Anomaly-based Network Intrusion Detection System using Deep Intelligent Technique
Background and objectives: Computer systems and network infrastructures are still exposed to many security risks and cyber-attack vulnerabilities despite advancements of information security. Traditional signature-based intrusion detection systems and security solutions by matching rule-based mechan...
Uložené v:
| Vydané v: | Polytechnic Journal Ročník 12; číslo 2; s. 100 - 113 |
|---|---|
| Hlavní autori: | , |
| Médium: | Journal Article |
| Jazyk: | English |
| Vydavateľské údaje: |
Erbil Polytechnic University
01.09.2023
|
| Predmet: | |
| ISSN: | 2313-5727, 2707-7799 |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | Background and objectives: Computer systems and network infrastructures are still exposed to many security risks and cyber-attack vulnerabilities despite advancements of information security. Traditional signature-based intrusion detection systems and security solutions by matching rule-based mechanism and prior knowledge are insufficient of fully protecting computer networks against novel attacks. For this purpose, Anomaly-based Network Intrusion Detection System (A-NIDS) as cyber security tool is considered for identifying and detecting anomalous behavior in the flow-based network traffic alongside with firewalls and other security measures. The main objective of the research is to improve the detection rate and reduce false-positive rates of the classifier using anomaly-based technique.
Methods: an intelligent technique using deep learning algorithm and mutual information feature selection (MIFS) method to select optimal features on the benchmark datasets. Proposed method accurately capable of classifying normal and anomalous states of the data packets in a comprehensive way by combination of Long-Short term memory (LSTM) algorithm and MIFS method.
Results: The model achieved encouraging results in terms of accuracy 99.79%, 0.002 false-positive rate with minimum time compared to other models recorded only 81.75s on CSE-CIC-IDS2018 dataset. At the end of the study, comparative studies are conducted to verify the effectiveness of proposed method on three realistic and latest intrusion detection datasets, named CSE_CIC-IDS2018, CIC-IDS2017, and NF-CSE-CIC-IDS2018 dataset.
Conclusions: Proposed model in a combination of LSTM NN and Feature selection method (MIFS) increased detection rate and reduced false-positive alarms, also the model able to detect low frequent attacks while other existing models are suffering from. |
|---|---|
| AbstractList | Background and objectives: Computer systems and network infrastructures are still exposed to many security risks and cyber-attack vulnerabilities despite advancements of information security. Traditional signature-based intrusion detection systems and security solutions by matching rule-based mechanism and prior knowledge are insufficient of fully protecting computer networks against novel attacks. For this purpose, Anomaly-based Network Intrusion Detection System (A-NIDS) as cyber security tool is considered for identifying and detecting anomalous behavior in the flow-based network traffic alongside with firewalls and other security measures. The main objective of the research is to improve the detection rate and reduce false-positive rates of the classifier using anomaly-based technique.
Methods: an intelligent technique using deep learning algorithm and mutual information feature selection (MIFS) method to select optimal features on the benchmark datasets. Proposed method accurately capable of classifying normal and anomalous states of the data packets in a comprehensive way by combination of Long-Short term memory (LSTM) algorithm and MIFS method.
Results: The model achieved encouraging results in terms of accuracy 99.79%, 0.002 false-positive rate with minimum time compared to other models recorded only 81.75s on CSE-CIC-IDS2018 dataset. At the end of the study, comparative studies are conducted to verify the effectiveness of proposed method on three realistic and latest intrusion detection datasets, named CSE_CIC-IDS2018, CIC-IDS2017, and NF-CSE-CIC-IDS2018 dataset.
Conclusions: Proposed model in a combination of LSTM NN and Feature selection method (MIFS) increased detection rate and reduced false-positive alarms, also the model able to detect low frequent attacks while other existing models are suffering from. Computer systems and network infrastructures are still exposed to many security risks and cyber-attack vulnerabilities despite advancements of information security. Traditional signature-based intrusion detection systems and security solutions by matching rule-based mechanism and prior knowledge are insufficient of fully protecting computer networks against novel attacks. For this purpose, Anomaly-based Network Intrusion Detection System (A-NIDS) as cyber security tool is considered for identifying and detecting anomalous behavior in the flow-based network traffic alongside with firewalls and other security measures.The main objective of the research is to improve the detection rate and reduce false-positive rates of the classifier using anomaly-based technique. |
| Author | Daneshwar, Muhammadamin A. Hassan, Sardar KH |
| Author_xml | – sequence: 1 givenname: Sardar KH orcidid: 0000-0002-1131-1037 surname: Hassan fullname: Hassan, Sardar KH – sequence: 2 givenname: Muhammadamin A. orcidid: 0000-0003-3760-8442 surname: Daneshwar fullname: Daneshwar, Muhammadamin A. |
| BookMark | eNpFkNtKw0AURQepYK39h_gBqXPmksk8lnorFEWsz8MkOVNT05mYpEr-3rQVfTqbzWbBWZdk5INHQq6BzpgEmdzU3Xb2BcyznlHGZnUNlMYA_IyMmaIqVkrr0ZA58Fgqpi7ItG3LjEoNVOtUjMnL3Iedrfo4sy0W0RN236H5iJa-a_ZtGXx0ix3m3SG99m2Hu2io_WaosT6ssKrKDfouWmP-7svPPV6Rc2erFqe_d0Le7u_Wi8d49fywXMxXcc645rESLHdaMQDIUqp4xkDRRCpMbeESRjkX0uYFcg0KFadcoBDDl-i0K6hyfEKWJ24R7NbUTbmzTW-CLc2xCM3G2KYr8wqNlAgUOOiEgVBSaOeUSGSRJk7q1B1Y-sTKm9C2Dbo_HlBzVG0G1eZftTmqNoNq_gNTD3V8 |
| ContentType | Journal Article |
| DBID | AAYXX CITATION DOA |
| DOI | 10.25156/ptj.v12n2y2022.pp100-113 |
| DatabaseName | CrossRef DOAJ Directory of Open Access Journals |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | CrossRef |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| EISSN | 2707-7799 |
| EndPage | 113 |
| ExternalDocumentID | oai_doaj_org_article_55e10131962147549ff7465d86f598ff 10_25156_ptj_v12n2y2022_pp100_113 |
| GroupedDBID | AAYXX ALMA_UNASSIGNED_HOLDINGS CITATION GROUPED_DOAJ |
| ID | FETCH-LOGICAL-c2393-742cf972111b8073b2170657e8adf6203345acde3917e73034e44202ef9fd07f3 |
| IEDL.DBID | DOA |
| ISSN | 2313-5727 |
| IngestDate | Fri Oct 03 12:40:00 EDT 2025 Sat Nov 29 04:17:04 EST 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 2 |
| Language | English |
| License | https://creativecommons.org/licenses/by-nc-nd/4.0 |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c2393-742cf972111b8073b2170657e8adf6203345acde3917e73034e44202ef9fd07f3 |
| ORCID | 0000-0003-3760-8442 0000-0002-1131-1037 |
| OpenAccessLink | https://doaj.org/article/55e10131962147549ff7465d86f598ff |
| PageCount | 14 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_55e10131962147549ff7465d86f598ff crossref_primary_10_25156_ptj_v12n2y2022_pp100_113 |
| PublicationCentury | 2000 |
| PublicationDate | 2023-09-01 |
| PublicationDateYYYYMMDD | 2023-09-01 |
| PublicationDate_xml | – month: 09 year: 2023 text: 2023-09-01 day: 01 |
| PublicationDecade | 2020 |
| PublicationTitle | Polytechnic Journal |
| PublicationYear | 2023 |
| Publisher | Erbil Polytechnic University |
| Publisher_xml | – name: Erbil Polytechnic University |
| SSID | ssib059109984 ssib059161904 |
| Score | 2.277476 |
| Snippet | Background and objectives: Computer systems and network infrastructures are still exposed to many security risks and cyber-attack vulnerabilities despite... Computer systems and network infrastructures are still exposed to many security risks and cyber-attack vulnerabilities despite advancements of information... |
| SourceID | doaj crossref |
| SourceType | Open Website Index Database |
| StartPage | 100 |
| SubjectTerms | anomaly detection cyber-attack deep learning intelligent technique intrusion detection system machine learning |
| Title | Anomaly-based Network Intrusion Detection System using Deep Intelligent Technique |
| URI | https://doaj.org/article/55e10131962147549ff7465d86f598ff |
| Volume | 12 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAON databaseName: DOAJ Directory of Open Access Journals customDbUrl: eissn: 2707-7799 dateEnd: 99991231 omitProxy: false ssIdentifier: ssib059161904 issn: 2313-5727 databaseCode: DOA dateStart: 20190101 isFulltext: true titleUrlDefault: https://www.doaj.org/ providerName: Directory of Open Access Journals – providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources customDbUrl: eissn: 2707-7799 dateEnd: 99991231 omitProxy: false ssIdentifier: ssib059109984 issn: 2313-5727 databaseCode: M~E dateStart: 20190101 isFulltext: true titleUrlDefault: https://road.issn.org providerName: ISSN International Centre |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV1NS8QwEA2yiHgRRcX1iwhe4zafbY5-7OKCLgor7K00bSKK1qJlYS_-dmfa3VVPXrz0EEho32Q6efDyhpDTPPLOCeOZKaxlSuWBORdzZrzWmQ14M60xcb2JR6NkMrF3P1p9oSastQdugetp7Tl6wliDHXWAzYQQK6OLxARtkxDw7wunnpZMrZET1DZDjTa9qn4-m3JRihnwe2CPFY8ixrn8VYB--PQ3BWWwSTbmJ0F63r7BFlnx5Ta5Bzr-mr3MGFaXgo5akTYdlng3AiCkV75uxFMlbb3GKQrXH2HYV3S4tNes6XjhzbpDHgb98eU1m3c9YDnakTHgqnlATx3OXQIJ6AQ63OjYJ1kRjIikVDrLCy-BaHnIT6m8UvCJPthQRHGQu6RTvpV-j1CYYpyQPhPCKYiI1bCciaUtAiYv7xKxgCKtWnOLFEhBg18K-KXf-KUNfsAXZJdcIGjLCehP3QxA1NJ51NK_orb_H4sckHVs_t4qvg5JByLhj8hqPq2fPt6Pmw0Bz9vP_heDYLqG |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Anomaly-based+Network+Intrusion+Detection+System+using+Deep+Intelligent+Technique&rft.jtitle=Polytechnic+Journal&rft.au=Hassan%2C+Sardar+KH&rft.au=Daneshwar%2C+Muhammadamin+A.&rft.date=2023-09-01&rft.issn=2313-5727&rft.eissn=2707-7799&rft.volume=12&rft.issue=2&rft.spage=100&rft.epage=113&rft_id=info:doi/10.25156%2Fptj.v12n2y2022.pp100-113&rft.externalDBID=n%2Fa&rft.externalDocID=10_25156_ptj_v12n2y2022_pp100_113 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2313-5727&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2313-5727&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2313-5727&client=summon |