Smart Intrusion Detection System Comprised of Machine Learning and Deep Learning

European Journal of Engineering Research and Science Pub Date : 2020-10-08 DOI:10.24018/ejers.2020.5.10.2128

S. Istiaque, Asif Iqbal Khan, S. Waheed

{"title":"Smart Intrusion Detection System Comprised of Machine Learning and Deep Learning","authors":"S. Istiaque, Asif Iqbal Khan, S. Waheed","doi":"10.24018/ejers.2020.5.10.2128","DOIUrl":null,"url":null,"abstract":"In the present world, digital intruders can exploit the vulnerabilities of a network and are capable to collapse even a country. Attack in Estonia by digital intruders, attack in Iran's nuclear plant and intrusion of spyware in smart phone depicts the efficiency of attackers. Furthermore, centralized firewall system is not enough for ensuring a secured network. Hence, in the age of big data, where availability of data is huge and computation capability of PC is also high, there machine learning and network security have become two inseparable issues. \nIn this thesis, KDD Cup’99 intrusion detection dataset is used. Total 3, 11,030 numbers of records with 41 features are available in the dataset. For finding the anomalies of the network four machine learning methods are used like Classification and Regression Tree (CART), Random Forest, Naive Bayes and Multi-Layer Perception. Initially all 41 features are used to find out the accuracy. Among all the methods, Random Forest provides 98.547% accuracy in intrusion detection which is maximum, and CART shows maximum accuracy (99.086%) to find normal flow of data. Gradually selective 15 features were taken to test the accuracy and it was found that Random Forest is still efficient (accuracy 98.266%) in detecting the fault of the network. In both cases MLP found to be a stable method where accuracy regarding benign data and intrusion are always close to 95% (93.387%, 94.312% and 95.0075, 93.652% respectively). \nFinally, an IDS model is proposed where Random Forest of ML method and MLP of DL method is incorporated, to handle the intrusion in a most efficient manner.","PeriodicalId":12029,"journal":{"name":"European Journal of Engineering Research and Science","volume":"120 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2020-10-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"European Journal of Engineering Research and Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.24018/ejers.2020.5.10.2128","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

In the present world, digital intruders can exploit the vulnerabilities of a network and are capable to collapse even a country. Attack in Estonia by digital intruders, attack in Iran's nuclear plant and intrusion of spyware in smart phone depicts the efficiency of attackers. Furthermore, centralized firewall system is not enough for ensuring a secured network. Hence, in the age of big data, where availability of data is huge and computation capability of PC is also high, there machine learning and network security have become two inseparable issues. In this thesis, KDD Cup’99 intrusion detection dataset is used. Total 3, 11,030 numbers of records with 41 features are available in the dataset. For finding the anomalies of the network four machine learning methods are used like Classification and Regression Tree (CART), Random Forest, Naive Bayes and Multi-Layer Perception. Initially all 41 features are used to find out the accuracy. Among all the methods, Random Forest provides 98.547% accuracy in intrusion detection which is maximum, and CART shows maximum accuracy (99.086%) to find normal flow of data. Gradually selective 15 features were taken to test the accuracy and it was found that Random Forest is still efficient (accuracy 98.266%) in detecting the fault of the network. In both cases MLP found to be a stable method where accuracy regarding benign data and intrusion are always close to 95% (93.387%, 94.312% and 95.0075, 93.652% respectively). Finally, an IDS model is proposed where Random Forest of ML method and MLP of DL method is incorporated, to handle the intrusion in a most efficient manner.

查看原文本刊更多论文

基于机器学习和深度学习的智能入侵检测系统

在当今世界，数字入侵者可以利用网络的漏洞，甚至有能力摧毁一个国家。数字入侵者对爱沙尼亚的攻击，对伊朗核电站的攻击，以及对智能手机间谍软件的入侵，都说明了攻击者的效率。此外，集中式防火墙系统不足以保证网络的安全。因此，在大数据时代，数据的可用性巨大，PC的计算能力也很高，机器学习和网络安全已经成为两个不可分割的问题。本文使用KDD Cup ' 99入侵检测数据集。数据集中共有311030条记录，41个特征。为了发现网络的异常，使用了分类与回归树(CART)、随机森林、朴素贝叶斯和多层感知等四种机器学习方法。最初使用所有41个特征来确定准确性。其中Random Forest在入侵检测方面的准确率最高，达到98.547%;CART在发现正常数据流方面的准确率最高，达到99.086%。逐步选择15个特征进行准确率测试，发现Random Forest在检测网络故障方面仍然是高效的(准确率为98.266%)。在这两种情况下，MLP都是一种稳定的方法，对于良性数据和入侵的准确率都接近95%(分别为93.387%、94.312%和95.0075、93.652%)。最后，提出了一种结合ML方法的随机森林和DL方法的MLP的入侵检测模型，以最有效地处理入侵。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

European Journal of Engineering Research and Science

自引率

0.00%

发文量