Since the invention of the internet for military and academic research purposes, it has evolved to meet the demands of the increasing number of users on the network, who have their scope beyond military and academics. As the scope of the network expanded maintaining its security became a matter of increasing importance. With various users and interconnections of more diversified networks, the internet needs to be maintained as securely as possible for the transmission of sensitive information to be one hundred per cent safe; several anomalies may intrude on private networks. Several research works have been released around network security and this research seeks to add to the already existing body of knowledge by expounding on these attacks, proffering efficient measures to detect network intrusions, and introducing an ensemble classifier: a combination of 3 different machine learning algorithms. An ensemble classifier is used for detecting remote to local (R2L) attacks, which showed the lowest level of accuracy when the network dataset is tested using single machine learning models but the ensemble classifier gives an overall efficiency of 99.8%.
DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION AND PREVENTION MODEL FOR IOTBA...IJNSA Journal
Defending against Distributed Denial of Service (DDoS) in the Internet of Things (IoT) computing environment is a challenging task. DDoS attacks are type of collective attack in which attackers work together to compromise internet security and services. The resource-constrained devices used in IoT deployments have made it even easier for an attacker to break, because of the vast number of vulnerable IoT devices with significant compute power. This paper proposed an ensemble machine learning (ML) model using the bagging technique to detect and prevent DDoS attacks in the IoT computing environment. We carried out an Machine Learning experiment and evaluated our proposed model with the most recent DDoS attacks (CICDoS2019) dataset. We use seven validation metrics (classification accuracy, precision rate, recall rate, f1-score, Matthews Correlation Coefficient, false negative rate and false positive rate) to evaluate the performance of the proposed model. The results obtained in our experiment shows an improved performance with an overall maximum classification accuracy of 99.75%, precision rate of 99.99%, recall rate of 99.76%, f1-score of 99.87%, Matthews Correlation Coefficient of 0.000000214, false negative rate of 0.24% and 4.42% false positive rate.
Peripheral Review and Analysis of Internet Network SecurityIJRES Journal
This paper is on the exploration of Internet Network security. With the advent of the internet, security became a major concern for computer users, organizations and the Military. The internet structure itself allow for many security threats to occur. Knowing the attack methods, the architecture of the internet when modified can reduce the possible attacks that can be sent across the network. The internet can be secured by the means of VPN, IPSec, Anti‐Malware Software and scanners, Secure Socket Layer, intrusion‐detection, security management, firewalls and cryptography mechanisms. The essence of this research is to forecast the future of internet network security.
Automated diagnosis of attacks in internet of things using machine learning a...journalBEEI
The Internet of Things (IoT) is the interconnection of things around us to make our daily process more efficient by providing more comfort and productivity. However, these connections also reveal a lot of sensitive data. Therefore, thinking about the methods of information security and coding are important as the security approaches that rely heavily on coding are not a strong match for these restricted devices. Consequently, this research aims to contribute to filling this gap, which adopts machine learning techniques to enhance network-level security in the low-power devices that use the lightweight MQTT protocol for their work. This study used a set of tools tools and, through various techniques, trained the proposed system ranging from Ensemble methods to deep learning models. The system has come to know what type of attack has occurred, which helps protect IoT devices. The log loss of the Ensemble methods is 0.44, and the accuracy of multi-class classification is 98.72% after converting the table data into an image set. The work also uses a Convolution Neural Network, which has a log loss of 0.019 and an accuracy of 99.3%. It also aims to implement these functions in IDS.
PREDICTION OF CYBER ATTACK USING DATA SCIENCE TECHNIQUEIRJET Journal
This document discusses predicting cyber attacks using machine learning techniques. It proposes building a machine learning model for anomaly detection to identify fraudulent, suspicious or unusual network activities that could indicate cyber attacks. The model would be built using data science methods like variable identification on a past dataset to train and test various machine learning algorithms. Performance metrics of different algorithms would be calculated and compared to find the most accurate model for predicting four types of attacks: DOS, R2L, U2R and Probe attacks. A graphical user interface would then display the prediction results of network attack detection.
Network security is one of the foremost anxieties of the modern time. Over
the previous years, numerous studies have been accompanied on the
intrusion detection system. However, network security is one of the foremost
apprehensions of the modern era this is due to the speedy development and
substantial usage of altered technologies over the past period. The
vulnerabilities of these technologies security have become a main dispute
intrusion detection system is used to classify unapproved access and unusual
attacks over the secured networks. For the implementation of intrusion
detection system different approaches are used machine learning technique
is one of them. In order to comprehend the present station of application of
machine learning techniques for solving the intrusion discovery anomalies in
internet of thing (IoT) based big data this review paper conducted. Total 55
papers are summarized from 2010 and 2021 which were centering on the
manner of the single, hybrid and collaborative classifier design. This review
paper also includes some of the basic information like IoT, big data, and
machine learning approaches are discussed.
A review on machine learning based intrusion detection system for internet of...IJECEIAES
Within an internet of things (IoT) environment, the fundamental purpose of various devices is to gather the abundant amount of data that is being generated and then transmit this data to the predetermined server over the internet. IoT connects billions of objects and the internet to communicate without human intervention. But network security and privacy issues are increasing very fast, in today's world. Because of the prevalence of technological advancement in regular activities, internet security has evolved into a necessary requirement. Because technology is integrated into every aspect of contemporary life, cyberattacks on the internet of things represent a bigger danger than attacks against traditional networks. Researchers have found that combining machine learning techniques into an intrusion detection system (IDS) is an efficient way to get beyond the limitations of conventional IDSs in an IoT context. This research presents a comprehensive literature assessment and develops an intrusion detection system that makes use of machine learning techniques to address security problems in an IoT environment. Along with a comprehensive look at the state of the art in terms of intrusion detection systems for IoT-enabled environments, this study also examines the attributes of approaches, common datasets, and existing methods utilized to construct such systems.
A new algorithm to enhance security against cyber threats for internet of thi...IJECEIAES
One major problem is detecting the unsuitability of traffic caused by a distributed denial of services (DDoS) attack produced by third party nodes, such as smart phones and other handheld Wi-Fi devices. During the transmission between the devices, there are rising in the number of cyber attacks on systems by using negligible packets, which lead to suspension of the services between source and destination, and can find the vulnerabilities on the network. These vulnerable issues have led to a reduction in the reliability of networks and a reduction in consumer confidence. In this paper, we will introduce a new algorithm called rout attack with detection algorithm (RAWD) to reduce the affect of any attack by checking the packet injection, and to avoid number of cyber attacks being received by the destination and transferred through a determined path or alternative path based on the problem. The proposed algorithm will forward the real time traffic to the required destination from a new alternative backup path which is computed by it before the attacked occurred. The results have showed an improvement when the attack occurred and the alternative path has used to make sure the continuity of receiving the data to the main destination without any affection.
Current issues - International Journal of Network Security & Its Applications...IJNSA Journal
nternational Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION AND PREVENTION MODEL FOR IOTBA...IJNSA Journal
Defending against Distributed Denial of Service (DDoS) in the Internet of Things (IoT) computing environment is a challenging task. DDoS attacks are type of collective attack in which attackers work together to compromise internet security and services. The resource-constrained devices used in IoT deployments have made it even easier for an attacker to break, because of the vast number of vulnerable IoT devices with significant compute power. This paper proposed an ensemble machine learning (ML) model using the bagging technique to detect and prevent DDoS attacks in the IoT computing environment. We carried out an Machine Learning experiment and evaluated our proposed model with the most recent DDoS attacks (CICDoS2019) dataset. We use seven validation metrics (classification accuracy, precision rate, recall rate, f1-score, Matthews Correlation Coefficient, false negative rate and false positive rate) to evaluate the performance of the proposed model. The results obtained in our experiment shows an improved performance with an overall maximum classification accuracy of 99.75%, precision rate of 99.99%, recall rate of 99.76%, f1-score of 99.87%, Matthews Correlation Coefficient of 0.000000214, false negative rate of 0.24% and 4.42% false positive rate.
Peripheral Review and Analysis of Internet Network SecurityIJRES Journal
This paper is on the exploration of Internet Network security. With the advent of the internet, security became a major concern for computer users, organizations and the Military. The internet structure itself allow for many security threats to occur. Knowing the attack methods, the architecture of the internet when modified can reduce the possible attacks that can be sent across the network. The internet can be secured by the means of VPN, IPSec, Anti‐Malware Software and scanners, Secure Socket Layer, intrusion‐detection, security management, firewalls and cryptography mechanisms. The essence of this research is to forecast the future of internet network security.
Automated diagnosis of attacks in internet of things using machine learning a...journalBEEI
The Internet of Things (IoT) is the interconnection of things around us to make our daily process more efficient by providing more comfort and productivity. However, these connections also reveal a lot of sensitive data. Therefore, thinking about the methods of information security and coding are important as the security approaches that rely heavily on coding are not a strong match for these restricted devices. Consequently, this research aims to contribute to filling this gap, which adopts machine learning techniques to enhance network-level security in the low-power devices that use the lightweight MQTT protocol for their work. This study used a set of tools tools and, through various techniques, trained the proposed system ranging from Ensemble methods to deep learning models. The system has come to know what type of attack has occurred, which helps protect IoT devices. The log loss of the Ensemble methods is 0.44, and the accuracy of multi-class classification is 98.72% after converting the table data into an image set. The work also uses a Convolution Neural Network, which has a log loss of 0.019 and an accuracy of 99.3%. It also aims to implement these functions in IDS.
PREDICTION OF CYBER ATTACK USING DATA SCIENCE TECHNIQUEIRJET Journal
This document discusses predicting cyber attacks using machine learning techniques. It proposes building a machine learning model for anomaly detection to identify fraudulent, suspicious or unusual network activities that could indicate cyber attacks. The model would be built using data science methods like variable identification on a past dataset to train and test various machine learning algorithms. Performance metrics of different algorithms would be calculated and compared to find the most accurate model for predicting four types of attacks: DOS, R2L, U2R and Probe attacks. A graphical user interface would then display the prediction results of network attack detection.
Network security is one of the foremost anxieties of the modern time. Over
the previous years, numerous studies have been accompanied on the
intrusion detection system. However, network security is one of the foremost
apprehensions of the modern era this is due to the speedy development and
substantial usage of altered technologies over the past period. The
vulnerabilities of these technologies security have become a main dispute
intrusion detection system is used to classify unapproved access and unusual
attacks over the secured networks. For the implementation of intrusion
detection system different approaches are used machine learning technique
is one of them. In order to comprehend the present station of application of
machine learning techniques for solving the intrusion discovery anomalies in
internet of thing (IoT) based big data this review paper conducted. Total 55
papers are summarized from 2010 and 2021 which were centering on the
manner of the single, hybrid and collaborative classifier design. This review
paper also includes some of the basic information like IoT, big data, and
machine learning approaches are discussed.
A review on machine learning based intrusion detection system for internet of...IJECEIAES
Within an internet of things (IoT) environment, the fundamental purpose of various devices is to gather the abundant amount of data that is being generated and then transmit this data to the predetermined server over the internet. IoT connects billions of objects and the internet to communicate without human intervention. But network security and privacy issues are increasing very fast, in today's world. Because of the prevalence of technological advancement in regular activities, internet security has evolved into a necessary requirement. Because technology is integrated into every aspect of contemporary life, cyberattacks on the internet of things represent a bigger danger than attacks against traditional networks. Researchers have found that combining machine learning techniques into an intrusion detection system (IDS) is an efficient way to get beyond the limitations of conventional IDSs in an IoT context. This research presents a comprehensive literature assessment and develops an intrusion detection system that makes use of machine learning techniques to address security problems in an IoT environment. Along with a comprehensive look at the state of the art in terms of intrusion detection systems for IoT-enabled environments, this study also examines the attributes of approaches, common datasets, and existing methods utilized to construct such systems.
A new algorithm to enhance security against cyber threats for internet of thi...IJECEIAES
One major problem is detecting the unsuitability of traffic caused by a distributed denial of services (DDoS) attack produced by third party nodes, such as smart phones and other handheld Wi-Fi devices. During the transmission between the devices, there are rising in the number of cyber attacks on systems by using negligible packets, which lead to suspension of the services between source and destination, and can find the vulnerabilities on the network. These vulnerable issues have led to a reduction in the reliability of networks and a reduction in consumer confidence. In this paper, we will introduce a new algorithm called rout attack with detection algorithm (RAWD) to reduce the affect of any attack by checking the packet injection, and to avoid number of cyber attacks being received by the destination and transferred through a determined path or alternative path based on the problem. The proposed algorithm will forward the real time traffic to the required destination from a new alternative backup path which is computed by it before the attacked occurred. The results have showed an improvement when the attack occurred and the alternative path has used to make sure the continuity of receiving the data to the main destination without any affection.
Current issues - International Journal of Network Security & Its Applications...IJNSA Journal
nternational Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Hyperparameters optimization XGBoost for network intrusion detection using CS...IAESIJAI
With the introduction of high-speed internet access, the demand for security and dependable networks has grown. In recent years, network attacks have gotten more complex and intense, making security a vital component of organizational information systems. Network intrusion detection systems (NIDS) have become an essential detection technology to protect data integrity and system availability against such attacks. NIDS is one of the most well-known areas of machine learning software in the security field, with machine learning algorithms constantly being developed to improve performance. This research focuses on detecting abnormalities in societal infiltration using the hyperparameters optimization XGBoost (HO-XGB) algorithm with the Communications Security Establishment-The Canadian Institute for Cybersecurity-Intrusion Detection System2018 (CSE-CICIDS2018) dataset to get the best potential results. When compared to typical machine learning methods published in the literature, HO-XGB outperforms them. The study shows that XGBoost outperforms other detection algorithms. We refined the HO-XGB model's hyperparameters, which included learning_rate, subsample, max_leaves, max_depth, gamma, colsample_bytree, min_child_weight, n_estimators, max_depth, and reg_alpha. The experimental findings reveal that HO-XGB1 outperforms multiple parameter settings for intrusion detection, effectively optimizing XGBoost's hyperparameters.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELijaia
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
A SURVEY ON THE USE OF DATA CLUSTERING FOR INTRUSION DETECTION SYSTEM IN CYBE...IJNSA Journal
In the present world, it is difficult to realize any computing application working on a standalone computing device without connecting it to the network. A large amount of data is transferred over the network from one device to another. As networking is expanding, security is becoming a major concern. Therefore, it has become important to maintain a high level of security to ensure that a safe and secure connection is established among the devices. An intrusion detection system (IDS) is therefore used to differentiate between the legitimate and illegitimate activities on the system. There are different techniques are used for detecting intrusions in the intrusion detection system. This paper presents the different clustering techniques that have been implemented by different researchers in their relevant articles. This survey was carried out on 30 papers and it presents what different datasets were used by different researchers and what evaluation metrics were used to evaluate the performance of IDS. This paper also highlights the pros and cons of each clustering technique used for IDS, which can be used as a basis for future work.
HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...IJNSA Journal
High-profile security breaches and attacks on many organization’s database have been on the increase and the consequences of this, are the adverse effect on the organizations in terms of financial loss and reputation. Many of the security breaches has been ascribed to the vulnerability of the organization’s networks, security policy and operations. Additionally, the emerging technology solutions like Internet-ofThings (IoT), Artificial Intelligence, and Cloud Computing, has extremely exposed many of the organizations to different forms of cyber-threats and attacks. Researchers and system designers have made attempts to proffer solution to some of these challenges. However, the efficacy of the techniques remains a great concern due to insufficient control mechanisms. For instance, many of the techniques are majorly based on a single mode encryption techniques which are not too robust to withstand the threats and attacks on organization’s database. To proffer solution to these challenges, the current research designed and integrated a hybridized data security model based on Secured Hash Analysis (SHA 512) and Salting Techniques to enhance the adeptness of the existing techniques. The Hash Analysis algorithm was used to map the data considered to a bit string of a fixed length and salt was added to the password strings essentially to hide its real hash value. The idea of adding salt to the end of the password is basically to complicate the password cracking process. The hybridized model was implemented in Windows environment using python 3.7 IDE platform and tested on a dedicated Local Area Network (LAN) that was exposed to threats from both internal and external sources. The results from the test show that the model performed well in terms of efficiency and robustness to attacks. The performance of the new model recorded a high level of improvement over the existing techniques with a recital of 97.6%.
Cyber Warfare is the current single greatest emerging threat to National Security. Network security has become an essential component of any computer network. As computer networks and systems become ever more fundamental to modern society, concerns about security has become increasingly important. There are a multitude of different applications open source and proprietary available for the protection +-system administrator, to decide on the most suitable format for their purpose requires knowledge of the available safety measures, their features and how they affect the quality of service, as well as the kind of data they will be allowing through un flagged. A majority of methods currently used to ensure the quality of a networks service are signature based. From this information, and details on the specifics of popular applications and their implementation methods, we have carried through the ideas, incorporating our own opinions, to formulate suggestions on how this could be done on a general level. The main objective was to design and develop an Intrusion Detection System. While the minor objectives were to; Design a port scanner to determine potential threats and mitigation techniques to withstand these attacks. Implement the system on a host and Run and test the designed IDS. In this project we set out to develop a Honey Pot IDS System. It would make it easy to listen on a range of ports and emulate a network protocol to track and identify any individuals trying to connect to your system. This IDS will use the following design approaches: Event correlation, Log analysis, Alerting, and policy enforcement. Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.
An intrusion detection system for packet and flow based networks using deep n...IJECEIAES
Study on deep neural networks and big data is merging now by several aspects to enhance the capabilities of intrusion detection system (IDS). Many IDS models has been introduced to provide security over big data. This study focuses on the intrusion detection in computer networks using big datasets. The advent of big data has agitated the comprehensive assistance in cyber security by forwarding a brunch of affluent algorithms to classify and analysis patterns and making a better prediction more efficiently. In this study, to detect intrusion a detection model has been propounded applying deep neural networks. We applied the suggested model on the latest dataset available at online, formatted with packet based, flow based data and some additional metadata. The dataset is labeled and imbalanced with 79 attributes and some classes having much less training samples compared to other classes. The proposed model is build using Keras and Google Tensorflow deep learning environment. Experimental result shows that intrusions are detected with the accuracy over 99% for both binary and multiclass classification with selected best features. Receiver operating characteristics (ROC) and precision-recall curve average score is also 1. The outcome implies that Deep Neural Networks offers a novel research model with great accuracy for intrusion detection model, better than some models presented in the literature.
AN EMPIRICAL STUDY ON CYBER SECURITY THREATS AND ATTACKSDaphne Smith
This document summarizes an empirical study on cyber security threats and attacks. It discusses recent trends in cyber attacks such as ransomware, advanced persistent threats, insider threats, malware, and botnets. It also examines vulnerabilities in critical infrastructure that can be exploited by attackers. The document provides examples of research analyzing specific cyber threats and vulnerabilities. It concludes that understanding cyber threats is important for protecting systems and networks, and that security policies and monitoring are needed to mitigate threats and safeguard systems.
Abstract—With the heightening reliance on Information Technology in recent times, it has becoming more relevant to find measures to secure every online device, data and information. A Network Intrusion Detection System (NIDS) is one of the security options to consider to help protect such devices, data and information. However, IDS needs to be up to date to mitigate current threats to secure systems. A critical issue in the development of the right IDS is the scarcity of current data sets used for training these IDS and the impact on system performance. This paper presents an On-demand Network Data Set Creation Application (ONDaSCA) a Graphical User Interface software capable of generating labelled network intrusion data set. ONDaSCA grants IDS users or researchers the option to choose a raw data set and processed this data set as output, real-time packet capture and offline upload of existing PCAP file and two (2) difference packet capturing methods (Tshark and Dumpcap). ONDaSCA is highly customisable and an IDS user or researcher can leverage its capabilities to suit their needs. The abilities of this software are compared with other similar products that generate data set for use by IDS model.
International Journal of Computer Science and Information Security,IJCSIS ISSN 1947-5500, Pittsburgh, PA, USA
Email: ijcsiseditor@gmail.com
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
Machine learning-based intrusion detection system for detecting web attacksIAESIJAI
The increasing use of smart devices results in a huge amount of data, which raises concerns about personal data, including health data and financial data. This data circulates on the network and can encounter network traffic at any time. This traffic can either be normal traffic or an intrusion created by hackers with the aim of injecting abnormal traffic into the network. Firewalls and traditional intrusion detection systems detect attacks based on signature patterns. However, this is not sufficient to detect advanced or unknown attacks. To detect different types of unknown attacks, the use of intelligent techniques is essential. In this paper, we analyse some machine learning techniques proposed in recent years. In this study, several classifications were made to detect anomalous behaviour in network traffic. The models were built and evaluated based on the Canadian Institute for Cybersecurity-intrusion detection systems dataset released in 2017 (CIC-IDS-2017), which includes both current and historical attacks. The experiments were conducted using decision tree, random forest, logistic regression, gaussian naïve bayes, adaptive boosting, and their ensemble approach. The models were evaluated using various evaluation metrics such as accuracy, precision, recall, F1-score, false positive rate, receiver operating characteristic curve, and calibration curve.
Trust Metric-Based Anomaly Detection Via Deep Deterministic Policy Gradient R...IJCNCJournal
Addressing real-time network security issues is paramount due to the rapidly expanding IoT jargon. The erratic rise in usage of inadequately secured IoT- based sensory devices like wearables of mobile users, autonomous vehicles, smartphones and appliances by a larger user community is fuelling the need for a trustable, super-performant security framework. An efficient anomaly detection system would aim to address the anomaly detection problem by devising a competent attack detection model. This paper delves into the Deep Deterministic Policy Gradient (DDPG) approach, a promising Reinforcement Learning platform to combat noisy sensor samples which are instigated by alarming network attacks. The authors propose an enhanced DDPG approach based on trust metrics and belief networks, referred to as Deep Deterministic Policy Gradient Belief Network (DDPG-BN). This deep-learning-based approach is projected as an algorithm to provide “Deep-Defense” to the plethora of network attacks. Confidence interval is chosen as the trust metric to decide on the termination of sensor sample collection. Once an enlisted attack is detected, the collection of samples from the particular sensor will automatically cease. The evaluations and results of the experiments highlight a better detection accuracy of 98.37% compared to its counterpart conventional DDPG implementation of 97.46%. The paper also covers the work based on a contemporary Deep Reinforcement Learning (DRL) algorithm, the Actor Critic (AC). The proposed deep learning binary classification model is validated using the NSL-KDD dataset and the performance is compared to a few deep learning implementations as well.
Trust Metric-Based Anomaly Detection via Deep Deterministic Policy Gradient R...IJCNCJournal
Addressing real-time network security issues is paramount due to the rapidly expanding IoT jargon. The erratic rise in usage of inadequately secured IoT- based sensory devices like wearables of mobile users, autonomous vehicles, smartphones and appliances by a larger user community is fuelling the need for a trustable, super-performant security framework. An efficient anomaly detection system would aim to address the anomaly detection problem by devising a competent attack detection model. This paper delves into the Deep Deterministic Policy Gradient (DDPG) approach, a promising Reinforcement Learning platform to combat noisy sensor samples which are instigated by alarming network attacks. The authors propose an enhanced DDPG approach based on trust metrics and belief networks, referred to as Deep Deterministic Policy Gradient Belief Network (DDPG-BN). This deep-learning-based approach is projected as an algorithm to provide “Deep-Defense” to the plethora of network attacks. Confidence interval is chosen as the trust metric to decide on the termination of sensor sample collection. Once an enlisted attack is detected, the collection of samples from the particular sensor will automatically cease. The evaluations and results of the experiments highlight a better detection accuracy of 98.37% compared to its counterpart conventional DDPG implementation of 97.46%. The paper also covers the work based on a contemporary Deep Reinforcement Learning (DRL) algorithm, the Actor Critic (AC). The proposed deep learning binary classification model is validated using the NSL-KDD dataset and the performance is compared to a few deep learning implementations as well.
Detecting network attacks model based on a convolutional neural network IJECEIAES
Due to the increasing use of networks at present, Internet systems have raised many security problems, and statistics indicate that the rate of attacks or intrusions has increased excessively annually, and in the event of any malicious attack on network vulnerabilities or information systems, it may lead to serious disasters, violating policies on network security, i.e., “confidentiality, integrity, and availability” (CIA). Therefore, many detection systems, such as the intrusion detection system, appeared. In this paper, we built a system that detects network attacks using the latest machine learning algorithms and a convolutional neural network based on a dataset of the CSE-CIC-IDS2018. It is a recent dataset that contains a set of common and recent attacks. The detection rate is 99.7%, distinguishing between aggressive attacks and natural assertiveness.
Comparison study of machine learning classifiers to detect anomalies IJECEIAES
In this era of Internet ensuring the confidentiality, authentication and integrity of any resource exchanged over the net is the imperative. Presence of intrusion prevention techniques like strong password, firewalls etc. are not sufficient to monitor such voluminous network traffic as they can be breached easily. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database.Thus, the need for real-time detection of aberrations is observed. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database. Machine learning classifiers are implemented here to learn how the values of various fields like source bytes, destination bytes etc. in a network packet decides if the packet is compromised or not . Finally the accuracy of their detection is compared to choose the best suited classifier for this purpose. The outcome thus produced may be useful to offer real time detection while exchanging sensitive information such as credit card details.
NETWORK INTRUSION DETECTION AND COUNTERMEASURE SELECTION IN VIRTUAL NETWORK (...ijsptm
Intrusion in a network or a system is a problem today as the trend of successful network attacks continue to
rise. Intruders can explore vulnerabilities of a network system to gain access in order to deploy some virus
or malware such as Denial of Service (DOS) attack. In this work, a frequency-based Intrusion Detection
System (IDS) is proposed to detect DOS attack. The frequency data is extracted from the time-series data
created by the traffic flow using Discrete Fourier Transform (DFT). An algorithm is developed for
anomaly-based intrusion detection with fewer false alarms which further detect known and unknown attack
signature in a network. The frequency of the traffic data of the virus or malware would be inconsistent with
the frequency of the legitimate traffic data. A Centralized Traffic Analyzer Intrusion Detection System
called CTA-IDS is introduced to further detect inside attackers in a network. The strategy is effective in
detecting abnormal content in the traffic data during information passing from one node to another and
also detects known attack signature and unknown attack. This approach is tested by running the artificial
network intrusion data in simulated networks using the Network Simulator2 (NS2) software.
Network Intrusion Detection And Countermeasure Selection In Virtual Network (...ClaraZara1
Intrusion in a network or a system is a problem today as the trend of successful network attacks continue to rise. Intruders can explore vulnerabilities of a network system to gain access in order to deploy some virus or malware such as Denial of Service (DOS) attack. In this work, a frequency-based Intrusion Detection System (IDS) is proposed to detect DOS attack. The frequency data is extracted from the time-series data created by the traffic flow using Discrete Fourier Transform (DFT). An algorithm is developed for anomaly-based intrusion detection with fewer false alarms which further detect known and unknown attack signature in a network. The frequency of the traffic data of the virus or malware would be inconsistent with the frequency of the legitimate traffic data. A Centralized Traffic Analyzer Intrusion Detection System called CTA-IDS is introduced to further detect inside attackers in a network. The strategy is effective in detecting abnormal content in the traffic data during information passing from one node to another and also detects known attack signature and unknown attack. This approach is tested by running the artificial network intrusion data in simulated networks using the Network Simulator2 (NS2) software.
This document summarizes a research paper on developing a honey pot intrusion detection system. The paper introduces cyber warfare as a growing threat and the need for effective network security. It then describes designing and implementing a honey pot IDS to detect potential threats on a host system by emulating network services and monitoring connections. The IDS would use event correlation, log analysis, alerting and policy enforcement. The document provides background on intrusions, IDS testing methodology, and reasons why only creating secure systems is not enough to prevent all intrusions.
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...ijtsrd
In today’s dynamic and technologically advanced world, the Internet has become one of the most innovative and rapidly growing technologies. With its rise, it has also become vulnerable to a significant increase in occurrences of cyber attacks, with detrimental effects. Typically, these cyber attacks are targeted at accessing, manipulating, or damaging confidential data, extracting users money, or extorting an organization’s or user’s private information. Sensitive information, whether intellectual property, financial data, confidential information, or other forms of private data are exposed to unauthorized access or disclosure, which can have adverse consequences. Protecting data has become one of the greatest obstacles today as cyber attacks are constantly escalating. Along with the growth of internet services and the advancement of information technology, the importance of cybersecurity is crucial. Cybersecurity aims to ensure that the security interests of the company and users assets are protected and preserved against relevant cyber threats in the digital world. The data and confidentiality of computing assets pertaining to the network of an organization are protected by cybersecurity. This paper mainly focuses on threats and issues in cybersecurity facing modern technologies. It also focuses on the latest cybersecurity strategies and developments that are transforming the face of cybersecurity. Omkar Veerendra Nikhal "An Analytical Study on Attacks and Threats in Cyber Security and its Evolving Trends on Modern Technologies" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd38195.pdf Paper URL : https://www.ijtsrd.com/computer-science/computer-security/38195/an-analytical-study-on-attacks-and-threats-in-cyber-security-and-its-evolving-trends-on-modern-technologies/omkar-veerendra-nikhal
Redefining brain tumor segmentation: a cutting-edge convolutional neural netw...IJECEIAES
Medical image analysis has witnessed significant advancements with deep learning techniques. In the domain of brain tumor segmentation, the ability to
precisely delineate tumor boundaries from magnetic resonance imaging (MRI)
scans holds profound implications for diagnosis. This study presents an ensemble convolutional neural network (CNN) with transfer learning, integrating
the state-of-the-art Deeplabv3+ architecture with the ResNet18 backbone. The
model is rigorously trained and evaluated, exhibiting remarkable performance
metrics, including an impressive global accuracy of 99.286%, a high-class accuracy of 82.191%, a mean intersection over union (IoU) of 79.900%, a weighted
IoU of 98.620%, and a Boundary F1 (BF) score of 83.303%. Notably, a detailed comparative analysis with existing methods showcases the superiority of
our proposed model. These findings underscore the model’s competence in precise brain tumor localization, underscoring its potential to revolutionize medical
image analysis and enhance healthcare outcomes. This research paves the way
for future exploration and optimization of advanced CNN models in medical
imaging, emphasizing addressing false positives and resource efficiency.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
More Related Content
Similar to Experimental analysis of intrusion detection systems using machine learning algorithms and artificial neural networks
Hyperparameters optimization XGBoost for network intrusion detection using CS...IAESIJAI
With the introduction of high-speed internet access, the demand for security and dependable networks has grown. In recent years, network attacks have gotten more complex and intense, making security a vital component of organizational information systems. Network intrusion detection systems (NIDS) have become an essential detection technology to protect data integrity and system availability against such attacks. NIDS is one of the most well-known areas of machine learning software in the security field, with machine learning algorithms constantly being developed to improve performance. This research focuses on detecting abnormalities in societal infiltration using the hyperparameters optimization XGBoost (HO-XGB) algorithm with the Communications Security Establishment-The Canadian Institute for Cybersecurity-Intrusion Detection System2018 (CSE-CICIDS2018) dataset to get the best potential results. When compared to typical machine learning methods published in the literature, HO-XGB outperforms them. The study shows that XGBoost outperforms other detection algorithms. We refined the HO-XGB model's hyperparameters, which included learning_rate, subsample, max_leaves, max_depth, gamma, colsample_bytree, min_child_weight, n_estimators, max_depth, and reg_alpha. The experimental findings reveal that HO-XGB1 outperforms multiple parameter settings for intrusion detection, effectively optimizing XGBoost's hyperparameters.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELijaia
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
A SURVEY ON THE USE OF DATA CLUSTERING FOR INTRUSION DETECTION SYSTEM IN CYBE...IJNSA Journal
In the present world, it is difficult to realize any computing application working on a standalone computing device without connecting it to the network. A large amount of data is transferred over the network from one device to another. As networking is expanding, security is becoming a major concern. Therefore, it has become important to maintain a high level of security to ensure that a safe and secure connection is established among the devices. An intrusion detection system (IDS) is therefore used to differentiate between the legitimate and illegitimate activities on the system. There are different techniques are used for detecting intrusions in the intrusion detection system. This paper presents the different clustering techniques that have been implemented by different researchers in their relevant articles. This survey was carried out on 30 papers and it presents what different datasets were used by different researchers and what evaluation metrics were used to evaluate the performance of IDS. This paper also highlights the pros and cons of each clustering technique used for IDS, which can be used as a basis for future work.
HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...IJNSA Journal
High-profile security breaches and attacks on many organization’s database have been on the increase and the consequences of this, are the adverse effect on the organizations in terms of financial loss and reputation. Many of the security breaches has been ascribed to the vulnerability of the organization’s networks, security policy and operations. Additionally, the emerging technology solutions like Internet-ofThings (IoT), Artificial Intelligence, and Cloud Computing, has extremely exposed many of the organizations to different forms of cyber-threats and attacks. Researchers and system designers have made attempts to proffer solution to some of these challenges. However, the efficacy of the techniques remains a great concern due to insufficient control mechanisms. For instance, many of the techniques are majorly based on a single mode encryption techniques which are not too robust to withstand the threats and attacks on organization’s database. To proffer solution to these challenges, the current research designed and integrated a hybridized data security model based on Secured Hash Analysis (SHA 512) and Salting Techniques to enhance the adeptness of the existing techniques. The Hash Analysis algorithm was used to map the data considered to a bit string of a fixed length and salt was added to the password strings essentially to hide its real hash value. The idea of adding salt to the end of the password is basically to complicate the password cracking process. The hybridized model was implemented in Windows environment using python 3.7 IDE platform and tested on a dedicated Local Area Network (LAN) that was exposed to threats from both internal and external sources. The results from the test show that the model performed well in terms of efficiency and robustness to attacks. The performance of the new model recorded a high level of improvement over the existing techniques with a recital of 97.6%.
Cyber Warfare is the current single greatest emerging threat to National Security. Network security has become an essential component of any computer network. As computer networks and systems become ever more fundamental to modern society, concerns about security has become increasingly important. There are a multitude of different applications open source and proprietary available for the protection +-system administrator, to decide on the most suitable format for their purpose requires knowledge of the available safety measures, their features and how they affect the quality of service, as well as the kind of data they will be allowing through un flagged. A majority of methods currently used to ensure the quality of a networks service are signature based. From this information, and details on the specifics of popular applications and their implementation methods, we have carried through the ideas, incorporating our own opinions, to formulate suggestions on how this could be done on a general level. The main objective was to design and develop an Intrusion Detection System. While the minor objectives were to; Design a port scanner to determine potential threats and mitigation techniques to withstand these attacks. Implement the system on a host and Run and test the designed IDS. In this project we set out to develop a Honey Pot IDS System. It would make it easy to listen on a range of ports and emulate a network protocol to track and identify any individuals trying to connect to your system. This IDS will use the following design approaches: Event correlation, Log analysis, Alerting, and policy enforcement. Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.
An intrusion detection system for packet and flow based networks using deep n...IJECEIAES
Study on deep neural networks and big data is merging now by several aspects to enhance the capabilities of intrusion detection system (IDS). Many IDS models has been introduced to provide security over big data. This study focuses on the intrusion detection in computer networks using big datasets. The advent of big data has agitated the comprehensive assistance in cyber security by forwarding a brunch of affluent algorithms to classify and analysis patterns and making a better prediction more efficiently. In this study, to detect intrusion a detection model has been propounded applying deep neural networks. We applied the suggested model on the latest dataset available at online, formatted with packet based, flow based data and some additional metadata. The dataset is labeled and imbalanced with 79 attributes and some classes having much less training samples compared to other classes. The proposed model is build using Keras and Google Tensorflow deep learning environment. Experimental result shows that intrusions are detected with the accuracy over 99% for both binary and multiclass classification with selected best features. Receiver operating characteristics (ROC) and precision-recall curve average score is also 1. The outcome implies that Deep Neural Networks offers a novel research model with great accuracy for intrusion detection model, better than some models presented in the literature.
AN EMPIRICAL STUDY ON CYBER SECURITY THREATS AND ATTACKSDaphne Smith
This document summarizes an empirical study on cyber security threats and attacks. It discusses recent trends in cyber attacks such as ransomware, advanced persistent threats, insider threats, malware, and botnets. It also examines vulnerabilities in critical infrastructure that can be exploited by attackers. The document provides examples of research analyzing specific cyber threats and vulnerabilities. It concludes that understanding cyber threats is important for protecting systems and networks, and that security policies and monitoring are needed to mitigate threats and safeguard systems.
Abstract—With the heightening reliance on Information Technology in recent times, it has becoming more relevant to find measures to secure every online device, data and information. A Network Intrusion Detection System (NIDS) is one of the security options to consider to help protect such devices, data and information. However, IDS needs to be up to date to mitigate current threats to secure systems. A critical issue in the development of the right IDS is the scarcity of current data sets used for training these IDS and the impact on system performance. This paper presents an On-demand Network Data Set Creation Application (ONDaSCA) a Graphical User Interface software capable of generating labelled network intrusion data set. ONDaSCA grants IDS users or researchers the option to choose a raw data set and processed this data set as output, real-time packet capture and offline upload of existing PCAP file and two (2) difference packet capturing methods (Tshark and Dumpcap). ONDaSCA is highly customisable and an IDS user or researcher can leverage its capabilities to suit their needs. The abilities of this software are compared with other similar products that generate data set for use by IDS model.
International Journal of Computer Science and Information Security,IJCSIS ISSN 1947-5500, Pittsburgh, PA, USA
Email: ijcsiseditor@gmail.com
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
Machine learning-based intrusion detection system for detecting web attacksIAESIJAI
The increasing use of smart devices results in a huge amount of data, which raises concerns about personal data, including health data and financial data. This data circulates on the network and can encounter network traffic at any time. This traffic can either be normal traffic or an intrusion created by hackers with the aim of injecting abnormal traffic into the network. Firewalls and traditional intrusion detection systems detect attacks based on signature patterns. However, this is not sufficient to detect advanced or unknown attacks. To detect different types of unknown attacks, the use of intelligent techniques is essential. In this paper, we analyse some machine learning techniques proposed in recent years. In this study, several classifications were made to detect anomalous behaviour in network traffic. The models were built and evaluated based on the Canadian Institute for Cybersecurity-intrusion detection systems dataset released in 2017 (CIC-IDS-2017), which includes both current and historical attacks. The experiments were conducted using decision tree, random forest, logistic regression, gaussian naïve bayes, adaptive boosting, and their ensemble approach. The models were evaluated using various evaluation metrics such as accuracy, precision, recall, F1-score, false positive rate, receiver operating characteristic curve, and calibration curve.
Trust Metric-Based Anomaly Detection Via Deep Deterministic Policy Gradient R...IJCNCJournal
Addressing real-time network security issues is paramount due to the rapidly expanding IoT jargon. The erratic rise in usage of inadequately secured IoT- based sensory devices like wearables of mobile users, autonomous vehicles, smartphones and appliances by a larger user community is fuelling the need for a trustable, super-performant security framework. An efficient anomaly detection system would aim to address the anomaly detection problem by devising a competent attack detection model. This paper delves into the Deep Deterministic Policy Gradient (DDPG) approach, a promising Reinforcement Learning platform to combat noisy sensor samples which are instigated by alarming network attacks. The authors propose an enhanced DDPG approach based on trust metrics and belief networks, referred to as Deep Deterministic Policy Gradient Belief Network (DDPG-BN). This deep-learning-based approach is projected as an algorithm to provide “Deep-Defense” to the plethora of network attacks. Confidence interval is chosen as the trust metric to decide on the termination of sensor sample collection. Once an enlisted attack is detected, the collection of samples from the particular sensor will automatically cease. The evaluations and results of the experiments highlight a better detection accuracy of 98.37% compared to its counterpart conventional DDPG implementation of 97.46%. The paper also covers the work based on a contemporary Deep Reinforcement Learning (DRL) algorithm, the Actor Critic (AC). The proposed deep learning binary classification model is validated using the NSL-KDD dataset and the performance is compared to a few deep learning implementations as well.
Trust Metric-Based Anomaly Detection via Deep Deterministic Policy Gradient R...IJCNCJournal
Addressing real-time network security issues is paramount due to the rapidly expanding IoT jargon. The erratic rise in usage of inadequately secured IoT- based sensory devices like wearables of mobile users, autonomous vehicles, smartphones and appliances by a larger user community is fuelling the need for a trustable, super-performant security framework. An efficient anomaly detection system would aim to address the anomaly detection problem by devising a competent attack detection model. This paper delves into the Deep Deterministic Policy Gradient (DDPG) approach, a promising Reinforcement Learning platform to combat noisy sensor samples which are instigated by alarming network attacks. The authors propose an enhanced DDPG approach based on trust metrics and belief networks, referred to as Deep Deterministic Policy Gradient Belief Network (DDPG-BN). This deep-learning-based approach is projected as an algorithm to provide “Deep-Defense” to the plethora of network attacks. Confidence interval is chosen as the trust metric to decide on the termination of sensor sample collection. Once an enlisted attack is detected, the collection of samples from the particular sensor will automatically cease. The evaluations and results of the experiments highlight a better detection accuracy of 98.37% compared to its counterpart conventional DDPG implementation of 97.46%. The paper also covers the work based on a contemporary Deep Reinforcement Learning (DRL) algorithm, the Actor Critic (AC). The proposed deep learning binary classification model is validated using the NSL-KDD dataset and the performance is compared to a few deep learning implementations as well.
Detecting network attacks model based on a convolutional neural network IJECEIAES
Due to the increasing use of networks at present, Internet systems have raised many security problems, and statistics indicate that the rate of attacks or intrusions has increased excessively annually, and in the event of any malicious attack on network vulnerabilities or information systems, it may lead to serious disasters, violating policies on network security, i.e., “confidentiality, integrity, and availability” (CIA). Therefore, many detection systems, such as the intrusion detection system, appeared. In this paper, we built a system that detects network attacks using the latest machine learning algorithms and a convolutional neural network based on a dataset of the CSE-CIC-IDS2018. It is a recent dataset that contains a set of common and recent attacks. The detection rate is 99.7%, distinguishing between aggressive attacks and natural assertiveness.
Comparison study of machine learning classifiers to detect anomalies IJECEIAES
In this era of Internet ensuring the confidentiality, authentication and integrity of any resource exchanged over the net is the imperative. Presence of intrusion prevention techniques like strong password, firewalls etc. are not sufficient to monitor such voluminous network traffic as they can be breached easily. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database.Thus, the need for real-time detection of aberrations is observed. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database. Machine learning classifiers are implemented here to learn how the values of various fields like source bytes, destination bytes etc. in a network packet decides if the packet is compromised or not . Finally the accuracy of their detection is compared to choose the best suited classifier for this purpose. The outcome thus produced may be useful to offer real time detection while exchanging sensitive information such as credit card details.
NETWORK INTRUSION DETECTION AND COUNTERMEASURE SELECTION IN VIRTUAL NETWORK (...ijsptm
Intrusion in a network or a system is a problem today as the trend of successful network attacks continue to
rise. Intruders can explore vulnerabilities of a network system to gain access in order to deploy some virus
or malware such as Denial of Service (DOS) attack. In this work, a frequency-based Intrusion Detection
System (IDS) is proposed to detect DOS attack. The frequency data is extracted from the time-series data
created by the traffic flow using Discrete Fourier Transform (DFT). An algorithm is developed for
anomaly-based intrusion detection with fewer false alarms which further detect known and unknown attack
signature in a network. The frequency of the traffic data of the virus or malware would be inconsistent with
the frequency of the legitimate traffic data. A Centralized Traffic Analyzer Intrusion Detection System
called CTA-IDS is introduced to further detect inside attackers in a network. The strategy is effective in
detecting abnormal content in the traffic data during information passing from one node to another and
also detects known attack signature and unknown attack. This approach is tested by running the artificial
network intrusion data in simulated networks using the Network Simulator2 (NS2) software.
Network Intrusion Detection And Countermeasure Selection In Virtual Network (...ClaraZara1
Intrusion in a network or a system is a problem today as the trend of successful network attacks continue to rise. Intruders can explore vulnerabilities of a network system to gain access in order to deploy some virus or malware such as Denial of Service (DOS) attack. In this work, a frequency-based Intrusion Detection System (IDS) is proposed to detect DOS attack. The frequency data is extracted from the time-series data created by the traffic flow using Discrete Fourier Transform (DFT). An algorithm is developed for anomaly-based intrusion detection with fewer false alarms which further detect known and unknown attack signature in a network. The frequency of the traffic data of the virus or malware would be inconsistent with the frequency of the legitimate traffic data. A Centralized Traffic Analyzer Intrusion Detection System called CTA-IDS is introduced to further detect inside attackers in a network. The strategy is effective in detecting abnormal content in the traffic data during information passing from one node to another and also detects known attack signature and unknown attack. This approach is tested by running the artificial network intrusion data in simulated networks using the Network Simulator2 (NS2) software.
This document summarizes a research paper on developing a honey pot intrusion detection system. The paper introduces cyber warfare as a growing threat and the need for effective network security. It then describes designing and implementing a honey pot IDS to detect potential threats on a host system by emulating network services and monitoring connections. The IDS would use event correlation, log analysis, alerting and policy enforcement. The document provides background on intrusions, IDS testing methodology, and reasons why only creating secure systems is not enough to prevent all intrusions.
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...ijtsrd
In today’s dynamic and technologically advanced world, the Internet has become one of the most innovative and rapidly growing technologies. With its rise, it has also become vulnerable to a significant increase in occurrences of cyber attacks, with detrimental effects. Typically, these cyber attacks are targeted at accessing, manipulating, or damaging confidential data, extracting users money, or extorting an organization’s or user’s private information. Sensitive information, whether intellectual property, financial data, confidential information, or other forms of private data are exposed to unauthorized access or disclosure, which can have adverse consequences. Protecting data has become one of the greatest obstacles today as cyber attacks are constantly escalating. Along with the growth of internet services and the advancement of information technology, the importance of cybersecurity is crucial. Cybersecurity aims to ensure that the security interests of the company and users assets are protected and preserved against relevant cyber threats in the digital world. The data and confidentiality of computing assets pertaining to the network of an organization are protected by cybersecurity. This paper mainly focuses on threats and issues in cybersecurity facing modern technologies. It also focuses on the latest cybersecurity strategies and developments that are transforming the face of cybersecurity. Omkar Veerendra Nikhal "An Analytical Study on Attacks and Threats in Cyber Security and its Evolving Trends on Modern Technologies" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd38195.pdf Paper URL : https://www.ijtsrd.com/computer-science/computer-security/38195/an-analytical-study-on-attacks-and-threats-in-cyber-security-and-its-evolving-trends-on-modern-technologies/omkar-veerendra-nikhal
Similar to Experimental analysis of intrusion detection systems using machine learning algorithms and artificial neural networks (20)
Redefining brain tumor segmentation: a cutting-edge convolutional neural netw...IJECEIAES
Medical image analysis has witnessed significant advancements with deep learning techniques. In the domain of brain tumor segmentation, the ability to
precisely delineate tumor boundaries from magnetic resonance imaging (MRI)
scans holds profound implications for diagnosis. This study presents an ensemble convolutional neural network (CNN) with transfer learning, integrating
the state-of-the-art Deeplabv3+ architecture with the ResNet18 backbone. The
model is rigorously trained and evaluated, exhibiting remarkable performance
metrics, including an impressive global accuracy of 99.286%, a high-class accuracy of 82.191%, a mean intersection over union (IoU) of 79.900%, a weighted
IoU of 98.620%, and a Boundary F1 (BF) score of 83.303%. Notably, a detailed comparative analysis with existing methods showcases the superiority of
our proposed model. These findings underscore the model’s competence in precise brain tumor localization, underscoring its potential to revolutionize medical
image analysis and enhance healthcare outcomes. This research paves the way
for future exploration and optimization of advanced CNN models in medical
imaging, emphasizing addressing false positives and resource efficiency.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
Advanced control scheme of doubly fed induction generator for wind turbine us...IJECEIAES
This paper describes a speed control device for generating electrical energy on an electricity network based on the doubly fed induction generator (DFIG) used for wind power conversion systems. At first, a double-fed induction generator model was constructed. A control law is formulated to govern the flow of energy between the stator of a DFIG and the energy network using three types of controllers: proportional integral (PI), sliding mode controller (SMC) and second order sliding mode controller (SOSMC). Their different results in terms of power reference tracking, reaction to unexpected speed fluctuations, sensitivity to perturbations, and resilience against machine parameter alterations are compared. MATLAB/Simulink was used to conduct the simulations for the preceding study. Multiple simulations have shown very satisfying results, and the investigations demonstrate the efficacy and power-enhancing capabilities of the suggested control system.
Neural network optimizer of proportional-integral-differential controller par...IJECEIAES
Wide application of proportional-integral-differential (PID)-regulator in industry requires constant improvement of methods of its parameters adjustment. The paper deals with the issues of optimization of PID-regulator parameters with the use of neural network technology methods. A methodology for choosing the architecture (structure) of neural network optimizer is proposed, which consists in determining the number of layers, the number of neurons in each layer, as well as the form and type of activation function. Algorithms of neural network training based on the application of the method of minimizing the mismatch between the regulated value and the target value are developed. The method of back propagation of gradients is proposed to select the optimal training rate of neurons of the neural network. The neural network optimizer, which is a superstructure of the linear PID controller, allows increasing the regulation accuracy from 0.23 to 0.09, thus reducing the power consumption from 65% to 53%. The results of the conducted experiments allow us to conclude that the created neural superstructure may well become a prototype of an automatic voltage regulator (AVR)-type industrial controller for tuning the parameters of the PID controller.
An improved modulation technique suitable for a three level flying capacitor ...IJECEIAES
This research paper introduces an innovative modulation technique for controlling a 3-level flying capacitor multilevel inverter (FCMLI), aiming to streamline the modulation process in contrast to conventional methods. The proposed
simplified modulation technique paves the way for more straightforward and
efficient control of multilevel inverters, enabling their widespread adoption and
integration into modern power electronic systems. Through the amalgamation of
sinusoidal pulse width modulation (SPWM) with a high-frequency square wave
pulse, this controlling technique attains energy equilibrium across the coupling
capacitor. The modulation scheme incorporates a simplified switching pattern
and a decreased count of voltage references, thereby simplifying the control
algorithm.
A review on features and methods of potential fishing zoneIJECEIAES
This review focuses on the importance of identifying potential fishing zones in seawater for sustainable fishing practices. It explores features like sea surface temperature (SST) and sea surface height (SSH), along with classification methods such as classifiers. The features like SST, SSH, and different classifiers used to classify the data, have been figured out in this review study. This study underscores the importance of examining potential fishing zones using advanced analytical techniques. It thoroughly explores the methodologies employed by researchers, covering both past and current approaches. The examination centers on data characteristics and the application of classification algorithms for classification of potential fishing zones. Furthermore, the prediction of potential fishing zones relies significantly on the effectiveness of classification algorithms. Previous research has assessed the performance of models like support vector machines, naïve Bayes, and artificial neural networks (ANN). In the previous result, the results of support vector machine (SVM) were 97.6% more accurate than naive Bayes's 94.2% to classify test data for fisheries classification. By considering the recent works in this area, several recommendations for future works are presented to further improve the performance of the potential fishing zone models, which is important to the fisheries community.
Electrical signal interference minimization using appropriate core material f...IJECEIAES
As demand for smaller, quicker, and more powerful devices rises, Moore's law is strictly followed. The industry has worked hard to make little devices that boost productivity. The goal is to optimize device density. Scientists are reducing connection delays to improve circuit performance. This helped them understand three-dimensional integrated circuit (3D IC) concepts, which stack active devices and create vertical connections to diminish latency and lower interconnects. Electrical involvement is a big worry with 3D integrates circuits. Researchers have developed and tested through silicon via (TSV) and substrates to decrease electrical wave involvement. This study illustrates a novel noise coupling reduction method using several electrical involvement models. A 22% drop in electrical involvement from wave-carrying to victim TSVs introduces this new paradigm and improves system performance even at higher THz frequencies.
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...IJECEIAES
Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network
Bibliometric analysis highlighting the role of women in addressing climate ch...IJECEIAES
Fossil fuel consumption increased quickly, contributing to climate change
that is evident in unusual flooding and draughts, and global warming. Over
the past ten years, women's involvement in society has grown dramatically,
and they succeeded in playing a noticeable role in reducing climate change.
A bibliometric analysis of data from the last ten years has been carried out to
examine the role of women in addressing the climate change. The analysis's
findings discussed the relevant to the sustainable development goals (SDGs),
particularly SDG 7 and SDG 13. The results considered contributions made
by women in the various sectors while taking geographic dispersion into
account. The bibliometric analysis delves into topics including women's
leadership in environmental groups, their involvement in policymaking, their
contributions to sustainable development projects, and the influence of
gender diversity on attempts to mitigate climate change. This study's results
highlight how women have influenced policies and actions related to climate
change, point out areas of research deficiency and recommendations on how
to increase role of the women in addressing the climate change and
achieving sustainability. To achieve more successful results, this initiative
aims to highlight the significance of gender equality and encourage
inclusivity in climate change decision-making processes.
Voltage and frequency control of microgrid in presence of micro-turbine inter...IJECEIAES
The active and reactive load changes have a significant impact on voltage
and frequency. In this paper, in order to stabilize the microgrid (MG) against
load variations in islanding mode, the active and reactive power of all
distributed generators (DGs), including energy storage (battery), diesel
generator, and micro-turbine, are controlled. The micro-turbine generator is
connected to MG through a three-phase to three-phase matrix converter, and
the droop control method is applied for controlling the voltage and
frequency of MG. In addition, a method is introduced for voltage and
frequency control of micro-turbines in the transition state from gridconnected mode to islanding mode. A novel switching strategy of the matrix
converter is used for converting the high-frequency output voltage of the
micro-turbine to the grid-side frequency of the utility system. Moreover,
using the switching strategy, the low-order harmonics in the output current
and voltage are not produced, and consequently, the size of the output filter
would be reduced. In fact, the suggested control strategy is load-independent
and has no frequency conversion restrictions. The proposed approach for
voltage and frequency regulation demonstrates exceptional performance and
favorable response across various load alteration scenarios. The suggested
strategy is examined in several scenarios in the MG test systems, and the
simulation results are addressed.
Enhancing battery system identification: nonlinear autoregressive modeling fo...IJECEIAES
Precisely characterizing Li-ion batteries is essential for optimizing their
performance, enhancing safety, and prolonging their lifespan across various
applications, such as electric vehicles and renewable energy systems. This
article introduces an innovative nonlinear methodology for system
identification of a Li-ion battery, employing a nonlinear autoregressive with
exogenous inputs (NARX) model. The proposed approach integrates the
benefits of nonlinear modeling with the adaptability of the NARX structure,
facilitating a more comprehensive representation of the intricate
electrochemical processes within the battery. Experimental data collected
from a Li-ion battery operating under diverse scenarios are employed to
validate the effectiveness of the proposed methodology. The identified
NARX model exhibits superior accuracy in predicting the battery's behavior
compared to traditional linear models. This study underscores the
importance of accounting for nonlinearities in battery modeling, providing
insights into the intricate relationships between state-of-charge, voltage, and
current under dynamic conditions.
Smart grid deployment: from a bibliometric analysis to a surveyIJECEIAES
Smart grids are one of the last decades' innovations in electrical energy.
They bring relevant advantages compared to the traditional grid and
significant interest from the research community. Assessing the field's
evolution is essential to propose guidelines for facing new and future smart
grid challenges. In addition, knowing the main technologies involved in the
deployment of smart grids (SGs) is important to highlight possible
shortcomings that can be mitigated by developing new tools. This paper
contributes to the research trends mentioned above by focusing on two
objectives. First, a bibliometric analysis is presented to give an overview of
the current research level about smart grid deployment. Second, a survey of
the main technological approaches used for smart grid implementation and
their contributions are highlighted. To that effect, we searched the Web of
Science (WoS), and the Scopus databases. We obtained 5,663 documents
from WoS and 7,215 from Scopus on smart grid implementation or
deployment. With the extraction limitation in the Scopus database, 5,872 of
the 7,215 documents were extracted using a multi-step process. These two
datasets have been analyzed using a bibliometric tool called bibliometrix.
The main outputs are presented with some recommendations for future
research.
Use of analytical hierarchy process for selecting and prioritizing islanding ...IJECEIAES
One of the problems that are associated to power systems is islanding
condition, which must be rapidly and properly detected to prevent any
negative consequences on the system's protection, stability, and security.
This paper offers a thorough overview of several islanding detection
strategies, which are divided into two categories: classic approaches,
including local and remote approaches, and modern techniques, including
techniques based on signal processing and computational intelligence.
Additionally, each approach is compared and assessed based on several
factors, including implementation costs, non-detected zones, declining
power quality, and response times using the analytical hierarchy process
(AHP). The multi-criteria decision-making analysis shows that the overall
weight of passive methods (24.7%), active methods (7.8%), hybrid methods
(5.6%), remote methods (14.5%), signal processing-based methods (26.6%),
and computational intelligent-based methods (20.8%) based on the
comparison of all criteria together. Thus, it can be seen from the total weight
that hybrid approaches are the least suitable to be chosen, while signal
processing-based methods are the most appropriate islanding detection
method to be selected and implemented in power system with respect to the
aforementioned factors. Using Expert Choice software, the proposed
hierarchy model is studied and examined.
Enhancing of single-stage grid-connected photovoltaic system using fuzzy logi...IJECEIAES
The power generated by photovoltaic (PV) systems is influenced by
environmental factors. This variability hampers the control and utilization of
solar cells' peak output. In this study, a single-stage grid-connected PV
system is designed to enhance power quality. Our approach employs fuzzy
logic in the direct power control (DPC) of a three-phase voltage source
inverter (VSI), enabling seamless integration of the PV connected to the
grid. Additionally, a fuzzy logic-based maximum power point tracking
(MPPT) controller is adopted, which outperforms traditional methods like
incremental conductance (INC) in enhancing solar cell efficiency and
minimizing the response time. Moreover, the inverter's real-time active and
reactive power is directly managed to achieve a unity power factor (UPF).
The system's performance is assessed through MATLAB/Simulink
implementation, showing marked improvement over conventional methods,
particularly in steady-state and varying weather conditions. For solar
irradiances of 500 and 1,000 W/m2
, the results show that the proposed
method reduces the total harmonic distortion (THD) of the injected current
to the grid by approximately 46% and 38% compared to conventional
methods, respectively. Furthermore, we compare the simulation results with
IEEE standards to evaluate the system's grid compatibility.
Enhancing photovoltaic system maximum power point tracking with fuzzy logic-b...IJECEIAES
Photovoltaic systems have emerged as a promising energy resource that
caters to the future needs of society, owing to their renewable, inexhaustible,
and cost-free nature. The power output of these systems relies on solar cell
radiation and temperature. In order to mitigate the dependence on
atmospheric conditions and enhance power tracking, a conventional
approach has been improved by integrating various methods. To optimize
the generation of electricity from solar systems, the maximum power point
tracking (MPPT) technique is employed. To overcome limitations such as
steady-state voltage oscillations and improve transient response, two
traditional MPPT methods, namely fuzzy logic controller (FLC) and perturb
and observe (P&O), have been modified. This research paper aims to
simulate and validate the step size of the proposed modified P&O and FLC
techniques within the MPPT algorithm using MATLAB/Simulink for
efficient power tracking in photovoltaic systems.
Adaptive synchronous sliding control for a robot manipulator based on neural ...IJECEIAES
Robot manipulators have become important equipment in production lines, medical fields, and transportation. Improving the quality of trajectory tracking for
robot hands is always an attractive topic in the research community. This is a
challenging problem because robot manipulators are complex nonlinear systems
and are often subject to fluctuations in loads and external disturbances. This
article proposes an adaptive synchronous sliding control scheme to improve trajectory tracking performance for a robot manipulator. The proposed controller
ensures that the positions of the joints track the desired trajectory, synchronize
the errors, and significantly reduces chattering. First, the synchronous tracking
errors and synchronous sliding surfaces are presented. Second, the synchronous
tracking error dynamics are determined. Third, a robust adaptive control law is
designed,the unknown components of the model are estimated online by the neural network, and the parameters of the switching elements are selected by fuzzy
logic. The built algorithm ensures that the tracking and approximation errors
are ultimately uniformly bounded (UUB). Finally, the effectiveness of the constructed algorithm is demonstrated through simulation and experimental results.
Simulation and experimental results show that the proposed controller is effective with small synchronous tracking errors, and the chattering phenomenon is
significantly reduced.
Remote field-programmable gate array laboratory for signal acquisition and de...IJECEIAES
A remote laboratory utilizing field-programmable gate array (FPGA) technologies enhances students’ learning experience anywhere and anytime in embedded system design. Existing remote laboratories prioritize hardware access and visual feedback for observing board behavior after programming, neglecting comprehensive debugging tools to resolve errors that require internal signal acquisition. This paper proposes a novel remote embeddedsystem design approach targeting FPGA technologies that are fully interactive via a web-based platform. Our solution provides FPGA board access and debugging capabilities beyond the visual feedback provided by existing remote laboratories. We implemented a lab module that allows users to seamlessly incorporate into their FPGA design. The module minimizes hardware resource utilization while enabling the acquisition of a large number of data samples from the signal during the experiments by adaptively compressing the signal prior to data transmission. The results demonstrate an average compression ratio of 2.90 across three benchmark signals, indicating efficient signal acquisition and effective debugging and analysis. This method allows users to acquire more data samples than conventional methods. The proposed lab allows students to remotely test and debug their designs, bridging the gap between theory and practice in embedded system design.
Detecting and resolving feature envy through automated machine learning and m...IJECEIAES
Efficiently identifying and resolving code smells enhances software project quality. This paper presents a novel solution, utilizing automated machine learning (AutoML) techniques, to detect code smells and apply move method refactoring. By evaluating code metrics before and after refactoring, we assessed its impact on coupling, complexity, and cohesion. Key contributions of this research include a unique dataset for code smell classification and the development of models using AutoGluon for optimal performance. Furthermore, the study identifies the top 20 influential features in classifying feature envy, a well-known code smell, stemming from excessive reliance on external classes. We also explored how move method refactoring addresses feature envy, revealing reduced coupling and complexity, and improved cohesion, ultimately enhancing code quality. In summary, this research offers an empirical, data-driven approach, integrating AutoML and move method refactoring to optimize software project quality. Insights gained shed light on the benefits of refactoring on code quality and the significance of specific features in detecting feature envy. Future research can expand to explore additional refactoring techniques and a broader range of code metrics, advancing software engineering practices and standards.
Smart monitoring technique for solar cell systems using internet of things ba...IJECEIAES
Rapidly and remotely monitoring and receiving the solar cell systems status parameters, solar irradiance, temperature, and humidity, are critical issues in enhancement their efficiency. Hence, in the present article an improved smart prototype of internet of things (IoT) technique based on embedded system through NodeMCU ESP8266 (ESP-12E) was carried out experimentally. Three different regions at Egypt; Luxor, Cairo, and El-Beheira cities were chosen to study their solar irradiance profile, temperature, and humidity by the proposed IoT system. The monitoring data of solar irradiance, temperature, and humidity were live visualized directly by Ubidots through hypertext transfer protocol (HTTP) protocol. The measured solar power radiation in Luxor, Cairo, and El-Beheira ranged between 216-1000, 245-958, and 187-692 W/m 2 respectively during the solar day. The accuracy and rapidity of obtaining monitoring results using the proposed IoT system made it a strong candidate for application in monitoring solar cell systems. On the other hand, the obtained solar power radiation results of the three considered regions strongly candidate Luxor and Cairo as suitable places to build up a solar cells system station rather than El-Beheira.
An efficient security framework for intrusion detection and prevention in int...IJECEIAES
Over the past few years, the internet of things (IoT) has advanced to connect billions of smart devices to improve quality of life. However, anomalies or malicious intrusions pose several security loopholes, leading to performance degradation and threat to data security in IoT operations. Thereby, IoT security systems must keep an eye on and restrict unwanted events from occurring in the IoT network. Recently, various technical solutions based on machine learning (ML) models have been derived towards identifying and restricting unwanted events in IoT. However, most ML-based approaches are prone to miss-classification due to inappropriate feature selection. Additionally, most ML approaches applied to intrusion detection and prevention consider supervised learning, which requires a large amount of labeled data to be trained. Consequently, such complex datasets are impossible to source in a large network like IoT. To address this problem, this proposed study introduces an efficient learning mechanism to strengthen the IoT security aspects. The proposed algorithm incorporates supervised and unsupervised approaches to improve the learning models for intrusion detection and mitigation. Compared with the related works, the experimental outcome shows that the model performs well in a benchmark dataset. It accomplishes an improved detection accuracy of approximately 99.21%.
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...shadow0702a
This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL.
The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process.
The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging.
It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal.
Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages.
Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.
Introduction- e - waste – definition - sources of e-waste– hazardous substances in e-waste - effects of e-waste on environment and human health- need for e-waste management– e-waste handling rules - waste minimization techniques for managing e-waste – recycling of e-waste - disposal treatment methods of e- waste – mechanism of extraction of precious metal from leaching solution-global Scenario of E-waste – E-waste in India- case studies.
Gas agency management system project report.pdfKamal Acharya
The project entitled "Gas Agency" is done to make the manual process easier by making it a computerized system for billing and maintaining stock. The Gas Agencies get the order request through phone calls or by personal from their customers and deliver the gas cylinders to their address based on their demand and previous delivery date. This process is made computerized and the customer's name, address and stock details are stored in a database. Based on this the billing for a customer is made simple and easier, since a customer order for gas can be accepted only after completing a certain period from the previous delivery. This can be calculated and billed easily through this. There are two types of delivery like domestic purpose use delivery and commercial purpose use delivery. The bill rate and capacity differs for both. This can be easily maintained and charged accordingly.
Comparative analysis between traditional aquaponics and reconstructed aquapon...bijceesjournal
The aquaponic system of planting is a method that does not require soil usage. It is a method that only needs water, fish, lava rocks (a substitute for soil), and plants. Aquaponic systems are sustainable and environmentally friendly. Its use not only helps to plant in small spaces but also helps reduce artificial chemical use and minimizes excess water use, as aquaponics consumes 90% less water than soil-based gardening. The study applied a descriptive and experimental design to assess and compare conventional and reconstructed aquaponic methods for reproducing tomatoes. The researchers created an observation checklist to determine the significant factors of the study. The study aims to determine the significant difference between traditional aquaponics and reconstructed aquaponics systems propagating tomatoes in terms of height, weight, girth, and number of fruits. The reconstructed aquaponics system’s higher growth yield results in a much more nourished crop than the traditional aquaponics system. It is superior in its number of fruits, height, weight, and girth measurement. Moreover, the reconstructed aquaponics system is proven to eliminate all the hindrances present in the traditional aquaponics system, which are overcrowding of fish, algae growth, pest problems, contaminated water, and dead fish.
Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...PriyankaKilaniya
Energy efficiency has been important since the latter part of the last century. The main object of this survey is to determine the energy efficiency knowledge among consumers. Two separate districts in Bangladesh are selected to conduct the survey on households and showrooms about the energy and seller also. The survey uses the data to find some regression equations from which it is easy to predict energy efficiency knowledge. The data is analyzed and calculated based on five important criteria. The initial target was to find some factors that help predict a person's energy efficiency knowledge. From the survey, it is found that the energy efficiency awareness among the people of our country is very low. Relationships between household energy use behaviors are estimated using a unique dataset of about 40 households and 20 showrooms in Bangladesh's Chapainawabganj and Bagerhat districts. Knowledge of energy consumption and energy efficiency technology options is found to be associated with household use of energy conservation practices. Household characteristics also influence household energy use behavior. Younger household cohorts are more likely to adopt energy-efficient technologies and energy conservation practices and place primary importance on energy saving for environmental reasons. Education also influences attitudes toward energy conservation in Bangladesh. Low-education households indicate they primarily save electricity for the environment while high-education households indicate they are motivated by environmental concerns.
Design and optimization of ion propulsion dronebjmsejournal
Electric propulsion technology is widely used in many kinds of vehicles in recent years, and aircrafts are no exception. Technically, UAVs are electrically propelled but tend to produce a significant amount of noise and vibrations. Ion propulsion technology for drones is a potential solution to this problem. Ion propulsion technology is proven to be feasible in the earth’s atmosphere. The study presented in this article shows the design of EHD thrusters and power supply for ion propulsion drones along with performance optimization of high-voltage power supply for endurance in earth’s atmosphere.
Software Engineering and Project Management - Software Testing + Agile Method...Prakhyath Rai
Software Testing: A Strategic Approach to Software Testing, Strategic Issues, Test Strategies for Conventional Software, Test Strategies for Object -Oriented Software, Validation Testing, System Testing, The Art of Debugging.
Agile Methodology: Before Agile – Waterfall, Agile Development.
Software Engineering and Project Management - Introduction, Modeling Concepts...Prakhyath Rai
Introduction, Modeling Concepts and Class Modeling: What is Object orientation? What is OO development? OO Themes; Evidence for usefulness of OO development; OO modeling history. Modeling
as Design technique: Modeling, abstraction, The Three models. Class Modeling: Object and Class Concept, Link and associations concepts, Generalization and Inheritance, A sample class model, Navigation of class models, and UML diagrams
Building the Analysis Models: Requirement Analysis, Analysis Model Approaches, Data modeling Concepts, Object Oriented Analysis, Scenario-Based Modeling, Flow-Oriented Modeling, class Based Modeling, Creating a Behavioral Model.
Mechanical Engineering on AAI Summer Training Report-003.pdf
Experimental analysis of intrusion detection systems using machine learning algorithms and artificial neural networks
1. International Journal of Electrical and Computer Engineering (IJECE)
Vol. 14, No. 1, February 2024, pp. 983~992
ISSN: 2088-8708, DOI: 10.11591/ijece.v14i1.pp983-992 983
Journal homepage: http://ijece.iaescore.com
Experimental analysis of intrusion detection systems using
machine learning algorithms and artificial neural networks
Ademola Abdulkareem1
, Tobiloba Emmanuel Somefun1
, Adesina Lambe Mutalub2
,
Adewale Adeyinka1
1
Department of Electrical and Information Engineering, Covenant University, Ota, Nigeria
2
Department of Electrical and Computer Engineering, Kwara State University, Kwara State, Nigeria
Article Info ABSTRACT
Article history:
Received Oct 3, 2022
Revised Mar 15, 2023
Accepted Apr 3, 2023
Since the invention of the internet for military and academic research
purposes, it has evolved to meet the demands of the increasing number of
users on the network, who have their scope beyond military and academics.
As the scope of the network expanded maintaining its security became a
matter of increasing importance. With various users and interconnections of
more diversified networks, the internet needs to be maintained as securely as
possible for the transmission of sensitive information to be one hundred per
cent safe; several anomalies may intrude on private networks. Several
research works have been released around network security and this research
seeks to add to the already existing body of knowledge by expounding on
these attacks, proffering efficient measures to detect network intrusions, and
introducing an ensemble classifier: a combination of 3 different machine
learning algorithms. An ensemble classifier is used for detecting remote to
local (R2L) attacks, which showed the lowest level of accuracy when the
network dataset is tested using single machine learning models but the
ensemble classifier gives an overall efficiency of 99.8%.
Keywords:
Artificial neural
Ensemble classifier
Intrusion detection system
Machine learning
Networks attack
This is an open access article under the CC BY-SA license.
Corresponding Author:
Tobiloba Emmanuel Somefun
Department of Electrical and Information Engineering, Covenant University
Canaan Land, KM 10, Idiroko Rood, P. M. B. 1023, Ota, Ogun State, Nigeria
Email: tobi.shomefun@covenantuniversity.edu.ng
1. INTRODUCTION
Access to the internet is very crucial to every business and individual in the 21st
century [1], [2]. It is
nearly impossible to compete in today’s business world without staying connected to the world and
customers. Staying connected to the internet is advantageous in the business world, but these advantages are
not equipped to eliminate the accompanying threats, and it would be a disaster in this 21st
century cyber-age
and cyberspace if the power of a single click on the internet is ever underestimated [3], [4]. The possibility of
these threats gave rise to the need for protective measures on the internet [5], [6]. Many confidential
transactions occur every second. These exchanges on the web give an approach to unfrosted gatherings
outside to obtain entrance into an organization’s private organization and mess with the inside climate, data,
assets, and structure. Network security helps us maintain the authorized access of data from hackers and
authenticated data transfers, and we achieve the security of the network when a firewall is installed and
turned ON.
With the rise in internet and network use [7], the need for security has become tantamount to user’s
convictions and interest to perform sensitive functions and activities on the internet or any cloud-based
network system [8]–[10]. As the internet evolves, likewise the various malicious software hosted on the
network and the attacks have become increasingly sophisticated [11]. In a 2017 report released by Symantec,
2. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 14, No. 1, February 2024: 983-992
984
on internet security threat, it recorded over three billion zero-day assaults in 2016, this implied that the
assaults were gaining popularity and becoming increasingly common unlike before [12]. The 2017 data
breach statistics recorded around nine billion lost or hijacked information records since 2013. A Symantec
report tracked down that the quantity of safety penetrate occurrences is rising rapidly [13]. Various malicious
software that penetrates internal company networks have become more sophisticated, directly affecting the
severity of attacks companies experience, even as security measures evolve with time [14]. Several reports
have revealed that security breaches are consistently on the rise. Tactics of cybercriminals have begun to
change with the times, and as some researchers would describe it, more ambitious [15], [16]. Previously these
attackers targeted “smaller fish” like credit cards, bank customers, bank accounts, whereas these days, they
target the banks themselves [17]–[20]. All these are possible because of the evolution of malicious software
[21]–[23]. Malicious Software (Malware) is intentionally designed to take advantage of any compromise, or
weakness however minute, in the firewall to gain access to the inside network.
A survey carried out by Kaspersky in 2013 revealed that 91% of companies had experienced at least
one security threat from outside the company network, 35% of these companies encountered data leakage due
to these attacks [24]. 61% of these companies were attacked by spam, while another 66% of the companies
were affected by viruses, spyware, malware, worms, and other malicious programs. Even though the attack
rate is this high, the discovery rate for malware and intrusions is still low [25], [26]. In Panda Lab’s 2015
annual report, the following discoveries were made; 34% of all malwares were produced in 2014. 65% of
attacked systems were intruded on by Trojans, making Trojans the major contributor of security threats. This
report concludes that despite the depth of research and development of network security infrastructure, online
inform action will still be exploited by new forms of attack [27].
Cloud infrastructure utilizes integrated technologies, virtualization techniques, and it moves
according to standard internet protocols, which may attract unauthorized users due to the weaknesses present
in the cloud infrastructure. Distributed computing experiences different conventional assaults that include
protocol spoofing, address resolution, internet protocol (IP) spoofing, flooding, distributed denial of service
(DDoS), domain name system (DNS), poisoning, denial of service (DoS), and routing information protocol
attack. A genuine model is the DoS assault on the fundamental Amazon Cloud framework that caused
BitBucket.org, a site facilitated on Amazon web services (AWS), to stay inaccessible for a couple of hours
[28]. Firewalls can be an effective method to protect a network from external attacks, but it is not applicable
for internal attacks; therefore, an efficient intrusion detection system (IDS) should be fused with Cloud
infrastructure to alleviate these attacks. In this study, authors seek to find out the cause for the attacks on the
networks and investigate ways to identify and curb these attacks. Also, to discover and recommend better
security measures for the protection of networks and network-based systems from security attacks/threats.
2. MATERIAL AND METHOD
In this study, the Network Security Laboratory-knowledge discovery in databases (NSL-KDD)
dataset is used instead of the original KDD Cup 99 dataset, because it gives a good understanding of
intrusion behaviors. Six processes were involved in the approach followed in this study which are data
collection, data pre-processing, feature scaling, feature selection, model development, accuracy evaluation.
The NSL-KDD dataset, which comprises network packets with 42 attributes is used for data
collection. The data is thereafter pre-processed into a suitable form to be utilized by the algorithm.
Pre-processing involves cleaning the algorithm to remove duplicate and redundant entries. Every feature is
transformed to a numerical value/feature by “one-Hot encoding,” which converts objects/string values into
categorical data and is then converted to numerical data using label Encoder in-built in Python. To avoid
features with large values that may weigh too much in the results and eventually lead to overfitting, the
features must be scaled. After the conversion, the dataset is split into 4 different datasets, each representing
the different attack categories. Attack categories are shown in Table 1. The attack categories are renamed as
0=normal, 1=DoS, 2=Probe, 3=R2L, 4=U2R.
Table 1. Attack types in NSL-KDD dataset
Attack category Attack name
Denial of service (DoS) Apache2, Smurf, Neptune, Back, Teardrop, Pod, Land,
Mailbomb, Processtable, UDPstrom
Remote to local (R2L) WarezMaster, Imap, Ftp_Write, Named, MultiHop, Phf, Spy,
Sendmail, SnmpGetAttack, SnmpGuess, Worm, Xsnoop, Xlock
User to root (U2R) probe Buffer_Overflow, Httptuneel, Rootkit, LoadModule, Perl,
Xterm, Ps, SQLattack, Satan, Saint, Ipsweep, Portsweep,
Nmap, Mscan
3. Int J Elec & Comp Eng ISSN: 2088-8708
Experimental analysis of intrusion detection systems using machine learning … (Ademola Abdulkareem)
985
StandardScaler() library is used to scale the data frames and ensure the standard deviation is 1. The
univariate feature selection using analysis of variance (ANOVA) F-test (second percentile method) is first
used, followed by the recursive feature elimination (RFE) method, to get the best features for each dataset.
The formula for each classifier is already built-in to Python, so each attack dataset goes through all the
different classification algorithms before producing results.
2.1. Decision tree classifier
A decision tree (DT) classifier is a popular machine learning algorithm used for both classification
and regression tasks. It recursively partitions a dataset into subsets based on the most significant features,
effectively creating a tree-like structure of decisions. These splits are determined by various criteria, with one
common measure being Gini impurity, which quantifies the randomness or impurity in each subset. Subset is
determined using (1).
∑ 𝑓𝑖(1 − 𝑓𝑖)
𝑐
𝑖=1 (1)
where 𝑓𝑖 is the frequency of labels at a node, and c is the number of unique labels.
2.2. Support vector machine classifier
A support vector machine (SVM) classifier aims to find the optimal hyperplane that best separates
different classes in the feature space. By maximizing the margin between data points and the hyperplane,
SVM enhances its generalization performance, proving especially effective in high-dimensional spaces
commonly encountered in image and text analysis. The hyperplane position is determined by support vectors,
which are the data points closest to the decision boundary, playing a crucial role in defining the classification
boundary accurately.
2.3. K-nearest neighbors algorithm
Unlike some others, the k-nearest neighbors (KNN) is non-parametric, which implies that it makes
no assumptions about the underlying data. It can be used for both regression and classification problems but
primarily for classification. This algorithm stores data such that when a new data entry is made, it quickly
classifies it based on its similarity to already existing data points. Classification algorithm; given a query
instance 𝑥q to be classified, let 𝑥𝑖,…, 𝑥𝑘 denote the k instances from the training examples.
Return 𝑓(𝑥q) ← arg max ∑ 𝛿(𝑣, 𝑓(𝑥𝑖))
k
𝑖=1 for the discrete-valued target function
where (𝑎, 𝑏) = 1 if a=b and where 𝛿(𝑎, 𝑏) = 0, otherwise. The weights of neighbors are taken into
consideration relative to their distance to the query point such that:
𝑓(x𝑞) ← 𝑎𝑟𝑔𝑚𝑎𝑥v∈V ∑ 𝑤𝑖 𝛿(𝑣, f(x𝑖))
𝑘
𝑖=1 (2)
where 𝑤𝑖 =
1
d(x𝑞,x𝑖)
2.
2.4. Artificial neutral network classifier
Artificial neutral network (ANN) is a supervised machine learning (ML) algorithm that is based on
the human brain. The advantage of using this algorithm is its performance ability in nonlinear modelling.
Also, because of it is various layers, it provides a more accurate representation of the predictions. In
developing this model, the dataset is fed into the model 5 times to make provisions for the system memory
and improve the accuracy metric for each attack type.
2.5. Ensemble classifier
The dataset is run through the different classification algorithms that have been previously used. it
goes through the DT, KNN, and SVM classifiers one after the other. This is also done to measure for an
improved accuracy compared to the individual testing and training carried out on the dataset by each
classification algorithm.
3. RESULT AND DISCUSSION
This section discusses the implementation of the machine learning algorithms discussed in section 2.
Furthermore, it explains commonly used evaluation metrics for machine learning methods for IDS. The
4. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 14, No. 1, February 2024: 983-992
986
general confusion matrix, which is used to visualize the performance of our supervised learning algorithms is
shown in Table 2.
Table 2. Confusion matrix
Actual Class Predicted class
Attack Normal
Attack True positive False negative
Normal False positive True negative
3.1. DoS attack
After running our DoS attack dataset through this decision tree, SVM, and KNN classifiers, the
results are shown in Tables 3 and 4. Table 3 shows the confusion matrix for DoS attacks, classified using the
three stated classifiers algorithm, while Table 4 shows other metrics tested for by the classifiers. Metrics such
as precision, recall, accuracy, and F-measure.
Table 3. Confusion matrix for three classifiers on DoS attack
DoS attack Predicted attacks Classifier
Actual attacks 0 1 DT
0 9,602 109
1 2,625 485
0 1 SVM
0 9,677 34
1 3,578 3,882
0 1 KNN
0 9,653 58
1 2,645 4,815
Table 4. Evaluation metrics for three classifiers on DoS attack
Metrics Precision Recall F-Measure Support Classifier
0 0.79 0.99 0.88 9,711 DT
1 0.98 0.65 0.78 7,460
Accuracy - - 0.84 17,171
Macro avg 0.88 0.82 0.83 17,171
Weighted avg 0.87 0.84 0.83 17,171
0 0.73 1 0.84 9,711 SVM
1 0.99 0.52 0.68 7,460
Accuracy - - 0.79 17,171
Macro avg 0.86 0.76 0.76 17,171
Weighted avg 0.84 0.79 0.77 17,171
0 0.78 0.99 0.88 9,711 KNN
1 0.99 0.65 0.78 7,460
Accuracy - - 0.84 17,171
Macro avg 0.89 0.82 0.83 17,171
Weighted avg 0.87 0.84 0.83 17,171
The classifier resulted in 9,602 correctly predicted attacks from the 12,821 data entries/input. Only
485 out of the 3,110 standard entries were accurately predicted as regular attacks by this classifier. This is
shown in Table 3. From this result, we can see that this decision tree classifier produces better attack
predictions compared to typical network behavior. The accuracy of this method is 0.84 but can be improved
on. This will be revealed in the results of the ANN and ensemble classifier.
After running the DoS attack dataset through the SVM classifier, which uses a subset of training
points in the decision function. The accuracy of the classification algorithm is measured using the metrics
recorded is 0.79. The KNN classifiers is a simple algorithm that stores and classifies cases based on
similarity measures such as distance functions. The confusion matrix for this classifier shows a more robust
prediction for the regular network behavior compared to that of the decision tree and strongly predicts the
DoS attacks. The accuracy for this classifier is 0.84, like that of the decision tree classifier.
The results from the ANN classifier for the DoS attacks using the tensor flow framework in Python
is a loss metric of 0.0602, and an accuracy of 0.975. The graphs Figure 1 compares the three classifiers with
ANN. In Figure 1, all precision metrics for the DoS attacks are mapped out, and the DT algorithm has a more
precise measure for DoS attacks.
5. Int J Elec & Comp Eng ISSN: 2088-8708
Experimental analysis of intrusion detection systems using machine learning … (Ademola Abdulkareem)
987
The accuracy of predicting DoS attacks using all the different classification algorithms is compared
in Figure 1, and it is evident that the ANN has higher accuracy. This can result from the deep neural networks
utilized in developing the ANN model, unlike the other machine learning algorithms where the dataset is fed
into the classifier only once.
Figure 1. Accuracy in DoS attack
3.2. Probe attacks
These attacks are deliberately crafted so that the legitimate users of the network recognize the
intrusion and report it. After reporting the attack, the attacker uses recognizable fingerprints to learn more
about the network capabilities. After running the dataset through the decision tree, SVM, and KNN
classifiers, the results from the confusion matrix are shown in Table 5. It shows the ability of the classifier to
predict attacks accurately. The results signify that the decision tree classifier may not be the best for
predicting probe attacks. Inasmuch as the false negative and false positives are less than the true negative and
true positive, the values are still relatively large. The accuracy of this classification algorithm is found to be
84% as shown in Table 6.
Table 5. Confusion matrix for three classifiers on probe
Probe attack Predicted attacks Classifier
Actual attacks 0 2 DT
0 8,709 1,002
1 944 1,477
0 2 SVM
0 9,074 637
1 958 1,463
0 2 KNN
0 9,107 604
1 943 1,478
Table 6. Evaluation metrics for the three classifiers on probe
Metrics Precision Recall F-Measure Support Classifier
0 0.9 0.9 0.9 9,711 DT
1 0.6 0.61 0.6 7,460
Accuracy - - 0.84 17,171
Macro avg 0.75 0.75 0.75 17,171
Weighted avg 0.84 0.84 0.84 17,171
0 0.9 0.93 0.92 9,711 SVM
1 0.7 0.6 0.65 7,460
Accuracy - - 0.87 17,171
Macro avg 0.8 0.77 0.78 17,171
Weighted avg 0.86 0.87 0.86 17,171
0 0.91 0.94 0.92 9,711 KNN
1 0.71 0.61 0.66 7,460
Accuracy - - 0.87 17,171
Macro avg 0.81 0.77 0.79 17,171
Weighted avg 0.87 0.87 0.87 17,171
0
0.2
0.4
0.6
0.8
1
1.2
Decision
Tree
SVM KNN ANN
Accuracy
Machine Learning Algorithm
Accuracy in DoS Attacks
6. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 14, No. 1, February 2024: 983-992
988
SVM can be used for regression and classification. Since this is a classification problem, it is used
here for classification. It works by finding an optimal boundary between two outputs. Accuracy of this
classifier is 87%.
The results gotten from the KNN classifier are shown in Tables 5 and 6. There is a significantly high
prediction possibility, evident in the true negative and true positive values. The accuracy of this classification
algorithm is measured to be 87% and given as the output of the code in Python.
The ANN classifier evaluated in the tensor flow framework of the Python IDE gives an accuracy of
88.7%, with a loss measure of 0.321. The loss in this classification algorithm is high. The accuracy measure
is not as high as expected because information security must be optimal enough to predict over 90% of
attacks. From Figure 2, it is clear that the ANN classifier has the highest accuracy, which the presence of
more layers can explain unlike the single layers of the other machine learning algorithms.
Figure 2. Accuracy in probe attacks
3.3. R2L attack
The R2L attack type represents a scenario where a user without remote network access attempts to
send packets to gain unauthorized entry. In the context of our analysis, the decision tree classifier's
performance in detecting these R2L attacks is depicted in the confusion matrix displayed in Table 7. This
matrix reveals a remarkably high prediction rate, underscoring the effectiveness of the decision tree model in
identifying and mitigating such intrusion attempts.
Table 7. Confusion matrix for three classifiers on probe
Probe attack Predicted attacks Classifier
Actual attacks 0 3 DT
0 9,649 62
1 2,560 325
0 SVM
0 9,711 0
3 2,885 0
0 3 KNN
0 9,710 1
3 2,885 0
The accuracy measure of this method is gotten to be 79% as shown in Table 8. This is not a very
high accuracy for internet security, so we will use other classification algorithms to decide on the model with
the highest accuracy. The results outputted from the code for this classifier show us an accuracy level of
77%. This accuracy level is not good enough for network security purposes, so other classification algorithms
and ANN are used to analyses the accuracy levels.
The accuracy of this classification algorithm is also 77% which is still not good enough for network
security. So far, we have seen that machine learning algorithms are not the best for predicting R2L attacks.
The ANN classifier gives an output of 0.9998 and a loss of 0.003. This accuracy level is very efficient for a
network security prediction model. Figure 3 is a graphical representation of the different classification
0.84
0.87 0.87
0.887
0.8
0.82
0.84
0.86
0.88
0.9
Decision
Tree
SVM KNN ANN
Accuracy
Machine Learning Algorithm
Accu r acy in Pr ob e Attacks
7. Int J Elec & Comp Eng ISSN: 2088-8708
Experimental analysis of intrusion detection systems using machine learning … (Ademola Abdulkareem)
989
algorithms used to analyses the R2L dataset. The ANN classifier produces a more robust accuracy, unlike the
machine learning algorithms.
Table 8. Evaluation metrics for the three classifiers on probe
Metrics Precision Recall F-Measure Support Classifier
0 0.79 0.99 0.88 9,711 DT
1 0.84 0.11 0.2 7,460
Accuracy - - 0.84 17,171
Macro avg 0.82 0.55 0.54 17,171
Weighted avg 0.8 0.79 0.72 17,171
0 0.79 0.99 0.88 9,711 SVM
1 0.84 0.11 0.2 7,460
Accuracy - - 0.84 17,171
Macro avg 0.82 0.55 0.54 17,171
Weighted avg 0.8 0.79 0.72 17,171
0 0.77 1 0.87 9,711 KNN
1 0 0 0 7,460
Accuracy - - 0.77 17,171
Macro avg 0.39 0.5 0.44 17,171
Weighted avg 0.59 0.77 0.67 17,171
Figure 3. Accuracy in R2L attacks
3.4. U2R attacks
User 2 Root (U2R) attack is the illegal access of the root of a network by a local user who has only
been granted access to the leading network, not the network’s backend. With the considered three classifiers
in this study, their true positive, true negative, false positive, and false negative are shown in Table 9 while
the other metrics are given in Table 10. The accuracy output of this classification metric is very high at 99%,
making it very efficient and appropriate for predicting network attacks.
As shown in Figure 4, the accuracy for the U2R attacks using the SVM classifier has an extremely
high accuracy of 99%. This signifies that the SVM classifier efficiently predicts future U2R attacks on a
network. Also, the accuracy of this KNN classifier is 99%, meaning it would be very efficient in predicting
attacks and protecting the network from intrusion. The results from the ANN classification produced an
output prediction value of 99.69%.
3.5. Ensemble classifier
The ensemble classifier is a combination of the various classifier previously used. This is
experimented upon the dataset to determine the accuracy of identifying attacks. The ensemble classification
was carried out on the R2L attack to see if there will be an increase in it is 77% accuracy, which was
obtained from the other independent machine learning algorithms. The output from the ensemble classifier
outputted a whooping accuracy of 99.98%.
From the results output, which has been visualized in the Table 8 and Figure 5, it is clear that using
the ANN classifier is the most accurate way to predict network attacks and intrusions. The ANN classifier
produces results that are close in metric to the ensemble classification, i.e., the combination of the various
machine learning algorithms.
0.79 0.77 0.77
0.9998
0
0.2
0.4
0.6
0.8
1
1.2
Decision
Tree
SVM KNN ANN
Accuracy
Machine Learning Algorithm
Accuracy in R2L Attacks
8. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 14, No. 1, February 2024: 983-992
990
Table 9. Confusion matrix for the classifier on U2R
Probe attack Predicted attacks Classifier
Actual attacks 0 5 DT
0 9,706 5
4 52 15
0 4 SVM
0 9,711 0
4 67 0
0 4 KNN
0 9,709 2
4 60 7
Table 10. Evaluation metrics for the three classifiers on U2R
Metrics Precision Recall F-Measure Support Classifier
0 0.99 1 1 9,711 Decision Tree
1 0.75 0.22 0.34 67
Accuracy - - 0.99 8,778
Macro avg 0.87 0.61 0.67 9,778
Weighted avg 0.99 0.99 0.99 9,778
0 0.99 1 1 9,711 SVM
1 0 0 0 67
Accuracy - - 0.99 8,778
Macro avg 0.5 0.5 0.5 9,778
Weighted avg 0.99 0.99 0.99 9,778
0 0.99 1 1 9,711 KNN
1 0.78 0.1 0.18 67
Accuracy - - 0.99 8,778
Macro avg 0.89 0.55 0.59 9,778
Weighted avg 0.99 0.99 0.99 9,778
Figure 4. Accuracy in U2R attacks
Figure 5. Accuracy in U2R attacks
0.99 0.99 0.99
0.9969
0.986
0.988
0.99
0.992
0.994
0.996
0.998
Decision
Tree
SVM KNN ANN
Accuracy
Machine Learning Algorithm
Accuracy in U2R Attacks
0
0.2
0.4
0.6
0.8
1
1.2
DoS
Probe
R2L
U2R
DoS
Probe
R2L
U2R
DoS
Probe
R2L
U2R
DoS
Probe
R2L
U2R
DoS
Probe
R2L
U2R
Decision Tree SVM KNN ANN Ensemble
Classifier
Accuracy
Machine Learning Algorithm
Accuracy of various Machine Learning Algorithms
9. Int J Elec & Comp Eng ISSN: 2088-8708
Experimental analysis of intrusion detection systems using machine learning … (Ademola Abdulkareem)
991
4. CONCLUSION
In this study, various network intrusions were analyzed using several machine learning algorithms
as classifiers. This was to see how accurately, and intelligently various machine learning algorithms detect
network intrusions when encountered in a system. These experiments were carried out to analyses the
NSL-KDD dataset, which revealed that the dataset is ideal for comparing intrusion detection models. 99%
accuracy was obtained on some of the intrusion detection models developed. The experiments have
demonstrated that there is no single machine learning algorithm that can efficiently handle all types of
attacks, but the models can be trained to give efficiencies up to 99.98% which will tremendously predict and
prevent attacks from flooding the network.
ACKNOWLEDGEMENTS
The authors will like to appreciate Covenant University for her financial support.
REFERENCES
[1] M. Bala and D. Verma, “A critical review of digital marketing,” A Critical Review of Digital Marketing. International Journal of
Management, IT and Engineering, vol. 8, no. 10, pp. 321–339, 2018.
[2] M. Fahlevi, M. Saparudin, S. Maemunah, D. Irma, and M. Ekhsan, “Cybercrime business digital in Indonesia,” E3S Web of
Conferences, vol. 125, Oct. 2019, doi: 10.1051/e3sconf/201912521001.
[3] N. M. Sambaluk, Myths and realities of cyber warfare. ABC-CLIO, LLC, 2020.
[4] H. Kim, H. Kwon, and K. K. Kim, “Modified cyber kill chain model for multimedia service environments,” Multimedia Tools and
Applications, vol. 78, no. 3, pp. 3153–3170, Feb. 2019, doi: 10.1007/s11042-018-5897-5.
[5] L. Tawalbeh, F. Muheidat, M. Tawalbeh, and M. Quwaider, “IoT privacy and security: challenges and solutions,” Applied
Sciences, vol. 10, no. 12, Jun. 2020, doi: 10.3390/app10124102.
[6] M. Z. Gunduz and R. Das, “Cyber-security on smart grid: Threats and potential solutions,” Computer Networks, vol. 169, Mar.
2020, doi: 10.1016/j.comnet.2019.107094.
[7] A. A. Adewale, A. S. Ibidunni, A. A. Atayero, S. N. John, O. Okesola, and R. R. Ominiabohs, “Nigeria’s preparedness for
internet of everything: A survey dataset from the work-force population,” Data in Brief, vol. 23, Apr. 2019, doi:
10.1016/j.dib.2019.103807.
[8] J. Li, “Cybercrime in the Philippines: A case study of national security,” Turkish Journal of Computer and Mathematics
Education (TURCOMAT), vol. 12, no. 11, pp. 4224–4231, 2021.
[9] F. Adeoye, “Issues in internet regulation in Nigeria: the need to promulgate a befitting legislation,” SSRN Electronic Journal,
2020, doi: 10.2139/ssrn.3773010.
[10] Z. Zhang et al., “An overview of security support in named data networking,” IEEE Communications Magazine, vol. 56, no. 11,
pp. 62–68, Nov. 2018, doi: 10.1109/MCOM.2018.1701147.
[11] O. Osemwegie, K. Okokpujie, N. Nkordeh, S. John, and A. A. Adeyinka, “On issues, strategies and solutions for computer
security and disaster recovery in online start-ups,” International Journal of Applied Engineering Research, vol. 12, no. 19,
pp. 8009–8015, 2017.
[12] C. S. Teoh and A. K. Mahmood, “National cyber security strategies for digital economy,” in 2017 International Conference on
Research and Innovation in Information Systems (ICRIIS), Jul. 2017, pp. 1–6, doi: 10.1109/ICRIIS.2017.8002519.
[13] H. Hammouchi, O. Cherqi, G. Mezzour, M. Ghogho, and M. El Koutbi, “Digging deeper into data breaches: an exploratory data
analysis of hacking breaches over time,” Procedia Computer Science, vol. 151, pp. 1004–1009, 2019, doi:
10.1016/j.procs.2019.04.141.
[14] L. Y. Connolly and D. S. Wall, “The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising
countermeasures,” Computers and Security, vol. 87, Nov. 2019, doi: 10.1016/j.cose.2019.101568.
[15] A. Ayodele, J. K. Oyedeji, and H. O. Badmos, “Social construction of internet fraud as innovation among youths in Nigeria,”
International Journal of Cybersecurity Intelligence and Cybercrime, Mar. 2022, doi: 10.52306/BUVC2778.
[16] D. N. Jones, E. Padilla, S. R. Curtis, and C. Kiekintveld, “Network discovery and scanning strategies and the Dark Triad,”
Computers in Human Behavior, vol. 122, Sep. 2021, doi: 10.1016/j.chb.2021.106799.
[17] D. Airehrour, N. V. Nair, and S. Madanian, “Social engineering attacks and countermeasures in the New Zealand banking system:
advancing a user-reflective mitigation model,” Information, vol. 9, no. 5, May 2018, doi: 10.3390/info9050110.
[18] T. Kellermann and R. Murphy, “Modern bank heists 3.0,” Annual “Modern Bank Heists.” VMware Carbon Black, 2020.
[19] M. Botacin, A. Kalysch, and A. Grégio, “The internet banking [in] security spiral,” in Proceedings of the 14th International
Conference on Availability, Reliability and Security, Aug. 2019, pp. 1–10, doi: 10.1145/3339252.3340103.
[20] M. Komar, V. Dorosh, G. Hladiy, and A. Sachenko, “Deep neural network for detection of cyber attacks,” in 2018 IEEE First
International Conference on System Analysis and Intelligent Computing (SAIC), Oct. 2018, pp. 1–4, doi:
10.1109/SAIC.2018.8516753.
[21] A. Mpanti, S. D. Nikolopoulos, and I. Polenakis, “Malicious software detection utilizing temporal-graphs,” in Proceedings of the
20th International Conference on Computer Systems and Technologies, Jun. 2019, pp. 49–55, doi: 10.1145/3345252.3345269.
[22] M. N. Alenezi, H. K. Alabdulrazzaq, A. A. Alshaher, and M. M. Alkharang, “Evolution of malware threats and techniques: a
review,” International Journal of Communication Networks and Information Security (IJCNIS), vol. 12, no. 3, Apr. 2022, doi:
10.17762/ijcnis.v12i3.4723.
[23] H. Sultan, A. Khalique, S. I. Alam, and S. Tanweer, “A survey on ransomeware: evolution, growth, and impact,” International
Journal of Advanced Research in Computer Science, vol. 9, no. 2, 2018.
[24] G. Tsochev, R. Trifonov, O. Nakov, S. Manolov, and G. Pavlova, “Cyber security: threats and challenges,” in 2020 International
Conference Automatics and Informatics (ICAI), Oct. 2020, pp. 1–6, doi: 10.1109/ICAI50593.2020.9311369.
[25] Z. Lin, Y. Shi, and Z. Xue, “IDSGAN: generative adversarial networks for attack generation against intrusion detection,” in
Advances in Knowledge Discovery and Data Mining, Springer International Publishing, 2022, pp. 79–91.
[26] N. Martins, J. M. Cruz, T. Cruz, and P. H. Abreu, “Adversarial machine learning applied to intrusion and malware scenarios: a
systematic review,” IEEE Access, vol. 8, pp. 35403–35419, 2020, doi: 10.1109/ACCESS.2020.2974752.
10. ISSN: 2088-8708
Int J Elec & Comp Eng, Vol. 14, No. 1, February 2024: 983-992
992
[27] F. Salo, M. Injadat, A. B. Nassif, A. Shami, and A. Essex, “Data mining techniques in intrusion detection systems: a systematic
literature review,” IEEE Access, vol. 6, pp. 56046–56058, 2018, doi: 10.1109/ACCESS.2018.2872784.
[28] H. Banafar and S. Sharma, “Secure cloud environment using hidden markov model and rule based generation,” International
Journal of Computer Science and Information Technologies, vol. 5, no. 3, pp. 4808–4841, 2014.
BIOGRAPHIES OF AUTHORS
Ademola Abdulkareem is a renowned researcher and associate professor of
electrical engineering in Covenant University. His areas of specialization are electrical and
electronics engineering, power systems quality analysis and control and energy. His
research interests are optimization of power system network and security, power system
investment planning, high voltage engineering, smart power distribution system and intelligent
building and energy management and renewable energy. He can be contacted at email:
ademola.abdulkareem@covenantuniversity.edu.ng.
Tobiloba Emmanuel Somefun is a Ph.D. holder from Covenant University in
electrical and electronics engineering. His research interest covers energy management,
power system analysis, and data analysis. He can be contacted at email:
tobi.somefun@covenantuniversity.edu.ng.
Adesina Lambe Mutalub currently works as a senior lecturer at the Electrical
and Computer Engineering Department, Faculty of Engineering and Technology, Kwara State
University, Malete, Nigeria. L. M. Adesina does research in engineering education and
electrical engineering. He can be contacted at email: lambe.adesina@kwasu.edu.ng.
Adewale Adeyinka obtained his Ph.D. in information and communication
engineering at Covenant University. His research interests are quality of service (QoS) in
mobile or wireless communication; computer network security; artificial intelligence
application; digital signal processing; software design and programming; electric power
distribution; electrical installations; and Seismic or geophysical data acquisition operations. He
can be contacted at email: adeyinka.adewale@covenantuniversity.edu.ng.