Fast Binary Network Intrusion Detection based on Matched Filter Optimization

Securing networks has become very critical task because of the continued appearance of attacks and the growing number of Internet users. The detection, classification and prevention of attacks are provided by the so-called Intrusion Detection System (IDS). In this article, we have proposed and evaluated a new model of network intrusion detection based on matched filter optimization called NIDeMFO for Network Intrusion Detection based on Matched Filter Optimization. Similar to Linear Discriminant Analysis (LDA), the goal is to design a linear filter that projects data into a space where both classes, normal and attack, are well separated. The difference with LDA is that the margin between the averages of the two classes in the projected space is controlled by a parameter. The proposed detection model is evaluated on the NSL-KDD benchmark. The results show its competitiveness and effectiveness compared to many existing detection models.

[1]  Danai Koutra,et al.  Graph based anomaly detection and description: a survey , 2014, Data Mining and Knowledge Discovery.

[2]  Yang Yu,et al.  An Effective Two-Step Intrusion Detection Approach Based on Binary Classification and $k$ -NN , 2018, IEEE Access.

[3]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[4]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[5]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[6]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[7]  Ken Ferens,et al.  Network Intrusion Detection Using Machine Learning , 2016 .

[8]  Ljiljana Trajkovic,et al.  Comparison of Machine Learning Algorithms for Detection of Network Intrusions , 2018, 2018 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[9]  Aristides Gionis,et al.  k-means-: A Unified Approach to Clustering and Outlier Detection , 2013, SDM.

[10]  Atilla Özgür,et al.  A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015 , 2016, PeerJ Prepr..

[11]  Mohamed Cheriet,et al.  Influence of Color-to-Gray Conversion on the Performance of Document Image Binarization: Toward a Novel Optimization Problem , 2015, IEEE Transactions on Image Processing.

[12]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[13]  Mohiuddin Ahmed,et al.  A survey of network anomaly detection techniques , 2016, J. Netw. Comput. Appl..

[14]  M. Sugumaran,et al.  Machine Learning Techniques for Intrusion Detection: A Comparative Analysis , 2016, ICIA.

[15]  Anil K. Jain,et al.  Statistical Pattern Recognition: A Review , 2000, IEEE Trans. Pattern Anal. Mach. Intell..