{"title":"基于混合方法的两阶段入侵检测系统","authors":"Hanane Azzaoui, A. Boukhamla","doi":"10.1145/3447568.3448512","DOIUrl":null,"url":null,"abstract":"As network traffic grows on an almost a daily basis, attacks and intrusions will keep develop with it. Thus, countering network attacks will require more research on updated datasets. Therefore, Intrusion Detection Systems must follow the recent updates and keep evolving to be able to detect modern attacks. In this paper, we introduce a new two-stage hybrid IDS model using different classifiers to detect attacks from normal traffic. In the first stage, we binary classify traffic between Normal/Attack, while in the second stage we pass traffic records that have been classified as attacks to a second classifier, which will identify attack's type. We used CICIDS2017 dataset to validate our model, which contains the most up-to-date attacks such as DDoS and Web Attacks, along with the well-know NSL-KDD to prove our model further more. The proposed model reported a very promising results, high accuracy and detection rate with very low false positive rate.","PeriodicalId":335307,"journal":{"name":"Proceedings of the 10th International Conference on Information Systems and Technologies","volume":"53 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Two-Stages Intrusion Detection System Based On Hybrid Methods\",\"authors\":\"Hanane Azzaoui, A. Boukhamla\",\"doi\":\"10.1145/3447568.3448512\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As network traffic grows on an almost a daily basis, attacks and intrusions will keep develop with it. Thus, countering network attacks will require more research on updated datasets. Therefore, Intrusion Detection Systems must follow the recent updates and keep evolving to be able to detect modern attacks. In this paper, we introduce a new two-stage hybrid IDS model using different classifiers to detect attacks from normal traffic. In the first stage, we binary classify traffic between Normal/Attack, while in the second stage we pass traffic records that have been classified as attacks to a second classifier, which will identify attack's type. We used CICIDS2017 dataset to validate our model, which contains the most up-to-date attacks such as DDoS and Web Attacks, along with the well-know NSL-KDD to prove our model further more. The proposed model reported a very promising results, high accuracy and detection rate with very low false positive rate.\",\"PeriodicalId\":335307,\"journal\":{\"name\":\"Proceedings of the 10th International Conference on Information Systems and Technologies\",\"volume\":\"53 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-06-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 10th International Conference on Information Systems and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3447568.3448512\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 10th International Conference on Information Systems and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3447568.3448512","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Two-Stages Intrusion Detection System Based On Hybrid Methods
As network traffic grows on an almost a daily basis, attacks and intrusions will keep develop with it. Thus, countering network attacks will require more research on updated datasets. Therefore, Intrusion Detection Systems must follow the recent updates and keep evolving to be able to detect modern attacks. In this paper, we introduce a new two-stage hybrid IDS model using different classifiers to detect attacks from normal traffic. In the first stage, we binary classify traffic between Normal/Attack, while in the second stage we pass traffic records that have been classified as attacks to a second classifier, which will identify attack's type. We used CICIDS2017 dataset to validate our model, which contains the most up-to-date attacks such as DDoS and Web Attacks, along with the well-know NSL-KDD to prove our model further more. The proposed model reported a very promising results, high accuracy and detection rate with very low false positive rate.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
