An intelligent intrusion detection system

With the introduction of emerging technologies cybersecurity has become an inherited and amplified problem. New technologies bring significant developments but also come with new challenges in the cybersecurity area. The fight against malicious attacks is an everyday battle for every company. Challenges brought by security breaches can be devastating for a company and sometimes bring un-survivable circumstances. In this paper, we propose a novel two-stage intelligent intrusion detection system (IDS) to detect and protect from such malicious attacks. Intrusion Detection Systems are feasible solutions for cybersecurity problems, but they come with implementation challenges. Anomaly based IDS usually have a high rate of false positives (FP) and they require considerable computational requirements. The approach proposed in this paper consists of a two-stage architecture based on machine learning algorithms. In the first stage, the IDS uses K-Means to detect attacks and the second stage uses supervised learning to classify such attacks and eliminate the number of false positives. The implementation of this approach results in a computationally efficient IDS able to detect and classify attacks at a 99.97% accuracy while lowering the number of false positives to 0. The paper also evaluates the performance results and compares them with other relevant research papers. The performance of this proposed IDS is superior to the current state of the art.

[1]  Asma Ben Letaifa,et al.  Machine learning based QoE prediction in SDN networks , 2017, 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC).

[2]  Bo Du,et al.  Target Detection Based on Random Forest Metric Learning , 2015, IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing.

[3]  Hicham Medromi,et al.  The Impact of Cyber Security Issues on Businesses and Governments: A Framework for Implementing a Cyber Security Plan , 2014, 2014 International Conference on Future Internet of Things and Cloud.

[4]  Balasubramanian Raman,et al.  Anomaly based intrusion detection using filter based feature selection on KDD-CUP 99 , 2017, TENCON 2017 - 2017 IEEE Region 10 Conference.

[5]  Adnan Shaout,et al.  Two Stage Intelligent Automotive System to Detect and Classify a Traffic Light , 2017, 2017 International Conference on New Trends in Computing Sciences (ICTCS).

[6]  Gregory Piatetsky-Shapiro,et al.  The KDD process for extracting useful knowledge from volumes of data , 1996, CACM.

[7]  Emin Anarim,et al.  An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks , 2005, Expert Syst. Appl..

[8]  Adnan Shaout,et al.  A smart traffic sign recognition system , 2015, 2015 11th International Computer Engineering Conference (ICENCO).

[9]  Poonam Pandey,et al.  An analysis of machine learning techniques (J48 & AdaBoost)-for classification , 2016, 2016 1st India International Conference on Information Processing (IICIP).

[10]  Malcolm I. Heywood,et al.  Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 , 2005, PST.

[11]  A. Nur Zincir-Heywood,et al.  Analysis of Three Intrusion Detection System Benchmark Datasets Using Machine Learning Algorithms , 2005, ISI.

[12]  Neetesh Gupta,et al.  A Novel Approach to Intrusion Detection System using Rough Set Theory and Incremental SVM , 2011 .

[13]  M. Nene,et al.  A Survey on Machine Learning Techniques for Intrusion Detection Systems , 2013 .

[14]  Thomas G. Dietterich An Experimental Comparison of Three Methods for Constructing Ensembles of Decision Trees: Bagging, Boosting, and Randomization , 2000, Machine Learning.

[15]  V. D. Nandavadekar,et al.  Efficient algorithm for intrusion attack classification by analyzing KDD Cup 99 , 2012, 2012 Ninth International Conference on Wireless and Optical Communications Networks (WOCN).

[16]  Sushanta Karmakar,et al.  A Neural Network based system for Intrusion Detection and attack classification , 2016, 2016 Twenty Second National Conference on Communication (NCC).

[17]  Eric Bauer,et al.  An Empirical Comparison of Voting Classification Algorithms: Bagging, Boosting, and Variants , 1999, Machine Learning.

[18]  Adnan Shaout,et al.  ATwo Stage Intrusion Detection Intelligent System , 2018 .

[19]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[20]  J. MacQueen Some methods for classification and analysis of multivariate observations , 1967 .

[21]  Ravi Raj Choudhary,et al.  A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA , 2017, 2017 International Conference on Computer, Communications and Electronics (Comptelix).

[22]  Stephen Northcutt,et al.  Network intrusion detection , 2003 .

[23]  Dewan Md Farid,et al.  Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs , 2014, The 8th International Conference on Software, Knowledge, Information Management and Applications (SKIMA 2014).

[24]  Sumit Vashishtha,et al.  Efficient Intrusion Detection with KNN Classification and DS Theory , 2013 .