{"title":"基于网络的入侵检测系统机器学习分类模型","authors":"Sanjay Kumar, A. Viinikainen, T. Hämäläinen","doi":"10.1109/ICITST.2016.7856705","DOIUrl":null,"url":null,"abstract":"With an enormous increase in number of mobile users, mobile threats are also growing rapidly. Mobile malwares can lead to several cybersecurity threats i.e. stealing sensitive information, installing backdoors, ransomware attacks and sending premium SMSs etc. Previous studies have shown that due to the sophistication of threats and tailored techniques to avoid detection, not every antivirus system is capable of detecting advance threats. However, an extra layer of security at the network side can protect users from these advanced threats by analyzing the traffic patterns. To detect these threats, this paper proposes and evaluates, a Machine Learning (ML) based model for Network based Intrusion Detection Systems (NIDS). In this research, several supervised ML classifiers were built using data-sets containing labeled instances of network traffic features generated by several malicious and benign applications. The focus of this research is on Android based malwares due to its global share in mobile malware and popularity among users. Based on the evaluation results, the model was able to detect known and unknown threats with the accuracy of up to 99.4%. This ML model can also be integrated with traditional intrusion detection systems in order to detect advanced threats and reduce false positives.","PeriodicalId":258740,"journal":{"name":"2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"252 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"38","resultStr":"{\"title\":\"Machine learning classification model for Network based Intrusion Detection System\",\"authors\":\"Sanjay Kumar, A. Viinikainen, T. Hämäläinen\",\"doi\":\"10.1109/ICITST.2016.7856705\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With an enormous increase in number of mobile users, mobile threats are also growing rapidly. Mobile malwares can lead to several cybersecurity threats i.e. stealing sensitive information, installing backdoors, ransomware attacks and sending premium SMSs etc. Previous studies have shown that due to the sophistication of threats and tailored techniques to avoid detection, not every antivirus system is capable of detecting advance threats. However, an extra layer of security at the network side can protect users from these advanced threats by analyzing the traffic patterns. To detect these threats, this paper proposes and evaluates, a Machine Learning (ML) based model for Network based Intrusion Detection Systems (NIDS). In this research, several supervised ML classifiers were built using data-sets containing labeled instances of network traffic features generated by several malicious and benign applications. The focus of this research is on Android based malwares due to its global share in mobile malware and popularity among users. Based on the evaluation results, the model was able to detect known and unknown threats with the accuracy of up to 99.4%. This ML model can also be integrated with traditional intrusion detection systems in order to detect advanced threats and reduce false positives.\",\"PeriodicalId\":258740,\"journal\":{\"name\":\"2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)\",\"volume\":\"252 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"38\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICITST.2016.7856705\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITST.2016.7856705","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Machine learning classification model for Network based Intrusion Detection System
With an enormous increase in number of mobile users, mobile threats are also growing rapidly. Mobile malwares can lead to several cybersecurity threats i.e. stealing sensitive information, installing backdoors, ransomware attacks and sending premium SMSs etc. Previous studies have shown that due to the sophistication of threats and tailored techniques to avoid detection, not every antivirus system is capable of detecting advance threats. However, an extra layer of security at the network side can protect users from these advanced threats by analyzing the traffic patterns. To detect these threats, this paper proposes and evaluates, a Machine Learning (ML) based model for Network based Intrusion Detection Systems (NIDS). In this research, several supervised ML classifiers were built using data-sets containing labeled instances of network traffic features generated by several malicious and benign applications. The focus of this research is on Android based malwares due to its global share in mobile malware and popularity among users. Based on the evaluation results, the model was able to detect known and unknown threats with the accuracy of up to 99.4%. This ML model can also be integrated with traditional intrusion detection systems in order to detect advanced threats and reduce false positives.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
