Figure - available from: Journal of Network and Systems Management
This content is subject to copyright. Terms and conditions apply.
Source publication
Network intrusion detection systems (NIDS) are critical to defending network systems from cyber attacks. Recently, machine learning has been applied to enhance NIDS capability. To train a supervised machine-learning model, a large number of labeled training samples are required to achieve practical performance. However, labeling data samples is a c...
Similar publications
Anomaly detection is one of the biggest issues of security in the Industrial Internet of Things (IIoT) due to the increase in cyber attack dangers for distributed devices and critical infrastructure networks. To face these challenges, the Intrusion Detection System (IDS) is suggested as a robust mechanism to protect and monitor malicious activities...
Citations
... Autoencoders are not generic (like MP3 or JPEG) because they employ lossy compression, and can only compress data similar to what they have been trained for. Thus separate autoencoders are needed for different data types [14][15][16][17]71 . Parallel deep autoencoder is used to detect intrusion in IoT [18][19] . ...
This paper reviews popular signature and anomaly-based intrusion detection systems (IDS)
. Dimensionality reduction techniques (DRT) are used to increase the efficiency of such systems for real-time operation. Autoencoder-based IDS is rapidly gaining in popularity, primarily due to its inherent ability to de-noise data and reduce dimensionality. In addition to the efficiency, we also look at the classification techniques used by various authors, and the overall impact of a model in terms of performance metrics. This article is written for novices in cyber security to get a
jump-start on the latest IDS algorithms. The purpose is to give useful insights into the broad and progressive view of various techniques in wide use, expose high-impact future research areas and to summarize classic IDS methods and feature selection techniques.
... Autoencoders are not generic (like MP3 or JPEG) because they employ lossy compression, and can only compress data similar to what they have been trained for. Thus separate autoencoders are needed for different data types [14][15][16][17]71 . Parallel deep autoencoder is used to detect intrusion in IoT [18][19] . ...
This paper reviews popular signature and anomaly-based intrusion detection systems (IDS). Dimensionality reduction techniques (DRT) are used to increase the efficiency of such systems for real-time operation. Autoencoder-based IDS is rapidly gaining in popularity, primarily due to its inherent ability to denoise data and reduce dimensionality. In addition to the efficiency, we also look at the classification techniques used by various authors, and the overall impact of a model in terms of performance metrics. This article is written for novices in cybersecurityto get a jumpstart on the latest IDS algorithms. The purpose is to give useful insights into the broad and progressive view of various techniques in wide use, expose high-impact future research areas and to summarize classic IDS methods and feature selection techniques.
... Shiomoto [40] proposed a NIDS based on an adversarial auto-encoder. The study determined that because new threats are always emerging, it is challenging to classify data samples and acquire anomalous data samples. ...
The need to secure Internet applications on global networks has become an important task due to the ever-increasing cybercrimes. A common technique for identifying intrusions in computer networks is the Network Intrusion Detection System (NIDS). Several Intrusion Detection Systems have been proposed previously, but these systems are still limited in detection and error rates. Additionally, most of the detection techniques used a set of static rules and manual taxonomies for the detection of intrusions. In this study, a layered rule-based NIDS using ontology was developed. The study adapted a layered attribute evaluator approach to choose the best attributes for NIDS. In order to automatically construct the rules for intrusion detection, the chosen attributes were trained with a classification tree. The created rules are then introduced into the Protégé software for the ontology classification of NIDS. In contrast with taxonomies, the generated ontology provides comprehensive definitions of the concepts inside the NIDS domain that are machine interpretable and illustrates the relationships between the concepts. The findings revealed that the developed approach has 97.431% accuracy, 97.48% precision, 97.41% recall, and 97.41% F1-score on the original dataset. Similarly, the developed approach reported 98.21% accuracy, 98.21% precision, 98.21% recall, and 98.21% F1-score on the reduced dataset. These results demonstrated that the developed approach outperformed the other similar approaches on both the original and reduced datasets. The developed approach also showed better training time compared to the other related approaches.
... For training, semi-supervised learning [32], a technique used in intrusion detection and classification, blends labeled and unlabeled data [41]. This strategy seeks to capitalize on the advantages of both supervised and unsupervised learning approaches [42]. Despite its benefits [43], semi-supervised learning may still require a significant quantity of labeled data for each incursion type, which can be difficult and time-consuming to gather [42,43]. ...
... This strategy seeks to capitalize on the advantages of both supervised and unsupervised learning approaches [42]. Despite its benefits [43], semi-supervised learning may still require a significant quantity of labeled data for each incursion type, which can be difficult and time-consuming to gather [42,43]. Furthermore, the effectiveness of this approach in identifying and classifying new and previously undiscovered intrusion risks may not always be adequate, demanding additional research and refinement to improve its capabilities in dealing with fast evolving and emerging cyber threats [44,45]. ...
Computer networks have become the backbone of our interconnected world in today's technologically driven landscape. Unauthorized access or malicious activity carried out by threat actors to acquire control of network resources, exploit vulnerabilities, or undermine system integrity are examples of network intrusion. ZSL(Zero-Shot Learning) is a machine learning paradigm that addresses the problem of detecting and categorizing objects or concepts that were not present in the training data. . Traditional supervised learning algorithms for intrusion detection frequently struggle with insufficient labeled data and may struggle to adapt to unexpected assault patterns. In this article We have proposed a unique zero-shot learning hybrid partial label model suited to a large image-based network intrusion dataset to overcome these difficulties. The core contribution of this study is the creation and successful implementation of a novel zero-shot learning hybrid partial label model for network intrusion detection, which has a remarkable accuracy of 99.12%. The suggested system lays the groundwork for future study into other feature selection techniques and the performance of other machine learning classifiers on larger datasets. Such research can advance the state-of-the-art in intrusion detection and improve our ability to detect and prevent the network attacks. We hope that our research will spur additional research and innovation in this critical area of cybersecurity.
Due to the reliance of the modern community on networks, the significance of efficient intrusion detection systems (IDS) cannot be ignored. As network intrusions are frequently and critically emerging, exhibiting unknown patterns, smart systems practicing machine learning approaches, have been readily explored to deal with certain issues. In this paper, we acknowledge a different ensemble-oriented approaches for detecting numerous types of outliers. The assets of ensembled techniques over common machine learning mechanisms is the competence to train an unlabeled data. Thus, they are applicable for observing unfamiliar attacks. The pivotal objective of the proposed scheme is to train and test the data for achieving high accuracy rate and minimal false positive rate. The experiment is implemented on NSL-KDD dataset which show that how effectively ensemble algorithms generate highly accurate models with low false positive rates. And outperforms in case of predicting unknown anomalies.
