Open Access   Article Go Back

A Review of Network Intrusion Detection System using machine learning algorithms

Ravinder Kumar1

  1. Department of CSE, HMR Institute of Technology and Management (Affiliated with GGSIPU), Delhi, India.

Correspondence should be addressed to: ravinder_y@yahoo.com.

Section:Review Paper, Product Type: Journal Paper
Volume-5 , Issue-12 , Page no. 94-100, Dec-2017

CrossRef-DOI:   https://doi.org/10.26438/ijcse/v5i12.94100

Online published on Dec 31, 2017

Copyright © Ravinder Kumar . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

View this paper at   Google Scholar | DPI Digital Library

How to Cite this Paper

  • IEEE Citation
  • MLA Citation
  • APA Citation
  • BibTex Citation
  • RIS Citation

IEEE Style Citation: Ravinder Kumar, “A Review of Network Intrusion Detection System using machine learning algorithms,” International Journal of Computer Sciences and Engineering, Vol.5, Issue.12, pp.94-100, 2017.

MLA Style Citation: Ravinder Kumar "A Review of Network Intrusion Detection System using machine learning algorithms." International Journal of Computer Sciences and Engineering 5.12 (2017): 94-100.

APA Style Citation: Ravinder Kumar, (2017). A Review of Network Intrusion Detection System using machine learning algorithms. International Journal of Computer Sciences and Engineering, 5(12), 94-100.

BibTex Style Citation:
@article{Kumar_2017,
author = {Ravinder Kumar},
title = {A Review of Network Intrusion Detection System using machine learning algorithms},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {12 2017},
volume = {5},
Issue = {12},
month = {12},
year = {2017},
issn = {2347-2693},
pages = {94-100},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=1586},
doi = {https://doi.org/10.26438/ijcse/v5i12.94100}
publisher = {IJCSE, Indore, INDIA},
}

RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v5i12.94100}
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=1586
TI - A Review of Network Intrusion Detection System using machine learning algorithms
T2 - International Journal of Computer Sciences and Engineering
AU - Ravinder Kumar
PY - 2017
DA - 2017/12/31
PB - IJCSE, Indore, INDIA
SP - 94-100
IS - 12
VL - 5
SN - 2347-2693
ER -

VIEWS PDF XML
884 589 downloads 258 downloads
  
  
           

Abstract

With the advancement in the communication technology, the probability of external attacks through networks is increasing day by day. Therefore, Intrusion Detection System (IDS) had became very important and an emerging area of research which, attempts to identify and notify the activities of users as normal (or) anomaly. IDS are a nonlinear and complicated problem and deals with network traffic data. Many IDS methods have been proposed and produce different levels of accuracy. That is why the development of effective and robust Intrusion detection system is necessary. This paper presents a state of the art of intrusion detection system (IDS) classification techniques using various machine learning algorithms. Experiments have been conducted to evaluate the performance of various well known machine learning algorithms on NSL-KDD data set.

Key-Words / Index Term

Intrusion Detection System, Attacks, KDD data set, False Acceptance Rate , Detection Rate, Neural Networks

References

[1] Garcia-Teodoro, Pedro, et al, "Anomaly-based network intrusion detection: Techniques, systems and challenges”, Computers & Security, Vol. 28, No. 1, pp 18-28. (2009):
[2] D. E. Denning. “An intrusion detection model.” IEEE Transactions on Software Engineering, Special issue on computer security and privacy, Vol. 13, No. 2, pp 222–232, 1987.
[3] H. Debar, M. Dacier, and A. Wespi. “Towards a taxonomy of intrusion-detection systems.” Networks, Vol. 31, No. 8, pp 805–822, 1999.
[4] S. Chebrolu, A. Abraham, and J. P. Thomas. Feature deduction and ensemble design of intrusion detection systems. Computers & Security, Vol. 24, No. 4, pp 295–307, 2005.
[5] D. Poole, A. Mackworth, R. Goebel. “Computational Intelligence - A Logical Approach”, Oxford University Press, Oxford, UK, 1998. ISBN-10: 195102703.
[6] J. C. Bezdek, “What is computational intelligence? Computational Intelligence Imitating Life”, pp 1–12, 1994. IEEE Press, New York
[7] W. Duch, “What is computational intelligence and where is it going”, In W. Duch and J. Mańdziuk, editors, Challenges for Computational Intelligence, volume 63 of Studies in Computational Intelligence, pp 1–13. Springer Berlin / Heidelberg, 2007.
[8] B. Craenen, A. Eiben, “Computational intelligence. Encyclopedia of Life Support Sciences”, EOLSS; EOLSS Co. Ltd., 2002.
[9] The KDD99 Dataset. Retrieved January 26, 2008, from http://kdd. ics.uci.edu/databases/kddcup99/task.html.
[10] J. McHugh, Testing intrusion detection systems a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory. ACM Transactions on Information and System Security, Vol. 3, No. 4, pp 262–294, 2000.
[11] M. V. Mahoney, P. K. Chan, “An analysis of the 1999 DARPA/Lincoln laboratory evaluation data for network anomaly detection”. Technical Report TR CS-2003-02, Computer Science Department, Florida Institute of Technology, 2003.
[12] M. Sabhnani and G. Serpen. “Why machine learning algorithms fail in misuse detection on KDD intrusion detection data set. Intelligent Data Analysis”, Vol. 8, No. 4, pp 403–415, 2004.
[13] J. Balthrop, S. Forrest, M. R. Glickman, “Revisiting LISYS: Parameters and normal behavior”, In D. B. Fogel, M. A. El-Sharkawi, X. Yao, G. Greenwood, H. Iba, P. Marrow, and M. Shackleton, editors, Proceedings of the IEEE Congress on Evolutionary Computation (CEC ’02), volume 2, pp 1045–1050, Honolulu, HI, USA, 12-17 May 2002. IEEE Press.
[14] L. Mé. GASSATA, “a genetic algorithm as an alternative tool for security audit trails analysis”. In Proceedings of the 1st International Workshop on the Recent Advances in Intrusion Detection (RAID 98), Louvain-la-Neuve, Belgium, pp 14-16 September 1998.
[15] K. Tan, “The application of neural networks to unix computer security”, In Proceedings of IEEE International Conference on Neural Networks, volume 1, pp 476–481, Perth, WA, Australia, Nov/Dec 1995. IEEE Press.
[16] J. Ryan, M. J. Lin, R. Miikkulainen, “Intrusion detection with neural networks”, Advances in Neural Information Processing Systems, Vol. 10, pp 943–949, 1998.
[17] A. P. F. Chan, W. W. Y. Ng, D. S. Yeung, and E. C. C. Tsang. “Comparison of different fusion approaches for network intrusion detection using ensemble of RBFNN.” In Proceedings of 2005 International Conference on Machine Learning and Cybernetics, volume 6, pp. 3846–3851. IEEE Press, 18-21 Aug. 2005.
[18] A. Hofmann, C. Schmitz, and B. Sick. “Rule extraction from neural networks for intrusion detection in computer networks”, In IEEE International Conference on Systems, Man and Cybernetics, volume 2, pp 1259–1265. IEEE Press, 5-8 Oct. 2003.
[19] Z. Liu, G. Florez, and S. M. Bridges. “A comparison of input representations in neural networks: A case study in intrusion detection”, In Proceedings of the International Joint Conference on Neural Networks (IJCNN ’02), volume 2, pages 1708–1713, Honolulu, HI, USA, 12-17 May 2002. IEEE Press.
[20] A. Rapaka, A. Novokhodko, and D. Wunsch. Intrusion detection using radial basis function network on sequence of system calls. In Proceedings of the International Joint Conference on Neural Networks (IJCNN ’03), volume 3, pages 1820–1825, Portland, OR, USA, 20-24 July 2003. IEEE Press.
[21] C. Zhang, J. Jiang, and M. Kamel. Comparison of BPL and RBF network in intrusion detection system. In G. Wang, Q. Liu, Y. Yao, and A. Skowron, editors, Proceedings of the 9th International Conference on Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing (RSFDGrC ’03), 26-29 May, Chongqing, China, volume 2639 of Lecture Notes in Computer Science, chapter Proceedings of the 9th International Conference on Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing (RSFDGrC ’03), pages 466– 470. Springer Berlin / Heidelberg, 2003.
[22] A. K. Ghosh and A. Schwartzbard. A study in using neural networks for anomaly and misuse detection. In Proceedings of the 8th USENIX Security Symposium, volume 8, pages 141–152, Washington, D.C., USA, 23-36 August 1999.
[23] Z. Zhang, J. Li, C. Manikopoulos, J. Jorgenson, J. Ucles, “HIDE: a hierarchical network intrusion detection system using statistical preprocessing and neural network classification”, In Proceedings of the 2001 IEEE Workshop Information Assurance and Security, pp 85–90, West Point, NY, USA, 2001. IEEE Press.
[24] Y. Yu, F. Gao, Y. Ge, “Hybrid BP/CNN neural network for intrusion detection” In Proceedings of the 3rd international conference on Information security, volume 85 of ACM International Conference Proceeding Series, pp 226–228, 2004.
[25] K. Fox, R. Henning, J. Reed, “A neural network approach toward intrusion detection” In Proceedings of the 13th National Computer Security Conference, Vol. 1, pp 124–134, Washington, D.C., USA, 1-4 Oct. 1990.
[26] A. J. Hoglund, K. Hatonen, A. S. Sorvari, “A computer host-based user anomaly detction system using the self-organizing map”, In Proceedings of the IEEE-INNS-ENNS International Joint Conference on Neural Networks (IJCNN ’00), Vol. 5, pp 411–416, Como, Italy, 24-27 July 2000. IEEE Press.
[27] W. Wang, X. Guan, X. Zhang, L. Yang, “Profiling program behavior for anomaly intrusion detection based on the transition and frequency property of computer audit data”, Computers & Security, Vol. 25, No. 7, pp. 539–550, 2006.
[28] A. Bivens, C. Palagiri, R. Smith, B. Szymanski, M. Embrechts, “Network based intrusion detection using neural networks”, Intelligent Engineering Systems through Artificial Neural Networks, Vol. 12, No. 1, pp 579–584, 2002.
[29] J. Cannad, J. Mahaffey, The application of artificial neural networks to misuse detection: Initial results”, In Proceedings of the 1st International Workshop on Recent Advances in Intrusion Detection (RAID 98), Louvain-la-Neuve, Belgium, ppn14-16 September 1998.
[30] C. Jirapummin, N. Wattanapongsakorn, P. Kanthamanon, “Hybrid neural networks for intrusion detection system”, In The 2002 International Technical Conference on Circuits/Systems, Computers and Communications (ITC-CSCC ’02), Vol 7, pp 928–931, Phuket, Thailand, 2002.
[31] M. Amini, R. Jalili, H. R. Shahriari, “RT-UNNID: A practical solution to real-time network-based intrusion detection using unsupervised neural networks”, Computers & Security, Vol. 25, No. 6, pp 459–468, 2006.
[32] Y. Liao, V. R. Vemuri, and A. Pasos. “Adaptive anomaly detection with evolving connectionist systems”, Journal of Network and Computer Applications, Vol. 30, No. 1, pp 60–80, 2007. Special Issue on Network and Information Security: A Computational Intelligence Approach.
[33] N. A. Durgin, P. Zhang, “Profile-based adaptive anomaly detection for network security”, Technical report, Sandia National Laboratories, 2005.