2014) Malicious Code
Detection using Naive bayes classifier .International
journal of application or innovation in engineering,
vol. 3(no. 4): pp. 401-405.
[16] Dagne, T. (2012) Constructing a Network Intrusion
Detection System. Thesis, Addis Ababa University,
Addis Ababa, Ethiopia.
[17] Krzysztof, J. C., Witold, P., Roman W. S. and
Lukasz, A. K. (2007) Data Mining: Knowledge
Discovery Approach.(New York, USA: Springer).
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 3, March 2017
396 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
6. [18] Stolfo, S. J., Fan, W., Lee, W., Prodromidis, A. and
Chan, P. K. (2000) Cost-based modelling for fraud
and intrusion detection: Results from the jam project.
Discex, vol. 2: p. 1130.
[19] D. T. Larose. (2005) Discovering Knowledge in Data:
An Introduction to Data Mining.(New Jersey,USA:
John Wiley & Sons Inc).
[20] Yetian, C. (2009) Learning classifiers from
imbalanced, only positive and unlabeled data sets.
Available via
dialog.http://web.cs.iastate.edu/~yetianc/cs573/files/C
S573_ProjectReport_YetianChen.pdf. Accessed 15
Jan 2016.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 15, No. 3, March 2017
397 https://sites.google.com/site/ijcsis/
ISSN 1947-5500