Network security is a hot burning issue nowadays. With the help of technology advancement intruders or hackers are adopting new methods to create different attacks in order to harm network security. Intrusion detection system (IDS) is a kind of security software which inspects all incoming and outgoing network traffic and it will generate alerts if any attack or unusual behavior is found in a network. Various approaches are used for IDS such as data mining, neural network, genetic and statistical approach. Among this Neural Network is more suitable approach for IDS. This paper describes RBF neural network approach for Intrusion detection system. RBF is a feed forward and supervise technique of neural network.RBF approach has good classification ability but its performance depends on its parameters. Based on survey we find that RBF approach has some short comings. In order to overcome this we need to do proper optimization of RBF parameters.
COMBINING NAIVE BAYES AND DECISION TREE FOR ADAPTIVE INTRUSION DETECTIONIJNSA Journal
In this paper, a new learning algorithm for adaptive network intrusion detection using naive Bayesian classifier and decision tree is presented, which performs balance detections and keeps false positives at acceptable level for different types of network attacks, and eliminates redundant attributes as well as contradictory examples from training data that make the detection model complex. The proposed algorithm also addresses some difficulties of data mining such as handling continuous attribute, dealing with missing attribute values, and reducing noise in training data. Due to the large volumes of security audit data as well as the complex and dynamic properties of intrusion behaviours, several data miningbased intrusion detection techniques have been applied to network-based traffic data and host-based data in the last decades. However, there remain various issues needed to be examined towards current intrusion detection systems (IDS). We tested the performance of our proposed algorithm with existing learning algorithms by employing on the KDD99 benchmark intrusion detection dataset. The experimental results prove that the proposed algorithm achieved high detection rates (DR) and significant reduce false positives (FP) for different types of network intrusions using limited computational resources.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Intrusion Detection System using Self Organizing Map: A SurveyIJERA Editor
Due to usage of computer every field, Network Security is the major concerned in today’s scenario. Every year the number of users and speed of network is increasing, along with it online fraud or security threats are also increasing. Every day a new attack is generated to harm the system or network. It is necessary to protect the system or networks from various threats by using Intrusion Detection System which can detect “known” as well as “unknown” attack and generate alerts if any unusual behavior in the traffic. There are various approaches for IDS, but in this paper, survey is focused on IDS using Self Organizing Map. SOM is unsupervised, fast conversion and automatic clustering algorithm which is able to handle novelty detection. The main objective of the survey is to find and address the current challenges of SOM. Our survey shows that the existing IDS based on SOM have poor detection rate for U2R and R2L attacks. To improve it, proper normalization technique should be used. During the survey we also found that HSOM and GHSOM are advance model of SOM which have their own unique feature for better performance of IDS. GHSOM is efficient due to its low computation time. This survey is beneficial to design and develop efficient SOM based IDS having less computation time and better detection rate.
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...ijcsit
In order to avoid illegitimate use of any intruder, intrusion detection over the network is one of the critical
issues. An intruder may enter any network or system or server by intruding malicious packets into the
system in order to steal, sniff, manipulate or corrupt any useful and secret information, this process is
referred to as intrusion whereas when packets are transmitted by intruder over the network for any purpose
of intrusion is referred to as attack. With the expanding networking technology, millions of servers
communicate with each other and this expansion is always in progress every day. Due to this fact, more
and more intruders get attention; and so to overcome this need of smart intrusion detection model is a
primary requirement.
By analyzing the feature selection methods the identification of essential features of NSL-KDD data set is
done, then by using selected features and machine learning approach and analyzing the basic features of
networks over the data set a hybrid algorithm is made. Finally a model is produced over the algorithm
containing the rules for the network features.
A hybrid misuse intrusion detection model is made to find attacks on system to improve the intrusion
detection. Based on prior features, intrusions on the system can be detected without any previous learning.
This model contains the advantage of feature selection and machine learning techniques with misuse
detection.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
TRUST FACTOR AND FUZZY-FIREFLY INTEGRATED PARTICLE SWARM OPTIMIZATION BASED I...IJCNCJournal
Mobile Ad hoc Networks (MANET) is one of the rapidly emanating technologies, which has gained attention in a wide range of applications in the fields of military, private sectors, commercials and natural calamities. Securing MANET is a dominant responsibility, and hence, a trust factor and fuzzy based intrusion detection and prevention system is proposed for routing in this paper. Based on the trust values of the nodes, the fuzzy system identifies the intruder, such that the path generated in the MANET is secured. Moreover, an optimization algorithm, entitled Fuzzy integrated Particle Swarm Optimization (FuzzyFPSO), is proposed by the concatenation of the Firefly Algorithm (FA) and Particle Swarm Optimization (PSO) for the optimal path selection in order to provide secure routing. The simulation of the proposed methodology is NS2 simulator and analysis is carried out considering four cases, like without attack, flooding attacks, black hole attack and selective packet drop attack concerning throughput, delay and detection rate. The remarkable evaluation measures of the proposed Fuzzy-FPSO are the maximal throughput of 0.634, minimal delay of 0.044 , maximal detection rate of 0.697 and minimal routing overhead of 0.24550 And the evaluation measure for the case without any attacks are the maximal throughput of 0.762, minimal delay of 0.029 ,maximal detection rate of 0.805 and minimal routing overhead of 0.11511.
COMBINING NAIVE BAYES AND DECISION TREE FOR ADAPTIVE INTRUSION DETECTIONIJNSA Journal
In this paper, a new learning algorithm for adaptive network intrusion detection using naive Bayesian classifier and decision tree is presented, which performs balance detections and keeps false positives at acceptable level for different types of network attacks, and eliminates redundant attributes as well as contradictory examples from training data that make the detection model complex. The proposed algorithm also addresses some difficulties of data mining such as handling continuous attribute, dealing with missing attribute values, and reducing noise in training data. Due to the large volumes of security audit data as well as the complex and dynamic properties of intrusion behaviours, several data miningbased intrusion detection techniques have been applied to network-based traffic data and host-based data in the last decades. However, there remain various issues needed to be examined towards current intrusion detection systems (IDS). We tested the performance of our proposed algorithm with existing learning algorithms by employing on the KDD99 benchmark intrusion detection dataset. The experimental results prove that the proposed algorithm achieved high detection rates (DR) and significant reduce false positives (FP) for different types of network intrusions using limited computational resources.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Intrusion Detection System using Self Organizing Map: A SurveyIJERA Editor
Due to usage of computer every field, Network Security is the major concerned in today’s scenario. Every year the number of users and speed of network is increasing, along with it online fraud or security threats are also increasing. Every day a new attack is generated to harm the system or network. It is necessary to protect the system or networks from various threats by using Intrusion Detection System which can detect “known” as well as “unknown” attack and generate alerts if any unusual behavior in the traffic. There are various approaches for IDS, but in this paper, survey is focused on IDS using Self Organizing Map. SOM is unsupervised, fast conversion and automatic clustering algorithm which is able to handle novelty detection. The main objective of the survey is to find and address the current challenges of SOM. Our survey shows that the existing IDS based on SOM have poor detection rate for U2R and R2L attacks. To improve it, proper normalization technique should be used. During the survey we also found that HSOM and GHSOM are advance model of SOM which have their own unique feature for better performance of IDS. GHSOM is efficient due to its low computation time. This survey is beneficial to design and develop efficient SOM based IDS having less computation time and better detection rate.
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...ijcsit
In order to avoid illegitimate use of any intruder, intrusion detection over the network is one of the critical
issues. An intruder may enter any network or system or server by intruding malicious packets into the
system in order to steal, sniff, manipulate or corrupt any useful and secret information, this process is
referred to as intrusion whereas when packets are transmitted by intruder over the network for any purpose
of intrusion is referred to as attack. With the expanding networking technology, millions of servers
communicate with each other and this expansion is always in progress every day. Due to this fact, more
and more intruders get attention; and so to overcome this need of smart intrusion detection model is a
primary requirement.
By analyzing the feature selection methods the identification of essential features of NSL-KDD data set is
done, then by using selected features and machine learning approach and analyzing the basic features of
networks over the data set a hybrid algorithm is made. Finally a model is produced over the algorithm
containing the rules for the network features.
A hybrid misuse intrusion detection model is made to find attacks on system to improve the intrusion
detection. Based on prior features, intrusions on the system can be detected without any previous learning.
This model contains the advantage of feature selection and machine learning techniques with misuse
detection.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
TRUST FACTOR AND FUZZY-FIREFLY INTEGRATED PARTICLE SWARM OPTIMIZATION BASED I...IJCNCJournal
Mobile Ad hoc Networks (MANET) is one of the rapidly emanating technologies, which has gained attention in a wide range of applications in the fields of military, private sectors, commercials and natural calamities. Securing MANET is a dominant responsibility, and hence, a trust factor and fuzzy based intrusion detection and prevention system is proposed for routing in this paper. Based on the trust values of the nodes, the fuzzy system identifies the intruder, such that the path generated in the MANET is secured. Moreover, an optimization algorithm, entitled Fuzzy integrated Particle Swarm Optimization (FuzzyFPSO), is proposed by the concatenation of the Firefly Algorithm (FA) and Particle Swarm Optimization (PSO) for the optimal path selection in order to provide secure routing. The simulation of the proposed methodology is NS2 simulator and analysis is carried out considering four cases, like without attack, flooding attacks, black hole attack and selective packet drop attack concerning throughput, delay and detection rate. The remarkable evaluation measures of the proposed Fuzzy-FPSO are the maximal throughput of 0.634, minimal delay of 0.044 , maximal detection rate of 0.697 and minimal routing overhead of 0.24550 And the evaluation measure for the case without any attacks are the maximal throughput of 0.762, minimal delay of 0.029 ,maximal detection rate of 0.805 and minimal routing overhead of 0.11511.
Comparison study of machine learning classifiers to detect anomalies IJECEIAES
In this era of Internet ensuring the confidentiality, authentication and integrity of any resource exchanged over the net is the imperative. Presence of intrusion prevention techniques like strong password, firewalls etc. are not sufficient to monitor such voluminous network traffic as they can be breached easily. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database.Thus, the need for real-time detection of aberrations is observed. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database. Machine learning classifiers are implemented here to learn how the values of various fields like source bytes, destination bytes etc. in a network packet decides if the packet is compromised or not . Finally the accuracy of their detection is compared to choose the best suited classifier for this purpose. The outcome thus produced may be useful to offer real time detection while exchanging sensitive information such as credit card details.
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
In order to the rapid growth of the network application, new kinds of network attacks are emerging
endlessly. So it is critical to protect the networks from attackers and the Intrusion detection
technology becomes popular. Therefore, it is necessary that this security concern must be articulate
right from the beginning of the network design and deployment. The intrusion detection technology is the
process of identifying network activity that can lead to a compromise of security policy. Lot of work has
been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a
novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and
manage misuse and anomaly detects
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IJNSA Journal
With the ever increasing number and diverse type of attacks, including new and previously unseen attacks, the effectiveness of an Intrusion Detection System is very important. Hence there is high demand to reduce the threat level in networks to ensure the data and services offered by them to be more secure. In this paper we developed an effective test suite for improving the efficiency and accuracy of an intrusion detection system using the layered CRFs. We set up different types of checks at multiple levels in each layer. Our framework examines various attributes at every layer in order to effectively identify any breach of security. Once the attack is detected, it is intimated through mobile phone to the system administrator for safeguarding the server system. We established experimentally that the layered CRFs can thus be more effective in detecting intrusions when compared with the other previously known techniques.
Hybrid Intrusion Detection System using Weighted Signature Generation over An...Editor IJMTER
To provide security to network we use existing Intrusion Detection System(IDS) for
identification of known attack with low false alarm,but it is not working when unknown attacks
occurs so to identify unknown attacks we use Anomaly based IDS(ADS) with high false alarm.
HIDS is the combination of IDS and ADS with their advantages for identification of known as well
as unknown attack.IDS used signature based model to identify known attack and ADS used anomaly
based model for identification of unknown attack.HIDS used internet episode rules for identify
known as well as unknown attacks.
Network Forensics is scientifically proven technique to accumulate, perceive, identify, examine, associate, analyse and document digital evidence from multiple systems for the purpose of uncovering the fact of attacks and other problem incident as well as performing the action to recover from the attack. Many systems are proposed for designing the network forensic systems. In this paper we have prepared comparative analysis of various models based on different techniques.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
Survey on Host and Network Based Intrusion Detection SystemEswar Publications
With invent of new technologies and devices, Intrusion has become an area of concern because of security issues, in the ever growing area of cyber-attack. An intrusion detection system (IDS) is defined as a device or software application which monitors system or network activities for malicious activities or policy violations. It produces reports to a management station [1]. In this paper we are mainly focused on different IDS concepts based on Host and Network systems.
An Intrusion Detection based on Data mining technique and its intended import...Editor IJMTER
Intrusion detection is a pivotal and essential requirement of today’s era. There are two
major side of Intrusion detection namely, Host based intrusion detection as well as network based
intrusion detection. In Host based intrusion detection system, it monitors the information arrive at the
particular machine or node. While in network based intrusion system, it monitor and analyze whole
traffic of network. Data mining introduce latest technology and methods to handle and categorize
types of attacks using different classification algorithm and matching the patterns of malicious
behavior. Due to the use of this data mining technology, developers extract and analyze the types of
attack in the network.
In addition to this there are two major approach of intrusion detection. First, anomaly based approach,
in which attacks are found with high false alarm rate. However, in signature based approach, false
alarm rate is low with lack of processing of novel attacks. Most of the researchers do their research
based on signature intrusion with the purpose to increase detection rate. Major advantage of this
system, IDS does not require biased assessment and able to identify massive pattern of attacks.
Moreover, capacity to handle large connection records of network. In this paper we try to discover
the features of intrusion detection based on data mining technique.
AN IMPLEMENTATION OF INTRUSION DETECTION SYSTEM USING GENETIC ALGORITHMIJNSA Journal
Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have
become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. In this progression, here we present an Intrusion
Detection System (IDS), by applying genetic algorithm (GA) to efficiently detect various types of network intrusions. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity. To implement and measure the performance of our system we used the KDD99
benchmark dataset and obtained reasonable detection rate.
NETWORK INTRUSION DETECTION AND COUNTERMEASURE SELECTION IN VIRTUAL NETWORK (...ijsptm
Intrusion in a network or a system is a problem today as the trend of successful network attacks continue to
rise. Intruders can explore vulnerabilities of a network system to gain access in order to deploy some virus
or malware such as Denial of Service (DOS) attack. In this work, a frequency-based Intrusion Detection
System (IDS) is proposed to detect DOS attack. The frequency data is extracted from the time-series data
created by the traffic flow using Discrete Fourier Transform (DFT). An algorithm is developed for
anomaly-based intrusion detection with fewer false alarms which further detect known and unknown attack
signature in a network. The frequency of the traffic data of the virus or malware would be inconsistent with
the frequency of the legitimate traffic data. A Centralized Traffic Analyzer Intrusion Detection System
called CTA-IDS is introduced to further detect inside attackers in a network. The strategy is effective in
detecting abnormal content in the traffic data during information passing from one node to another and
also detects known attack signature and unknown attack. This approach is tested by running the artificial
network intrusion data in simulated networks using the Network Simulator2 (NS2) software.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Survey on classification techniques for intrusion detectioncsandit
Intrusion detection is the most essential component
in network security. Traditional Intrusion
Detection methods are based on extensive knowledge
of signatures of known attacks. Signature-
based methods require manual encoding of attacks by
human experts. Data mining is one of the
techniques applied to Intrusion Detection that prov
ides higher automation capabilities than
signature-based methods. Data mining techniques suc
h as classification, clustering and
association rules are used in intrusion detection.
In this paper, we present an overview of
intrusion detection, KDD Cup 1999 dataset and detai
led analysis of different classification
techniques namely Support vector Machine, Decision
tree, Naïve Bayes and Neural Networks
used in intrusion detection.
A Performance Analysis of Chasing Intruders by Implementing Mobile AgentsCSCJournals
An Intrusion Detection System in network fetches the intrusions information from systems by using Mobile Agents aid. Intrusion Detection System detects intrusions based on the collected information and routes the intrusion. The intelligent decisions on communications, permit agents to gain their goals more efficiently and provide more survivability and security of an agent system. The proposed model showed a formal representation of information assurance in agent messaging over a dynamic network by probability of redundant routes. The proposed Intrusion Detection System, chase intruders and collect information by the Mobile Agents. Our propose architecture is an information exchange method and chasing intrusion along with a method by implementing Mobile Agents.
Bamboo Reinforced Concrete Truss Bridge for Rural InfrastructureIJERA Editor
Bamboo is one of a potential renewable construction material in the village. Bamboo is known to have a high mechanical strength in direction of the fibers. The weakness of bamboo in lateral direction of the fiber could be solved by constructing a composite structure with the concrete. The appropriate construction with hold the loads in axial direction is a truss structure. In a bamboo concrete truss structure, the bars are composed from the concrete column with a bamboo reinforcement. The research studies about the performance of the bridge and the effect of loading position on the strain and deformation of bamboo reinforced concrete truss bridge. The bridge whose span and width are respectively 1.5 m and 1.2 m was prepared. Load applied to the truss bridge conducted by using vehicle load changes with position. Mounting the strains gauge in bamboo reinforcement of primary truss is to observe the strain. The LVDT is used to observe the deflection of the truss bridge. The results show that the loading position influences the strain and deformation as well as a theoretical view.
Comparison study of machine learning classifiers to detect anomalies IJECEIAES
In this era of Internet ensuring the confidentiality, authentication and integrity of any resource exchanged over the net is the imperative. Presence of intrusion prevention techniques like strong password, firewalls etc. are not sufficient to monitor such voluminous network traffic as they can be breached easily. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database.Thus, the need for real-time detection of aberrations is observed. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database. Machine learning classifiers are implemented here to learn how the values of various fields like source bytes, destination bytes etc. in a network packet decides if the packet is compromised or not . Finally the accuracy of their detection is compared to choose the best suited classifier for this purpose. The outcome thus produced may be useful to offer real time detection while exchanging sensitive information such as credit card details.
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
In order to the rapid growth of the network application, new kinds of network attacks are emerging
endlessly. So it is critical to protect the networks from attackers and the Intrusion detection
technology becomes popular. Therefore, it is necessary that this security concern must be articulate
right from the beginning of the network design and deployment. The intrusion detection technology is the
process of identifying network activity that can lead to a compromise of security policy. Lot of work has
been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a
novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and
manage misuse and anomaly detects
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IJNSA Journal
With the ever increasing number and diverse type of attacks, including new and previously unseen attacks, the effectiveness of an Intrusion Detection System is very important. Hence there is high demand to reduce the threat level in networks to ensure the data and services offered by them to be more secure. In this paper we developed an effective test suite for improving the efficiency and accuracy of an intrusion detection system using the layered CRFs. We set up different types of checks at multiple levels in each layer. Our framework examines various attributes at every layer in order to effectively identify any breach of security. Once the attack is detected, it is intimated through mobile phone to the system administrator for safeguarding the server system. We established experimentally that the layered CRFs can thus be more effective in detecting intrusions when compared with the other previously known techniques.
Hybrid Intrusion Detection System using Weighted Signature Generation over An...Editor IJMTER
To provide security to network we use existing Intrusion Detection System(IDS) for
identification of known attack with low false alarm,but it is not working when unknown attacks
occurs so to identify unknown attacks we use Anomaly based IDS(ADS) with high false alarm.
HIDS is the combination of IDS and ADS with their advantages for identification of known as well
as unknown attack.IDS used signature based model to identify known attack and ADS used anomaly
based model for identification of unknown attack.HIDS used internet episode rules for identify
known as well as unknown attacks.
Network Forensics is scientifically proven technique to accumulate, perceive, identify, examine, associate, analyse and document digital evidence from multiple systems for the purpose of uncovering the fact of attacks and other problem incident as well as performing the action to recover from the attack. Many systems are proposed for designing the network forensic systems. In this paper we have prepared comparative analysis of various models based on different techniques.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
Survey on Host and Network Based Intrusion Detection SystemEswar Publications
With invent of new technologies and devices, Intrusion has become an area of concern because of security issues, in the ever growing area of cyber-attack. An intrusion detection system (IDS) is defined as a device or software application which monitors system or network activities for malicious activities or policy violations. It produces reports to a management station [1]. In this paper we are mainly focused on different IDS concepts based on Host and Network systems.
An Intrusion Detection based on Data mining technique and its intended import...Editor IJMTER
Intrusion detection is a pivotal and essential requirement of today’s era. There are two
major side of Intrusion detection namely, Host based intrusion detection as well as network based
intrusion detection. In Host based intrusion detection system, it monitors the information arrive at the
particular machine or node. While in network based intrusion system, it monitor and analyze whole
traffic of network. Data mining introduce latest technology and methods to handle and categorize
types of attacks using different classification algorithm and matching the patterns of malicious
behavior. Due to the use of this data mining technology, developers extract and analyze the types of
attack in the network.
In addition to this there are two major approach of intrusion detection. First, anomaly based approach,
in which attacks are found with high false alarm rate. However, in signature based approach, false
alarm rate is low with lack of processing of novel attacks. Most of the researchers do their research
based on signature intrusion with the purpose to increase detection rate. Major advantage of this
system, IDS does not require biased assessment and able to identify massive pattern of attacks.
Moreover, capacity to handle large connection records of network. In this paper we try to discover
the features of intrusion detection based on data mining technique.
AN IMPLEMENTATION OF INTRUSION DETECTION SYSTEM USING GENETIC ALGORITHMIJNSA Journal
Nowadays it is very important to maintain a high level security to ensure safe and trusted communication of information between various organizations. But secured data communication over internet and any other network is always under threat of intrusions and misuses. So Intrusion Detection Systems have
become a needful component in terms of computer and network security. There are various approaches being utilized in intrusion detections, but unfortunately any of the systems so far is not completely flawless. So, the quest of betterment continues. In this progression, here we present an Intrusion
Detection System (IDS), by applying genetic algorithm (GA) to efficiently detect various types of network intrusions. Parameters and evolution processes for GA are discussed in details and implemented. This approach uses evolution theory to information evolution in order to filter the traffic data and thus reduce the complexity. To implement and measure the performance of our system we used the KDD99
benchmark dataset and obtained reasonable detection rate.
NETWORK INTRUSION DETECTION AND COUNTERMEASURE SELECTION IN VIRTUAL NETWORK (...ijsptm
Intrusion in a network or a system is a problem today as the trend of successful network attacks continue to
rise. Intruders can explore vulnerabilities of a network system to gain access in order to deploy some virus
or malware such as Denial of Service (DOS) attack. In this work, a frequency-based Intrusion Detection
System (IDS) is proposed to detect DOS attack. The frequency data is extracted from the time-series data
created by the traffic flow using Discrete Fourier Transform (DFT). An algorithm is developed for
anomaly-based intrusion detection with fewer false alarms which further detect known and unknown attack
signature in a network. The frequency of the traffic data of the virus or malware would be inconsistent with
the frequency of the legitimate traffic data. A Centralized Traffic Analyzer Intrusion Detection System
called CTA-IDS is introduced to further detect inside attackers in a network. The strategy is effective in
detecting abnormal content in the traffic data during information passing from one node to another and
also detects known attack signature and unknown attack. This approach is tested by running the artificial
network intrusion data in simulated networks using the Network Simulator2 (NS2) software.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Survey on classification techniques for intrusion detectioncsandit
Intrusion detection is the most essential component
in network security. Traditional Intrusion
Detection methods are based on extensive knowledge
of signatures of known attacks. Signature-
based methods require manual encoding of attacks by
human experts. Data mining is one of the
techniques applied to Intrusion Detection that prov
ides higher automation capabilities than
signature-based methods. Data mining techniques suc
h as classification, clustering and
association rules are used in intrusion detection.
In this paper, we present an overview of
intrusion detection, KDD Cup 1999 dataset and detai
led analysis of different classification
techniques namely Support vector Machine, Decision
tree, Naïve Bayes and Neural Networks
used in intrusion detection.
A Performance Analysis of Chasing Intruders by Implementing Mobile AgentsCSCJournals
An Intrusion Detection System in network fetches the intrusions information from systems by using Mobile Agents aid. Intrusion Detection System detects intrusions based on the collected information and routes the intrusion. The intelligent decisions on communications, permit agents to gain their goals more efficiently and provide more survivability and security of an agent system. The proposed model showed a formal representation of information assurance in agent messaging over a dynamic network by probability of redundant routes. The proposed Intrusion Detection System, chase intruders and collect information by the Mobile Agents. Our propose architecture is an information exchange method and chasing intrusion along with a method by implementing Mobile Agents.
Bamboo Reinforced Concrete Truss Bridge for Rural InfrastructureIJERA Editor
Bamboo is one of a potential renewable construction material in the village. Bamboo is known to have a high mechanical strength in direction of the fibers. The weakness of bamboo in lateral direction of the fiber could be solved by constructing a composite structure with the concrete. The appropriate construction with hold the loads in axial direction is a truss structure. In a bamboo concrete truss structure, the bars are composed from the concrete column with a bamboo reinforcement. The research studies about the performance of the bridge and the effect of loading position on the strain and deformation of bamboo reinforced concrete truss bridge. The bridge whose span and width are respectively 1.5 m and 1.2 m was prepared. Load applied to the truss bridge conducted by using vehicle load changes with position. Mounting the strains gauge in bamboo reinforcement of primary truss is to observe the strain. The LVDT is used to observe the deflection of the truss bridge. The results show that the loading position influences the strain and deformation as well as a theoretical view.
Cost Comparative Study On Steel Frame Folded Plate Roofing System Vs Conventi...IJERA Editor
Due to ever-increasing of construction materials, it becomes the foremost duty of a civil engineer to design economical and durable structures. In this project an attempt has been made to compare the cost of two types of roofing systems viz. conventional truss roofing system and steel frame folded plate roofing system. The steel frame folded plate roofing system, though found to be economical, is not widely practiced in India due to lack of knowledge regarding its analysis and design. On contrary to it, the conventional truss roofing system still remains as the widely adopted method of roofing for different types of buildings due to the available literature on its analysis, design and construction. The analysis and design of conventional truss roofing system and folded plate roofing system have been carried out for various spans. The analysis is carried out in STAAD.Pro 2004, which is based on stiffness method. Load calculations and design done manually, based on IS:875-1987, IS:800-1984 & SP:38(1987)
The Inherent Reactor Kinetics for Transformation of Geniposidic Acid from Gen...IJERA Editor
The ripe fruits of Gardenia jasminoides Ellis (Rubiaceae) (GJ) are widely used in chemical, food and medicinal
industries. Crocin and geniposide, the main constituents of GJ, have shown a diversity of biological activities
including sedative, anti-inflammatory and antipyretic. We propose some new bioactive chemicals could be
derived from geniposide. The optimum transformation condition of geniposide into geniposidic acid still
remains unclear. In order to develop a reactor, the information about the inherent reaction kinetics is required. In
a microreactor (V =62.8 mL), geniposide (0.01 mole/L, 20 mL) and NaOH (0.1 equivalent/L, pH=13, 10mL)
were left to react at 80, 70, 60, 50, and 40 oC and tracked with HPLC. Results indicated that the reaction obeyed
the pseudo-first order kinetics, the corresponding pseudo-first order rate constants ( 1 k ' ) were 11.064 h-1, 8.682
h-1, 2.400 h-1, 1.021 h-1, and 0.750 h-1, and the fractional conversions were 73.4%, 60.5%, 38.6%, 43.6%, and
51.8% at 0.50, 0.50, 0.833, 1.00, and 2.00 h. The energy of activation was 8.751 kJ mol-1. Conclusively, this
transformation obeys the pseudo-first order kinetics with a low energy of activation, 8.751 kJ mol-1. The
optimum transformations at 80oC and 70oC for 0.5 h were 73.4% and 60.5%, respectively.
Mathematical Modeling of Bingham Plastic Model of Blood Flow Through Stenotic...IJERA Editor
The aim of the present paper is to study the axially symmetric, laminar, steady, one-dimensional flow of blood through narrow stenotic vessel. Blood is considered as Bingham plastic fluid. The analytical results such as pressure drop, resistance to flow and wall shear stress have been obtained. Effect of yield stress and shape of stenosis on resistance to flow and wall shear stress have been discussed through tables and graphically. It has been shown that resistance to flow and the wall shear stress increase with the size of stenosis but these increase are, however, smaller due to non-Newtonian behaviour of the blood.
Growth Processes for a pulse of leptin in fasting human subjectsIJERA Editor
A meal-like transient hyperinsulinemia and hyperglycemia, with a pulse of xamethasone, increased serum leptin levels from baseline by 54±21% at 9 h (P = 0.038). In the absence of transient hyperglycemia, leptin increased significantly after doses of both insulin and xamethasone. The effect of insulin was dose-dependent, with a larger increment of serum leptin at 9 h after the highest dose of insulin (75.2±15.7% vs 21.3±8.5%, P = 0.013). Fasting, with or without dexamethasone, resulted in a significant 20% decrease in leptin from morning basal levels. Conversely, the administration of a pulse of insulin and glucose, in the absence of dexamethasone, prevented the drop in serum leptin observed during fasting, regardless of the insulin dose or the serum glucose elevation. The permissive effect of dexamethasone, a single pulse of insulin triggered a rise in serum leptin in humans, even in the absence of transient hyperglycemia. A single pulse of insulin with glucose can prevent the drop in serum leptin normally observed during fasting. We also find the Growth Processes of Leptin
Identification Of Soil Erosion Prone Zones Using Geomatics Technology In Part...IJERA Editor
Soil erosion is the removal and subsequent loss of soil by the action of water, ice, wind and gravity. Soil erosion is a process that occurs naturally at a slow rate. The average natural geologic rate of soil erosion is approximately 0.2 tons per acre per year. Erosion is the process were by the earth or rock is loosened or dissolved and removed from any part of earth‟s surface. Geological erosion is the rate at which the catchment or land would normally be eroded without any disturbance by human activity. If man alters the natural system by means of various land use practices that is caused accelerated erosion. The present study area is covering Parts of North Arcot The area is lies between E78°30'-E78°45' lattitudes N12°15'-N12°30„. The total aerial extent of the study area is 720 sq.km. It falls in the survey of India Toposheet 58 L11 on 1:50,000 scale. The IRS – 1D satellite imagery data were subjected to different types of image enhancement techniques and soil erosion areas were mapped out and GIS databases were generated showing the soil erosion areas using Arc Map 9.1 version. GIS overlay function was executed between soil erosion prone areas and the various controlling variables and the area has been fragmented into a number of polygons of land segments depending upon the controlling variables. Finally, the remedial measures were suggested for each land segment according to the controlling variables.
Feature Selection using the Concept of Peafowl Mating in IDSIJCNCJournal
Cloud computing has high applicability as an Internet based service that relies on sharing computing resources. Cloud computing provides services that are Infrastructure based, Platform based and Software based. The popularity of this technology is due to its superb performance, high level of computing ability, low cost of services, scalability, availability and flexibility. The obtainability and openness of data in cloud environment make it vulnerable to the world of cyber-attacks. To detect the attacks Intrusion Detection System is used, that can identify the attacks and ensure information security. Such a coherent and proficient Intrusion Detection System is proposed in this paper to achieve higher certainty levels regarding safety in cloud environment. In this paper, the mating behavior of peafowl is incorporated into an optimization algorithm which in turn is used as a feature selection algorithm. The algorithm is used to reduce the huge size of cloud data so that the IDS can work efficiently on the cloud to detect intrusions. The proposed model has been experimented with NSL-KDD dataset as well as Kyoto dataset and have proved to be a better as well as an efficient IDS.
Feature Selection using the Concept of Peafowl Mating in IDSIJCNCJournal
Cloud computing has high applicability as an Internet based service that relies on sharing computing resources. Cloud computing provides services that are Infrastructure based, Platform based and Software based. The popularity of this technology is due to its superb performance, high level of computing ability, low cost of services, scalability, availability and flexibility. The obtainability and openness of data in cloud environment make it vulnerable to the world of cyber-attacks. To detect the attacks Intrusion Detection System is used, that can identify the attacks and ensure information security. Such a coherent and proficient Intrusion Detection System is proposed in this paper to achieve higher certainty levels regarding safety in cloud environment. In this paper, the mating behavior of peafowl is incorporated into an optimization algorithm which in turn is used as a feature selection algorithm. The algorithm is used to reduce the huge size of cloud data so that the IDS can work efficiently on the cloud to detect intrusions. The proposed model has been experimented with NSL-KDD dataset as well as Kyoto dataset and have proved to be a better as well as an efficient IDS.
Network Intrusion Detection And Countermeasure Selection In Virtual Network (...ClaraZara1
Intrusion in a network or a system is a problem today as the trend of successful network attacks continue to rise. Intruders can explore vulnerabilities of a network system to gain access in order to deploy some virus or malware such as Denial of Service (DOS) attack. In this work, a frequency-based Intrusion Detection System (IDS) is proposed to detect DOS attack. The frequency data is extracted from the time-series data created by the traffic flow using Discrete Fourier Transform (DFT). An algorithm is developed for anomaly-based intrusion detection with fewer false alarms which further detect known and unknown attack signature in a network. The frequency of the traffic data of the virus or malware would be inconsistent with the frequency of the legitimate traffic data. A Centralized Traffic Analyzer Intrusion Detection System called CTA-IDS is introduced to further detect inside attackers in a network. The strategy is effective in detecting abnormal content in the traffic data during information passing from one node to another and also detects known attack signature and unknown attack. This approach is tested by running the artificial network intrusion data in simulated networks using the Network Simulator2 (NS2) software.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Machine learning-based intrusion detection system for detecting web attacksIAESIJAI
The increasing use of smart devices results in a huge amount of data, which raises concerns about personal data, including health data and financial data. This data circulates on the network and can encounter network traffic at any time. This traffic can either be normal traffic or an intrusion created by hackers with the aim of injecting abnormal traffic into the network. Firewalls and traditional intrusion detection systems detect attacks based on signature patterns. However, this is not sufficient to detect advanced or unknown attacks. To detect different types of unknown attacks, the use of intelligent techniques is essential. In this paper, we analyse some machine learning techniques proposed in recent years. In this study, several classifications were made to detect anomalous behaviour in network traffic. The models were built and evaluated based on the Canadian Institute for Cybersecurity-intrusion detection systems dataset released in 2017 (CIC-IDS-2017), which includes both current and historical attacks. The experiments were conducted using decision tree, random forest, logistic regression, gaussian naïve bayes, adaptive boosting, and their ensemble approach. The models were evaluated using various evaluation metrics such as accuracy, precision, recall, F1-score, false positive rate, receiver operating characteristic curve, and calibration curve.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
A combined approach to search for evasion techniques in network intrusion det...eSAT Journals
Abstract Network Intrusion Detection Systems (NIDS) whose base is signature, works on the signature of attacks. They must be updated quickly in order to prevent the system from new attacks. The attacker finds out new evasion techniques so that he should remain undetected. As the new evasion techniques are being developed it becomes difficult for NIDS to give accurate results and NIDS may fail. The key aspect of our paper is to develop a network intrusion detection system using C4.5 algorithm where Adaboost algorithm is used to classify the packet as normal packet or attack packet and also to further classify different types of attack. Apriori algorithm is used to find real time evasion and to generate rules to find intrusion These rules are further given as input to Snort intrusion detection system for detecting different attacks. Keywords: NIDS, Evasion, Apriori Algorithm, Adaboost Algorithm, Snort
Evaluation of network intrusion detection using markov chainIJCI JOURNAL
Day today life internet threat has been increased significantly. There is a need to develop model in order to
maintain security of system. The most effective techniques are Intrusion Detection System (IDS).The
purpose of intrusion system through the security devices detect and deal with it. In this paper, a
mathematical approach is used effectively to predict and detect intrusion in the network. Here we discuss
about two algorithms ‘K-Means + Apriori’, a method which classify normal and abnormal activities in
computer network. In K-Means process, it partitions the training set into K-clusters using Euclidean
distance and introduce an outlier factor, then it build Apriori Algorithm to prune the data by removing
infrequent data in the database. Based on defined state the degree of incoming data is evaluated through
the experiment using sample DARPA2000 dataset, and achieves high detection performance in level of
attack in stages.
An effective approach for tackling network security
problems is Intrusion detection systems (IDS). These kind of
systems play a key role in network security as they can detect
different types of attacks in networks, including DoS, U2R Probe
and R2L. In addition, IDS are an increasingly key part of the
system’s defense. Various approaches to IDS are now being used,
but are unfortunately relatively ineffective. Data mining techniques
and artificial intelligence play an important role in security
services. We will present a comparative study of three wellknown
intelligent algorithms in this paper. These are Radial Basis
Functions (RBF), Multilayer Perceptrons (MLP) and Support
Vector Machine (SVM).This work’s main interest is to benchmark
the performance of these3 intelligent algorithms. This is done by
using a dataset of about 9,000 connections, randomly chosen from
KDD'99’s 10% dataset. In addition, we investigate these
algorithms’ performance in terms of their attack classification
accuracy. The Simulation results are also analyzed and the
discussion is then presented. It has been observed that SVM with a
linear kernel (Linear-SVM) gives a better performance than MLP
and RBF in terms of its detection accuracy and processing speed.
CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SETIJNSA Journal
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...IJNSA Journal
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defence against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. Along with the widespread evolution of new emerging services, the quantity and impact of attacks have continuously increased, attackers continuously find vulnerabilities at various levels, from the network itself to operating system and applications, exploit them to crack system and services. Network defence and network monitoring has become an essential component of computer security to predict and prevent attacks. Unlike traditional Intrusion Detection System (IDS), Intrusion Detection and Prevention System (IDPS) have additional features to secure computer networks.
In this paper, we present a detailed study of how deployment of an IDPS plays a key role in its performance and the ability to detect and prevent known as well as unknown attacks. We categorize IDPS based on deployment as Network-based, host-based, and Perimeter-based and Hybrid. A detailed comparison is shown in this paper and finally we justify our proposed solution, which deploys agents at host-level to give better performance in terms of reduced rate of false positives and accurate detection and prevention.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
AN IMPROVED METHOD TO DETECT INTRUSION USING MACHINE LEARNING ALGORITHMSieijjournal
An intrusion detection system detects various malicious behaviors and abnormal activities that might harm
security and trust of computer system. IDS operate either on host or network level via utilizing anomaly
detection or misuse detection. Main problem is to correctly detect intruder attack against computer
network. The key point of successful detection of intrusion is choice of proper features. To resolve the
problems of IDS scheme this research work propose “an improved method to detect intrusion using
machine learning algorithms”. In our paper we use KDDCUP 99 dataset to analyze efficiency of intrusion
detection with different machine learning algorithms like Bayes, NaiveBayes, J48, J48Graft and Random
forest. To identify network based IDS with KDDCUP 99 dataset, experimental results shows that the three
algorithms J48, J48Graft and Random forest gives much better results than other machine learning
algorithms. We use WEKA to check the accuracy of classified dataset via our proposed method. We have
considered all the parameter for computation of result i.e. precision, recall, F – measure and ROC.
AN IMPROVED METHOD TO DETECT INTRUSION USING MACHINE LEARNING ALGORITHMSieijjournal1
An intrusion detection system detects various malicious behaviors and abnormal activities that might harm
security and trust of computer system. IDS operate either on host or network level via utilizing anomaly
detection or misuse detection. Main problem is to correctly detect intruder attack against computer
network. The key point of successful detection of intrusion is choice of proper features. To resolve the
problems of IDS scheme this research work propose “an improved method to detect intrusion using
machine learning algorithms”. In our paper we use KDDCUP 99 dataset to analyze efficiency of intrusion
detection with different machine learning algorithms like Bayes, NaiveBayes, J48, J48Graft and Random
forest. To identify network based IDS with KDDCUP 99 dataset, experimental results shows that the three
algorithms J48, J48Graft and Random forest gives much better results than other machine learning
algorithms. We use WEKA to check the accuracy of classified dataset via our proposed method. We have
considered all the parameter for computation of result i.e. precision, recall, F – measure and ROC.
Similar to A survey on RBF Neural Network for Intrusion Detection System (20)
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
A survey on RBF Neural Network for Intrusion Detection System
1. Henali Sheth et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 12( Part 4), December 2014, pp.17-22
www.ijera.com 17 | P a g e
A survey on RBF Neural Network for Intrusion Detection System
Henali Sheth*, Prof. Bhavin Shah**, Shruti Yagnik***
*(Department of Computer Engineering, L.J. Institute of Engineering & Technology, Ahmedabad, India. Email:
hvs.sweety@gmail.com.)
** (Associate Professor, M.C.A Programme, L.J. Institute of Management studies, Ahmedabad, India.
Email: bms_mca@yahoo.com)
*** (Department of Computer Engineering, L.J. Institute of Engineering & Technology, Ahmedabad, Gujarat,
India. Email: shruya@gmail.com)
ABSTRACT
Network security is a hot burning issue nowadays. With the help of technology advancement intruders or hackers
are adopting new methods to create different attacks in order to harm network security. Intrusion detection
system (IDS) is a kind of security software which inspects all incoming and outgoing network traffic and it will
generate alerts if any attack or unusual behavior is found in a network. Various approaches are used for IDS such
as data mining, neural network, genetic and statistical approach. Among this Neural Network is more suitable
approach for IDS. This paper describes RBF neural network approach for Intrusion detection system. RBF is a
feed forward and supervise technique of neural network.RBF approach has good classification ability but its
performance depends on its parameters. Based on survey we find that RBF approach has some short comings. In
order to overcome this we need to do proper optimization of RBF parameters.
Keywords – Immune Radial Basis Function (IRBF), Intrusion Detection System (IDS), Multiple Granularities
Immune Network (MGTN), Neural Network, Particle swarm optimization (PSO), Radial basis function (RBF).
I. INTRODUCTION
In this era of computer, use of Internet is
increasing day-by-day. According to the Symantec
Internet Security Threat Report 2014, 2013 was the
year of Mega Breaches [22]. Security threats are
increasing in order to harm network or system and
compromise information security through malicious
activities or through security policy violations. It has
brought unprecedented chances and challenges to the
society for security purpose. Traditional protection
techniques such as user authentication, data
encryption, avoiding programming errors and
firewalls are generally unable to protect against
malicious activity [17]. Intrusion detection system
(IDS) is used to detect attacks which are not detected
by traditional tools & techniques as mentioned
above. In 1980 firstly Anderson developed such IDS
which was able to detect the attack with more
accuracy as compared to traditional security tools
[1].
Various approaches are adopted to build IDS
using different techniques like statistical models,
Data Mining base Methods, Neural Network, Rule
based systems, Genetic Algorithms, State transition
based, and Expert based System as described in [5].
Out of these neural network based model have
become a promising AI approach for IDS [3].
Among various Neural Network based approaches
RBF is proven technique which has been already
used in [3] [4] [5] [6] [7] [8] [9] [10] [11] and [12].
RBF neural network has some advantages like good
approximation ability, better classification and fast
learning speed over back propagation (BP) neural
network. RBF will have a broad future in the
research field of intrusion detection [5].
In this paper section II & section III describes IDS
and types of attacks respectively. Section IV
includes RBF approach. Then section V contains
literature survey. Comparison and discussion is
included in section VI. Section VII contains
conclusion.
II. INTRUSION DETECTION SYSTEM
An intrusion detection system (IDS) is a device
or software application that monitors network or
system activities for malicious activities or policy
violations [2] [15] [18]. IDS detects attacks and
generate alerts [2]. But Intrusion Prevention System
(IPS) has feature of detection and prevention. IPS
takes manual or auto action such as drop or block or
terminates the connection [13]. Many organizations
are using Intrusion Detection & Prevention System
(IDPS) nowadays [13]. The simple structure of IDS
is as shown in following Figure-1.
As per the Figure-1 all network traffic is captured
and stored. Then data is given to preprocessing
module. Afterwards data is normalized. And it is
given to intrusion detection engine where detection
and learning is done based on knowledge & behavior
fetch from database. Then alerts are generated and
RESEARCH ARTICLE OPEN ACCESS
2. Henali Sheth et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 12( Part 4), December 2014, pp.17-22
www.ijera.com 18 | P a g e
reported to administrator or IPS or log auditing is
done.
Attacker/
Intruder
Network Network
Data
Data
Preprocessing
Generates Alerts
Intrusion Detection
Engine
Data Normalization
Administrator
Intrusion
Prevention
System
Log Audits
Database
Send
malicious
code
Captures
Traffic
Report
Report
Report
Figure:-1. The general view of intrusion-detection
system.
On the basis of source of data, IDS can be classified
into host-based and network-based [5] [14] [15]:
1) Host-based IDS: This detects attacks by
inspecting a single host and collecting audit data
from host audit trails [5] [14]. They are
application specific, has detailed signature and
better for detecting attacks from inside [18]
[19].
2) Network-Based IDS: It analyzes network traffic
and evaluates information capture from network
connection [14]. NIDS is better for detecting
attacks from outside [19].
Further, on the basis of the detection technique, IDS
can be classified as misuse detection or anomaly
detection. Misuse detection relies on patterns of
known intrusions [19]. In anomaly detection
unknown attacks or unusual behavior in network are
inspected. It is very difficult to detect such unusual
behavior which leads to high false rate [19].
III. TYPES OF ATTACKS
There are different types of attacks in network
as described in [5][25]. These attacks are categorized
into following four main groups: 1) Denial of
Service (DOS): This attack will deny legitimate user
requests to a system e.g. flood. 2) User-to-Root
(U2R): In this attack hacker starts off on the system
with a normal user account and attempts to abuse
vulnerabilities in the system in order to gain super
user privileges e.g. perl, xterm 3) Remote-to-Local
(R2L): In this attack, hacker gets unauthorized
access from a remote machine e.g. guessing
password. 4) Probe attack: It is a surveillance
attack. In this hacker scan system or network and
find its vulnerabilities e.g. port scanning.
IV. RADIAL BASIS FUNCTION (RBF)
RBF was first introduced in the solution of the
real multivariable interpolation problem by
Broomhead & Lowe (1988) and Moody & Darken
(1989) [23] [24].It is a kind of local approximation
neural network, which has very strong
approximation ability, good classification ability and
rapid learning speed [20]. Different applications of
RBF are pattern classification, curve fitting, function
approximation, time series prediction and control
system.
RBF neural network is a feed forward network
and it has simple structure [20]. The structure of
RBF neural network is as shown in Figure-2 [24]. It
has three layers known as input layer (x), hidden
layer which includes radial basis function, and
output layer (y) which is linear summation of hidden
layer [16]. The neurons in the hidden layer
commonly contain Gaussian transfer functions
whose outputs are inversely proportional to the
distance from the center of the neuron [4]. The
connection weight (w) between hidden layer and
output layer is adjusted. Input layer achieve non-
linear mapping and output layer realize on linear
mapping [20].
Figure:-2 The structure of RBF [24]
Training procedure of RBF network is divided into
two phases: Unsupervised learning and Supervised
Learning [8].During both the learning, the choice of
the parameters has an important influence on the
classification performance of RBF neural network.
Following is the list of such parameters.
1. The number of neurons in the hidden layer.
2. The coordinates of the center of hidden-layer
3. The radius (spread) of each RBF function in each
dimension.
4. The weights between hidden & output layer.
V. LITERATURE SURVEY
In this section different research papers based
on RBF approach for IDS which have been reviewed
are included.
An IDS based on RBF neural Network [6]
The objective of this paper is to shows how well
RBF neural network can distinguish the known
intrusion behavior and new intrusion behavior with
3. Henali Sheth et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 12( Part 4), December 2014, pp.17-22
www.ijera.com 19 | P a g e
high detection rate. Authors had implemented their
model on KDD CUP 1999 dataset and also on real
network traffic of Shanhua Company. Authors had
compared their RBF implementation with BP Neural
Network. During such comparison they found that
RBF has better detection rate as compare to BP.
During their implementation authors had recorded
97.6% as detection rate and 1.6% as false positive
rate with 4s training time.
RBF based Real time Hierarchical IDS [7]
Authors used hierarchical IDS which has Serial
hierarchical IDS (SHIDS) and Parallel hierarchical
IDS (PHIDS) layers. The objective of the model is to
support real time traffic monitoring, detecting
anomalous activity by modifying the internal
structure.
As per the authors, initially SHIDS will have single
layer and more layers will be added as new attack
group has been given. Such structure suffers from
single point of failure as the layers are arranged in a
sequential manner. To overcome this, authors
proposed PHIDS. During their implementation
authors found that deciding the threshold value
which is used to identify the anomaly, is difficult.
NIDS method based on RBF neural network [8]
.Objective of this paper is to support rapid and
effective intrusion detection. Authors have compared
the RBF with BP Neural Network. During such
comparison authors found that RBF has less training
and testing error, less average iteration time, faster
convergence rate. Still it suffers from high false
alarm rate.
Application of PSO-RBF Neural Network in
Network Intrusion Detection [9]
Authors had combined RBFNN and Particle swarm
optimization (PSO) algorithm in order to increase
detection rate of NIDS.PSO algorithm is used to
optimized RBF parameters. During their
implementation authors had found that PSO-RBF
performance is superior to conventional RBFNN.
But PSO algorithm suffers from local minima,
premature convergence and high false alarm rate.
QPSO optimized RBF network for anomaly
detection [10]
Author Yuan Liu has proposed a novel hybrid
algorithm used with RBFNN for anomaly detection.
This algorithm is combination of Quantum behave
PSO (QPSO) and gradient descent which is used to
train the RBFNN. During implementation author had
compare QPSO-RBF, GD-RBF and QPSO-GD-RBF
approaches. During such comparison author found
that detection rate of QPSO-GD-RBF is 96.77%
which is higher than others. But one short coming of
this approach is that false positive rate is still high.
IDS based on Adaptive RBF neural network
[11]
Authors had implemented a new method such as
multiple granularities immune network (MGIN) to
design a classifier for intrusion. Authors had first use
MGIN to find the candidate hidden neurons. Further
they remove some redundant hidden neurons by
employing preserving criterion.
Authors had compared this combine approach with
BPNN. They found that BPNN has best result for
detection rate and false positive than RBF. Authors
also found that BP is difficult to use for high
dimensional pattern classification problem and it
does not converge well. During their implementation
authors had also compared this new algorithm with
traditional RBF. They found that this approach has
better detection rate and low false positive rate than
traditional RBF.
Application study on Intrusion Detection
System using IRBF [4] [12]
The objective of this paper is to improve
convergence speed and precision of RBF neural
network. For this authors had used RBF based on
immune recognition algorithm (IRBF). Input data
are regarded as antigens and antibodies are regarded
as the hidden layer centers. Weights of output layer
are determined by adopting the recursive least
square method.
During their implementation authors had recorded
83.7% detection precision for all type of attack.
Further author also found that IRBF has high
precision, less computation time, faster convergence
speed and good real time performance. But still false
positive & false negative exists and IRBF is unable
to detect all type of invasion.
VI. COMPARISON AND DISCUSSION
The objective of this paper is to find current
challenges of RBF approach for Intrusion detection.
Basic comparison is shown in Table 1. From that
table following are the current challenges:1)
Response time [7]. 2) High false alarm rate [4] [8]
[9] [10] [11] [12].
1) Response time:
As per literature survey and comparison Table-1,
one problem is that response time is high for SHIDS
[7]. Response time is high, because SHIDS used
sequential layered approach for classifying intrusion.
To overcome this PHIDS is used as in[7].PHIDS
used parallel layered approach so response time is
reduced. In this approach parallel implementation is
done so it will avoid single point failure problem.
While SHIDS suffers from single point failure, this
also increases response time.
2) High false alarm rate:
From comparison Table-1major current challenge is
high false alarm rate. False alarm rate is high if there
is no proper training of RBFNN. To overcome this
problem proper parameter tuning is required. From
our literature review we found that false alarm rate
4. Henali Sheth et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 12( Part 4), December 2014, pp.17-22
www.ijera.com 20 | P a g e
can be reduced by optimizing the following
parameters.
Number of neurons in hidden layer: If numbers
of neurons in hidden layer are too high then
RBFNN will have poor generalization and also
suffers from over training. If numbers of
neurons are insufficient then RBFNN cannot
learn the data adequately. So it will lead to slow
convergence. Therefore number of neurons in
hidden layer will affect false alarm rate. To
reduce false alarm rate number of neurons in
hidden layer must be properly chosen. MGIN
algorithm is used for hidden layer neuron
selection [11].
Location of centre and width spread: Location
of center is important because if input is closer
to center then it has better classification. So
locating centers are important for better RBF
performance which in turn reduce false alarm
rate. K-nearest neighbor & clone selection
algorithm is used for center selection [4] [8]
[12]. Sometime centers are selected randomly.
We need to select width parameter in order to
properly distinguish between classes. So
location of center and width must be properly
chosen to reduce false alarm rate.
Weight: It is used between hidden layer and
output layer for linear summation. This weight
is adjustable and so it affects false alarm rate.
Recursive least mean square method is used to
adjust weight [4] [12].
From above discussion it is clear that RBFNN
performance depends on its parameters. Therefore
proper optimization of RBF parameter is required.
Various optimization algorithms are used such as
PSO, QPSO and IRBF [4] [9] [10] [12].
VII. CONCLUSION
This paper concludes that RBF network can be
used to detect anomaly detection and Misuse
detection. If sequential layered approach such as
SHIDS is used for intrusion detection then response
time will increase. This problem is avoided by using
parallel approach such as PHIDS. Moreover RBFNN
performance depends on its parameters. Based on
comparison and discussion proper optimization of
RBF parameters is required in order to reduce false
alarm rate.
DECLARATION
The content of this paper is written by Author
1(Henali Sheth) while Author 2(Prof. Bhavin shah)
had guided the work and Author 3(Shruti yagnik)
has reviewed this paper. Hence Author 1 is
responsible for the content and issues related with
plagiarism.
References
[1] J. P. Anderson, Computer Security Threat
Monitoring and Surveillance. Technical
Report, Fort Washington, PA (1980).
[2] Z.J. Tang et al. Intrusion detection. Tsinghua
University Press. 2004, chap 2, pp 6-8.
[3] Yanwei, Fu, Zhu Yingying, and Yu Haiyang.
"Study of neural network technologies in
intrusion detection systems." Wireless
Communications, Networking and Mobile
Computing, 2009. WiCom'09. 5th
International Conference on. IEEE, 2009.
[4] Yichun, Peng, Niu Yi, and Hu Qiwei.
"Research on Intrusion Detection System
Based on IRBF." Computational Intelligence
and Security (CIS), 2012 Eighth
International Conference on. IEEE, 2012.
[5] Devaraju, S., and S. Ramakrishnan.
"Performance analysis of intrusion detection
system using various neural network
classifiers." Recent Trends in Information
Technology (ICRTIT), 2011 International
Conference on. IEEE, 2011.
[6] Yang, Zhimin, et al. "An intrusion detection
system based on RBF neural
network." Computer Supported Cooperative
Work in Design, 2005. Proceedings of the
Ninth International Conference on. Vol. 2.
IEEE, 2005.
[7] Jiang, Ju, Chunlin Zhang, and M. Kamel.
"RBF-based real-time hierarchical intrusion
detection systems." Neural Networks, 2003.
Proceedings of the International Joint
Conference on. Vol. 2. IEEE, 2003.
[8] Tian, Jingwen, Meijuan Gao, and Fan
Zhang. "Network intrusion detection method
based on radial basic function neural
network." E-Business and Information
System Security, 2009. EBISS'09.
International Conference on. IEEE, 2009.
[9] Chen, Zhifeng, and Peide Qian. "Application
of PSO-RBF neural network in network
intrusion detection." Intelligent Information
Technology Application, 2009. IITA 2009.
Third International Symposium on. Vol. 1.
IEEE, 2009.
[10] Liu, Yuan. "Qpso-optimized rbf neural
network for network anomaly
detection."Journal of Information &
Computational Science 8.9 (2011): 1479-
1485.
[11] Zhong, Jiang, et al. "Intrusion detection
based on adaptive RBF neural
network."Intelligent Systems Design and
Applications, 2006. ISDA'06. Sixth
International Conference on. Vol. 2. IEEE,
2006.
5. Henali Sheth et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 12( Part 4), December 2014, pp.17-22
www.ijera.com 21 | P a g e
[12] Peng, Yichun, et al. "Application Study on
Intrusion Detection System Using
IRBF." Journal of Software 9.1 (2014): 177-
183.
[13] Ashoor, Asmaa Shaker, and Sharad Gore.
"Difference between Intrusion Detection
System (IDS) and Intrusion Prevention
System (IPS)." (2011).
[14] Ashoor, Asmaa Shaker, and Sharad Gore.
"Importance of Intrusion Detection system
(IDS)." International Journal of Scientific
and Engineering Research 2.1 (2011): 1-4.
[15] Niu, Yi, and Yi Chun Peng. "Application of
Radial Function Neural Network in Network
Security." Proceedings of the 2008
International Conference on Computational
Intelligence and Security-Volume 01. IEEE
Computer Society, 2008.
[16] Liu, Yinfeng. "An improved RBF neural
network method for information security
evaluation." TELKOMNIKA Indonesian
Journal of Electrical Engineering 12.4
(2014): 2936-2940.
[17] Govindarajan, M. "Hybrid Intrusion
Detection Using Ensemble of Classification
Methods." International Journal of
Computer Network & Information
Security 6.2 (2014).
[18] Debar, Herve. "An introduction to intrusion-
detection systems." Proceedings of
Connect 2002 (2000): 77.
[19] Chowdhary, Mahak, Shrutika Suri, and
Mansi Bhutani. "Comparative Study of
Intrusion Detection System." (2014).
[20] Chun-tao, Man, Wang Kun, and Zhang Li-
yong. "A new training algorithm for RBF
neural network based on PSO and simulation
study." Computer Science and Information
Engineering, 2009 WRI World Congress on.
Vol. 4. IEEE, 2009.
[21] Er, Meng Joo, et al. "Face recognition with
radial basis function (RBF) neural
networks." Neural Networks, IEEE
Transactions on 13.3 (2002): 697-710.
[22] Symantec Corporation, Internet Security
Threat Report (ISTR), 2013 Trends, Volume
19, Published April 2014.
http://www.symantec.com/content/en/us/ente
rprise/other_resources/b-
istr_main_report_v19_21291018.en-us.pdf.
[23] Broomhead, David S., and David
Lowe. Radial basis functions, multi-variable
functional interpolation and adaptive
networks. No. RSRE-MEMO-4148. ROYAL
SIGNALS AND RADAR
ESTABLISHMENT MALVERN (UNITED
KINGDOM), 1988.
[24] Ugur Halici. Artificial Neural Network.
Chapter 9. Radial basis function Network
.EE543 lecture notes. Metu EEE. Ankara
139.
[25] KDD dataset, 1999;
http//kdd.ics.uci.edu/databases/-
kddcup99/kddcup99.html.
6. Henali Sheth et al. Int. Journal of Engineering Research and Applications www.ijera.com
ISSN : 2248-9622, Vol. 4, Issue 12( Part 4), December 2014, pp.17-22
www.ijera.com 22 | P a g e
Table 1: Comparison Table
Techniques
Used in different papers
Objective Dataset used for training
& testing
Advantages Disadvantage
Only RBF [6] Finds if RBF can
distinguish the known and
unknown intrusion with
high exactness.
KDD CUP 1999 -Better approximation
than BP
-good Classification
-faster learning
-training step fewer
- performance needed to
be improved.
RBF for Hierarchical
IDS( serial & parallel) [7]
Two hierarchical IDS are
proposed based on RBF to
monitor network traffic in
real-time, train new
classifier and modify their
structure adaptively.
KDD CUP 1999 -better than BP
-SHIDS use for
monitoring real traffic
-Structures update
automatically.
-PHIDS is better than
SHIDS
-PHIDS has less layers
-response time is more.
-SHIDS has too many
clusters and layers.
SHIDS has problem of
“single point failure”
-In PHIDS it is difficult to
choose suitable decision
threshold to identify novel
intrusion.
RBF and K-NN algorithm
[8]
-RBF is used to detect
intrusion behavior rapidly
and effectively.
-Advantages of RBF.
DARPA -local approaching
network so fast learning
-fast convergence rate
-higher stability
-truly detect anomaly
intrusion behavior
- requires predominance
of RBF to enhance
learning ability.
-false rate is high
PSO-RBF [9] To detect all kinds of
intrusion efficiently and
therefore, the novel
combination method
based on RBF & PSO is
adapted to NIDS.
KDDCUP1999 -used to solve non-linear
problem
-used for optimization
purpose.
-superior than
conventional RBF neural
network
-high false alarm rate.
QPSO-RBF
GD-RBF
QPSO-GD-RBF [10]
QPSO-GD-RBF, a novel
hybrid algorithm proposed
for network anomaly
detection.
KDDCUP 1999 -better optimization
-global searching possible
-high detection rate
-false positive rate is still
high
RBF-MGIN [11] This algorithm is used to
reduce data & get the
candidate hidden neurons
& construct an original
RBF.
KDDCUP 1999 -advantage of class label.
-small network
-generalized well
-better classification
-detection rate is low than
BP.
-false positive is also high
IRBF [4] [12] Hidden layer centers are
selected and convergence
speed and precision are
improved.
KDDCUP 1999 -can distinguish between
self and non self
-less computation time
-faster convergence
-high precision
-good real time
performance.
-ability of self learning
and self adjusting.
- can detect unknown
intrusion.
-false positive and false
negative still exists.
- can’t detect all invasion.