Anomaly Analysis for the Classification Purpose of Intrusion Detection System with K-Nearest Neighbors and Deep Neural Network

Nowadays, along with network development, due to the threats of unknown sources, information communication is more vulnerable and require more secured information. An Intrusion Detection System (IDS) is important for protecting information with growing of unauthorized activities in-network. Traditional firewall techniques are less capable to protect information against new intrusion. Numerous researches on intrusion detection system have been conducted but old dataset like Kddcup'99 is analyzed. Problem identified that lack of accuracy to detect intrusion with the current available intrusion system. Hence this study aims to anomaly analysis for the classification purpose of the intrusion detection system with the most update dataset named CICIDS-2017 which can be used for the intrusion detection evaluation. This research has conducted the anomaly analysis for the classification purpose based on the K-Nearest Neighbors (KNN) for the machine learning (ML) and Deep Neural Network (DNN) using the Deep Learning (DL) method. One of the results presents a classification performance based on Matthews Correlation Coefficient (MCC) for ML and DL. DNN has performed significantly higher correctness classifier which shows DNN score 0.9293% compared to KNN is at 0.8824%. This research is significant as reference for IDS development which would improve security response for networked systems.

[1]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.

[2]  Ravi Sankar,et al.  A Survey of Intrusion Detection Systems in Wireless Sensor Networks , 2014, IEEE Communications Surveys & Tutorials.

[3]  Giovanni Bottazzi,et al.  A Survey on Financial Botnets Threat , 2015, ICGS3.

[4]  Saadiah Yahya,et al.  A hybrid intrusion detection system based on different machine learning algorithms , 2013 .

[5]  Yoshua. Bengio,et al.  Learning Deep Architectures for AI , 2007, Found. Trends Mach. Learn..

[6]  Jürgen Schmidhuber,et al.  Deep learning in neural networks: An overview , 2014, Neural Networks.

[7]  S. Bose,et al.  Hybrid network intrusion detection system using expert rule based approach , 2012, CCSEIT '12.

[8]  Amr E. Mohamed,et al.  Comparative Study of Four Supervised Machine Learning Techniques for Classification , 2017 .

[9]  N. Altman An Introduction to Kernel and Nearest-Neighbor Nonparametric Regression , 1992 .

[10]  Ali A. Ghorbani,et al.  An Evaluation Framework for Intrusion Detection Dataset , 2016, 2016 International Conference on Information Science and Security (ICISS).

[11]  Ali A. Ghorbani,et al.  CIC-AB: Online ad blocker for browsers , 2017, 2017 International Carnahan Conference on Security Technology (ICCST).

[12]  Kilian Q. Weinberger,et al.  Distance Metric Learning for Large Margin Nearest Neighbor Classification , 2005, NIPS.

[13]  Pradeep Kumar,et al.  Ubiquitous Machine Learning and Its Applications , 2017 .

[14]  Maurizio Aiello,et al.  Are mobile botnets a possible threat? The case of SlowBot Net , 2016, Comput. Secur..

[15]  Wei-Chiang Hong,et al.  Application of the Weighted K-Nearest Neighbor Algorithm for Short-Term Load Forecasting , 2019, Energies.

[17]  G. Kirubavathi Venkatesh,et al.  HTTP Botnet Detection Using Adaptive Learning Rate Multilayer Feed-Forward Neural Network , 2012, WISTP.

[18]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[19]  Fabio Roli,et al.  2020 Cybercrime Economic Costs: No Measure No Solution , 2015, 2015 10th International Conference on Availability, Reliability and Security.