CHAPTER 7 Normalization of Dataset
|
|
- Debra Chapman
- 6 years ago
- Views:
Transcription
1 Introduction CHAPTER Introduction Objective of this chapter is to address dataset normalization. From our detailed literature review and also from our previous experiments of [9], we found following questions which must be answered for better normalization: 1. Why do we need to normalize the data or dataset? 2. Which features of the data or dataset should be normalized? 3. How do we normalize the selected features? To answer the first question, we did detailed literature review of dataset normalization. We observed that normalization reduces the size of the dataset and more importantly reduces the response time of detection engine by a large extent [9]. Initial portion of this chapter revolves around first question. To answer the second question, we did detailed analysis of the dataset which is supposed to be used in our research model. On the basis of this analysis, we proposed a list of features that should be normalized. This has been addressed at middle portion of the chapter. Later portion of the chapter addresses the third question in which, dataset normalization model is discussed. Normalization model presented in this chapter can also be used to normalize the real-time network traffic also. More detail about dataset normalization is available in our previous work of [9]. 7.2 Dataset Normalization Dataset Normalization or data normalization is a process or technique in which data is transferred in a form which is more suitable to the data processing engine. Such transformation includes: Data Cleaning, Data Encoding, Data Scaling and Data Reduction [9]. 7.3 Advantages of Dataset Normalization As per our detailed literature review and our implementation which is available in [9], we found the following advantages of dataset normalization: Reduces size of the dataset. 57
2 CHAPTER 7 Requires less hardware resources. Processing is very fast. 7.4 Disadvantages of Dataset Normalization As per our detailed literature review and our implementation which is available in [9], we found the following disadvantages of dataset normalization: More overhead if used for the dataset having less number of rows. More overhead if used for the dataset with less number of features. If proper care is not taken, it may loss the internal structure of the data which reduces the accuracy. 7.5 Need for the Data Normalization in the Proposed Model First phase of implementation of our research model uses KDD CUP 1999 dataset to train BPNN. This KDD CUP 1999 Data set has 41 features and has training records. In the systems like above, where large dataset is used, performance largely depends upon the number of the inputs and their quality [9]. If these inputs are not in normalized form then performance of BPNN will be degraded [8]. Our detailed literature review also shows that usage of normalization decreases the dataset size and also reduces the processing time by a large extent. To use such benefits, we normalized data in our research model. For data normalization, authors of [1] have suggested following key points: 1. Text to Numeric Conversion: Attributes which are in text format, must be converted to the numeric values. 2. Scaling: Attributes having very high range, must be scaled to [-1, 1] or [0, 1] for optimal performance. 3. Size Reduction: Without reducing the number of records, the size of dataset should be reduced. 7.6 Analysis of KDD CUP 1999 Dataset To find the answer for the question what to be normalized, we did the detailed analysis of KDD CUP 1999 dataset. During our analysis, we found following important observations: Text Attributes: In KDD CUP 1999 dataset, attributes like protocol_type, service, flag, and classification of attack are in text format. BPNN is faster in case of numeric values as compare to text values [1]. So, for better performance, these text values must be encoded with numeric values. 58
3 The Model for Dataset Normalization Un-scaled Attributes: In KDD CUP 1999 dataset, attribute number 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 13, 15, 16, 17,18,19 23, 24, 32, 33 and 42 are not properly scaled. BPNN can perform better with the small values of inputs, typically around [-1, 1] or [0, 1] [1]. So these un-scaled attributes must be scaled into small range. Size of Dataset: Size of KDD CUP 1999 dataset is very large. If we can reduce the size, without reducing the number of rows and most importantly without loss of data, then memory requirement can be minimized. Results of our above analysis show that if this KDD CUP 1999 dataset which is in unnormalized form is directly used for training and testing purposes, training time and response time will be high which is not acceptable for any real time intrusion detection system. So before using this dataset, we suggest to normalize it. 7.7 The Model for Dataset Normalization KDD/ NSL Dataset Encoding Dataset Scaling Dataset Lossless Size Reduction Checking Dataset Normalized Dataset FIGURE7.1: KDD CUP 1999 and NSL Dataset Normalization Model for Anomaly Detection using BPNN [9] Figure 7.1 shows the model for the normalization of KDD CUP 1999 dataset for anomaly 59
4 CHAPTER 7 detection using BPNN. The model has encoding, scaling, lossless size reduction and checking modules. The model works as follows Encoding Dataset KDD CUP 1999 dataset contains various features which are in text format. BPNN can work faster with numeric values, as compared to text values [1]. For better performance, this sub module encodes text features of KDD CUP 1999 dataset to the numeric values Scaling Dataset After encoding, all the attributes of the dataset is in numeric form, but not in the same scale. BPNN performs faster with input values in [0, 1] range [1]. This sub module scales the numeric values to [0, 1]. Topmost care should be taken while scaling the values as it may lead to loss of information Lossless Size Reduction Scaled dataset is passed to size reduction unit, which replaces 0.00 and 1.00 with 0 and 1 respectively. This replacement reduces the size of the dataset. Since, we are replacing the 0.00 and 1.00 to 0 and 1 respectively, its lossless size reduction. Due to the lossless size reduction technique used, the false alarm rate will not be affected. This reduced dataset is known as pre-final dataset Checking Dataset Dataset which is generated after size reduction is pre-final dataset. This pre-final dataset is given to the checking module. This checking module compares the number of records with the original dataset. If pre-final dataset and original dataset has the same number of records, then final normalized KDD CUP 1999 dataset is ready to use Data Stream To test the BPNN based anomaly detection system on the real network traffic, data streams can be used. The model can also be used to normalize data streams. When the model is used to normalize the data stream, checking sub module of the model is not required. 7.8 Implementation of the Model Following are the details of the implementation of the data normalization model on KDD CUP 1999 dataset Encoding Dataset In KDD CUP 1999 dataset, attributes like protocol_type, service, flag, and classification of attack are in text format. To convert them in numeric values, unique numeric code had been assigned to each possible value of the given attribute. Table 7.1 shows the list of 60
5 Implementation of the Model attributes with their text and corresponding numeric code, which we assigned during implementation. TABLE 7.1: Encoding of Text Attributes to Numeric Value for KDD CUP 1999 Dataset Attribute Protocol type Service value Flag value Attribute Value With Their Numeric Value tcp=1,udp=2,icmp=3 private=1 ftp_data=2 eco_i=3 telnet=4 http=5 smtp=6 ftp=7 ldap=8 pop_3=9 courier=10 discard=11 ecr_i=12 imap4=13 domain_u=14 mtp=15 systat=16 iso_tsap=17 other=18 csnet_ns= 19 finger=20 uucp=21 whois =22 netbios_ns=23 link=24 Z39_50=25 sunrpc=26 auth=27 netbios_dgm=28 uucp_path=29 vmnet=30 domain=31 name=32 pop_2=33 http_443=34 urp_i=35 login=36 gopher=37 exec=38 time=39 remote_job=40 ssh=41 kshell=42 sql_net=43 shell=44 hostnames=45 echo=46 daytime=47 pm_dump=48 IRC=49 netstat=50 ctf=51 nntp=52 netbios_ssn=53 tim_i=54 supdup=55 bgp=56 nnsp=57 rje=58 printer=59 efs=60 X11=61 ntp_u=62 klogin=63 tftp_u=64 red_i=65 urh_i=66 http_8001=67 aol=68 http_2784=69 harvest=70 REJ=1 SF=2 RSTO=3 S0=4 RSTR=5 SH=6 S3=7 S2=8 S1=9 RSTOS0=10 OTH=11 Classification of attack neptune=1 normal=2 saint=3 mscan=4 guess_passwd=5 smurf=6 apache2=7 satan=8 buffer_overflow=9 back=10 warezmaster=11 snmpgetattack=12 processtable=13 pod=14 httptunnel=15 nmap=16 ps=17 snmpguess=18 ipsweep=19 mailbomb=20 portsweep=21 multihop=22 named=23 sendmail=24 loadmodule=25 xterm=26 worm=27 teardrop=28 rootkit=29 xlock=30 perl=31 land=32 xsnoop=33 sqlattack=34 ftp_write=35 imap=36 udpstorm=37 phf=38 warezclient=39 spy=40. During our experiments, we observed 24% reduction in size. This reduction in size minimizes the memory requirement during execution of BPNN for anomaly detection Scaling Dataset As per [1], if the input values of the BPNN is in the range of [-1, 1], the performance of the system will be better. To scale the values, authors of [3] [4] and [5] had used (7.1), while authors of [6] had used (7.2). 61
6 CHAPTER 7 (X-Xmin) X'= Starting Value.... (7.1) (Xmax-Xmin) (X-Xmin) X'= (7.2) (Xmax-Xmin) Where X is normalized value and X is original value TABLE 7.2: Attribute and Their Maximum Values for KDD CUP 1999 Dataset Attribute No. Max. Value Attribute No. Max. Value Attribute No. Max. Value E E After completion of encoding step, all attributes has various maximum values. Mapping of attribute to their maximum value has been shown in the Table 7.2. From the table, it can be seen that attribute number 1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 13, 15, 16, 17, 18, 19, 23, 24, 32, 33 and 42 has other than 0 and 1 as maximum value. For better performance of BPNN in anomaly detection, these attributes must be scaled using either (7.1) or (7.2). If starting value is taken as 0, then (7.1) and (7.2) both will become same. During our implementation, as all the features of the dataset has starting values as 0, we used (7.2) to scale the dataset. 62
7 Implementation of the Model Lossless Size Reduction The dataset which has been scaled by the model has many fields with 0.00 and 1.00 as the values. If these fields are converted to 0 and 1 value respectively, then size of the dataset will be reduced without loss of information. Reduction in the size will lead to the lower memory requirement during training as well as testing. To check whether replacement of 0.00 and 1.00 will not have any effect on performance, we performed two set of experiments on 3 Variable XOR problem with learning rate=0.1, standard error =0.01, initial weights =0.5. In the Set I, we took 0 and 1 values as inputs, while in Set II, 0.00 and 1.00 values had been taken as input, and other parameters as constants. For each set, we performed 1000 experiments. Table 7.3 shows the result of our experiments. TABLE 7.3: Comparison of Total Learning Time Between Set I (Inputs with 0 and 1 values) and Set II (Inputs with 0.00 and 1.00 values). The Difference is Negligible. Set I: Total Learning Time for 1000 Experiments (In Seconds) Set II: Total Learning Time for 1000 Experiments (In Seconds) % of difference As per the Table 7.3, % of the difference in total learning time for 1000 experiments for both the set is This difference is mainly due to runtime environment difference caused by various background processes. These experiments suggest that, in 3 Variable XOR problem, there isn t any performance effect due to the replacement of 0 and 1. So, our experiment suggests that to reduce the size of dataset, we can replace all 0.00 and 1.00 values with 0 and 1 respectively Checking Dataset As per the model, after encoding, scaling and size reduction, pre-final dataset is generated. During the generation of this pre-final dataset, if single value is missed or added or corrupted then it can damage the entire dataset. To overcome this, pre-final dataset is compared with original dataset by number of rows. If both have same number of rows then dataset is undamaged and can be treated as final normalized dataset. If this normalization model is used for real-time network traffic then checking sub modules is not required. 63
8 CHAPTER References 1. Siddhartha Bhattacharyya, University of Illinois Chicago at UIC, Class Notes of IDS: 572 -Data Mining for Business, Fall, October, Nsl-kdd dataset for network-based intrusion detection systems. Available on: March Poojitha, G., K. N. Kumar, and P. J. Reddy. "Intrusion Detection using Artificial Neural Network." In Computing Communication and Networking Technologies (ICCCNT), 2010 International Conference on, pp IEEE, Ganesh Kumar, P., and D. Devaraj. "Network intrusion detection using hybrid neural networks." In Signal Processing, Communications and Networking, ICSCN'07. International Conference on, pp IEEE, Kaewarsa, Suriya. "Classification of power quality disturbances using S-transform based artificial neural networks." In Intelligent Computing and Intelligent Systems, ICIS IEEE International Conference on, vol. 1, pp IEEE, Jiang, Jiefeng, Jing Zhang, Gege Yang, Dapeng Zhang, and Lianjun Zhang. "Application of back propagation neural network in the classification of high resolution remote sensing image: Take remote sensing image of beijing for instance." In Geoinformatics, th International Conference on, pp IEEE, Tavallaee, Mahbod, Natalia Stakhanova, and Ali Akbar Ghorbani. "Toward credible evaluation of anomaly-based intrusion-detection methods." Systems, Man, and Cybernetics, Part C: Applications and Reviews, IEEE Transactions on 40, no. 5 (2010): Wang, Wei, Xiangliang Zhang, Sylvain Gombault, and Svein J. Knapskog. "Attribute normalization in network intrusion detection." In Pervasive Systems, Algorithms, and Networks (ISPAN), th International Symposium on, pp IEEE, Bhavin Shah, Bhushan H. Trivedi, Data Set Normalization : For Anomaly Detection Using Back Propagation Neural Network, IEEE - International Conference on Research and Development Prospectus on Engineering and Technology (ICRDPET),
Network attack analysis via k-means clustering
Network attack analysis via k-means clustering - By Team Cinderella Chandni Pakalapati cp6023@rit.edu Priyanka Samanta ps7723@rit.edu Dept. of Computer Science CONTENTS Recap of project overview Analysis
More informationCHAPTER 4 DATA PREPROCESSING AND FEATURE SELECTION
55 CHAPTER 4 DATA PREPROCESSING AND FEATURE SELECTION In this work, an intelligent approach for building an efficient NIDS which involves data preprocessing, feature extraction and classification has been
More informationA Technique by using Neuro-Fuzzy Inference System for Intrusion Detection and Forensics
International OPEN ACCESS Journal Of Modern Engineering Research (IJMER) A Technique by using Neuro-Fuzzy Inference System for Intrusion Detection and Forensics Abhishek choudhary 1, Swati Sharma 2, Pooja
More informationTowards A New Architecture of Detecting Networks Intrusion Based on Neural Network
International Journal of Computer Networks and Communications Security VOL. 5, NO. 1, JANUARY 2017, 7 14 Available online at: www.ijcncs.org E-ISSN 2308-9830 (Online)/ ISSN 2410-0595 (Print) Towards A
More informationNAVAL POSTGRADUATE SCHOOL THESIS
NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS NEURAL DETECTION OF MALICIOUS NETWORK ACTIVITIES USING A NEW DIRECT PARSING AND FEATURE EXTRACTION TECHNIQUE by Cheng Hong Low September 2015 Thesis
More informationUnsupervised clustering approach for network anomaly detection
Unsupervised clustering approach for network anomaly detection Iwan Syarif 1,2, Adam Prugel-Bennett 1, Gary Wills 1 1 School of Electronics and Computer Science, University of Southampton, UK {is1e08,apb,gbw}@ecs.soton.ac.uk
More informationCombination of Three Machine Learning Algorithms for Intrusion Detection Systems in Computer Networks
Vol. () December, pp. 9-8 ISSN95-9X Combination of Three Machine Learning Algorithms for Intrusion Detection Systems in Computer Networks Ali Reza Zebarjad, Mohmmad Mehdi Lotfinejad Dapartment of Computer,
More informationDistributed Detection of Network Intrusions Based on a Parametric Model
Distributed Detection of Network Intrusions Based on a Parametric Model Yan-guo Wang, Xi Li, and Weiming Hu National Laboratory of Pattern Recognition Institute of Automation, Chinese Academy of Sciences
More informationDiscriminant Analysis based Feature Selection in KDD Intrusion Dataset
Discriminant Analysis based Feature Selection in KDD Intrusion Dataset Dr.S.Siva Sathya Department of Computer Science Pondicherry University, Puducherry,India. Dr. R.Geetha Ramani Department of Computer
More informationA Neural Network Based Intrusion Detection System For Wireless Sensor Networks
A Neural Network Based Intrusion Detection System For Wireless Sensor Networks OKAN CAN Turkish Air Force Academy Computer Engineering Department Istanbul Turkey ocan@hho.edu.tr CANSIN TURGUNER Turkish
More informationINTRUSION DETECTION SYSTEM
INTRUSION DETECTION SYSTEM Project Trainee Muduy Shilpa B.Tech Pre-final year Electrical Engineering IIT Kharagpur, Kharagpur Supervised By: Dr.V.Radha Assistant Professor, IDRBT-Hyderabad Guided By: Mr.
More informationSelecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 Intrusion Detection Datasets
Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 Intrusion Detection Datasets H. Günes Kayacık, A. Nur Zincir-Heywood, Malcolm I. Heywood Dalhousie University, Faculty
More informationINTRUSION DETECTION WITH TREE-BASED DATA MINING CLASSIFICATION TECHNIQUES BY USING KDD DATASET
INTRUSION DETECTION WITH TREE-BASED DATA MINING CLASSIFICATION TECHNIQUES BY USING KDD DATASET Bilal Ahmad Department of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics,
More informationA Study on NSL-KDD Dataset for Intrusion Detection System Based on Classification Algorithms
ISSN (Online) 2278-121 ISSN (Print) 2319-594 Vol. 4, Issue 6, June 215 A Study on NSL-KDD set for Intrusion Detection System Based on ification Algorithms L.Dhanabal 1, Dr. S.P. Shantharajah 2 Assistant
More informationTowards an Efficient Anomaly-Based Intrusion Detection for Software-Defined Networks
Towards an Efficient Anomaly-Based Intrusion Detection for Software-Defined Networks In spite of the significant impact of using a centralized controller, the controller itself creates a single point of
More informationAn Intrusion Prediction Technique Based on Co-evolutionary Immune System for Network Security (CoCo-IDP)
International Journal of Network Security, Vol.9, No.3, PP.290 300, Nov. 2009 290 An Intrusion Prediction Technique Based on Co-evolutionary Immune System for Network Security (CoCo-IDP) Mohammad Reza
More informationAnalysis of neural networks usage for detection of a new attack in IDS
Annales UMCS Informatica AI X, 1 (2010) 51-59 DOI: 10.2478/v10065-010-0035-7 Analysis of neural networks usage for detection of a new attack in IDS Przemysław Kukiełka 1, Zbigniew Kotulski 2 1 Institute
More informationData Mining Approaches for Network Intrusion Detection: from Dimensionality Reduction to Misuse and Anomaly Detection
Data Mining Approaches for Network Intrusion Detection: from Dimensionality Reduction to Misuse and Anomaly Detection Iwan Syarif 1,2, Adam Prugel-Bennett 1, Gary Wills 1 1 School of Electronics and Computer
More informationCHAPTER V KDD CUP 99 DATASET. With the widespread use of computer networks, the number of attacks has grown
CHAPTER V KDD CUP 99 DATASET With the widespread use of computer networks, the number of attacks has grown extensively, and many new hacking tools and intrusive methods have appeared. Using an intrusion
More informationA Hierarchical SOM based Intrusion Detection System
* Text + Figure(s) + Table(s) A Hierarchical SOM based Intrusion Detection System H. Gunes Kayacik, A. Nur Zincir-Heywood, Malcolm I. Heywood Dalhousie University, Faculty of Computer Science, 6050 University
More informationRanking and Filtering the Selected Attributes for Intrusion Detection System
Ranking and Filtering the Selected Attributes for Intrusion Detection System Phyu Thi Htun and Kyaw Thet Khaing Abstract Many researchers have been focused on improving the performance, especially in accuracy
More informationExperiments with Applying Artificial Immune System in Network Attack Detection
Kennesaw State University DigitalCommons@Kennesaw State University KSU Proceedings on Cybersecurity Education, Research and Practice 2017 KSU Conference on Cybersecurity Education, Research and Practice
More informationCHAPTER 2 DARPA KDDCUP99 DATASET
44 CHAPTER 2 DARPA KDDCUP99 DATASET 2.1 THE DARPA INTRUSION-DETECTION EVALUATION PROGRAM The number of intrusions is to be found in any computer and network audit data are plentiful as well as ever-changing.
More informationRUSMA MULYADI. Advisor: Dr. Daniel Zeng
Evaluating Classification Algorithms for Intrusion Detection Systems RUSMA MULYADI Advisor: Dr. Daniel Zeng A Master Project Report Submitted to the Department of Management Information Systems In Partial
More informationIndependent degree project - first cycle Bachelor s thesis 15 ECTS credits
Fel! Hittar inte referenskälla. - Fel! Hittar inte referenskälla.fel! Hittar inte referenskälla. Table of Contents Independent degree project - first cycle Bachelor s thesis 15 ECTS credits Master of Science
More informationOn Dataset Biases in a Learning System with Minimum A Priori Information for Intrusion Detection
On Dataset Biases in a Learning System with Minimum A Priori Information for Intrusion Detection H. G. Kayacik A. N. Zincir-Heywood M. I. Heywood Dalhousie University Faculty of Computer Science Halifax,
More informationClassification of Attacks in Data Mining
Classification of Attacks in Data Mining Bhavneet Kaur Department of Computer Science and Engineering GTBIT, New Delhi, Delhi, India Abstract- Intrusion Detection and data mining are the major part of
More informationA hybrid network intrusion detection framework based on random forests and weighted k-means
Ain Shams Engineering Journal (2013) 4, 753 762 Ain Shams University Ain Shams Engineering Journal www.elsevier.com/locate/asej www.sciencedirect.com ELECTRICAL ENGINEERING A hybrid network intrusion detection
More informationBig Data Analytics: Feature Selection and Machine Learning for Intrusion Detection On Microsoft Azure Platform
Big Data Analytics: Feature Selection and Machine Learning for Intrusion Detection On Microsoft Azure Platform Nachirat Rachburee and Wattana Punlumjeak Department of Computer Engineering, Faculty of Engineering,
More informationIDuFG: Introducing an Intrusion Detection using Hybrid Fuzzy Genetic Approach
International Journal of Network Security, Vol.17, No.6, PP.754-770, Nov. 2015 754 IDuFG: Introducing an Intrusion Detection using Hybrid Fuzzy Genetic Approach Ghazaleh Javadzadeh 1, Reza Azmi 2 (Corresponding
More informationThis is a repository copy of Deep Learning Approach for Network Intrusion Detection in Software Defined Networking.
This is a repository copy of Deep Learning Approach for Network Intrusion Detection in Software Defined Networking. White Rose Research Online URL for this paper: http://eprints.whiterose.ac.uk/106836/
More informationCloud Computing Intrusion Detection Using Artificial Bee Colony-BP Network Algorithm
Cloud Computing Intrusion Detection Using Artificial Bee Colony-BP Network Algorithm Yang Hui SiChuan College of Architectural Technology Deyang 618000 China Journal of Digital Information Management ABSTRACT:
More informationDeep Feature Extraction for multi-class Intrusion Detection in Industrial Control Systems
Deep Feature Extraction for multi-class Intrusion Detection in Industrial Control Systems Sasanka Potluri and Christian Diedrich Abstract In recent days, network based communication is more vulnerable
More informationLearning Intrusion Detection: Supervised or Unsupervised?
Learning Intrusion Detection: Supervised or Unsupervised? Pavel Laskov, Patrick Düssel, Christin Schäfer, and Konrad Rieck Fraunhofer-FIRST.IDA, Kekuléstr. 7, 12489 Berlin, Germany {laskov, duessel, christin,
More informationAddresses, Protocols, and Ports Reference
APPENDIXA Addresses, Protocols, and Ports Reference This appendix provides a quick reference for the following topics: IP Addresses and Subnet Masks Protocols and Applications TCP and UDP Ports ICMP Types
More informationAnomaly Intrusion Detection System Using Hierarchical Gaussian Mixture Model
264 IJCSNS International Journal of Computer Science and Network Security, VOL.8 No.8, August 2008 Anomaly Intrusion Detection System Using Hierarchical Gaussian Mixture Model M. Bahrololum and M. Khaleghi
More informationIntrusion Detection Based On Clustering Algorithm
International Journal of Electronics and Computer Science Engineering 1059 Available Online at www.ijecse.org ISSN- 2277-1956 Intrusion Detection Based On Clustering Algorithm Nadya El MOUSSAID 1, Ahmed
More informationA Rough Set Based Feature Selection on KDD CUP 99 Data Set
Vol.8, No.1 (2015), pp.149-156 http://dx.doi.org/10.14257/ijdta.2015.8.1.16 A Rough Set Based Feature Selection on KDD CUP 99 Data Set Vinod Rampure 1 and Akhilesh Tiwari 2 Department of CSE & IT, Madhav
More informationINTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) PROPOSED HYBRID-MULTISTAGES NIDS TECHNIQUES
INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) International Journal of Electronics and Communication Engineering & Technology (IJECET), ISSN 0976 ISSN 0976 6464(Print)
More informationComparison of variable learning rate and Levenberg-Marquardt back-propagation training algorithms for detecting attacks in Intrusion Detection Systems
Comparison of variable learning rate and Levenberg-Marquardt back-propagation training algorithms for detecting attacks in Intrusion Detection Systems Tummala Pradeep 1 IV th Year Student, Department of
More informationVB Socket Visual Basic socket implementation
10 VB Socket. 10.1 Visual Basic socket implementation Visual Basic support a WinSock control which allows the connection of hosts over a network. It supports both UDP and TCP. Figure 10. shows a sample
More informationPerformance improvement of intrusion detection with fusion of multiple sensors
Complex Intell. Syst. (2017) 3:33 39 DOI 10.1007/s40747-016-0033-5 ORIGINAL PAPER Performance improvement of intrusion detection with fusion of multiple sensors An evidence-theory-based approach Vrushank
More informationUsing MongoDB Databases for Training and Combining Intrusion Detection Datasets
Using MongoDB Databases for Training and Combining Intrusion Detection Datasets Marwa Elayni and Farah Jemili Abstract A single source of intrusion detection dataset involves the analyze of Big Data, recent
More informationComparative Analysis of Classification Algorithms on KDD 99 Data Set
I. J. Computer Network and Information Security, 2016, 9, 34-40 Published Online September 2016 in MECS (http://www.mecs-press.org/) DOI: 10.5815/ijcnis.2016.09.05 Comparative Analysis of Classification
More informationIntrusion detection system with decision tree and combine method algorithm
International Academic Institute for Science and Technology International Academic Journal of Science and Engineering Vol. 3, No. 8, 2016, pp. 21-31. ISSN 2454-3896 International Academic Journal of Science
More information* This manuscript has been accepted for publication in IET Networks.
* This manuscript has been accepted for publication in IET Networks. Towards an Efficient Anomaly-Based Intrusion Detection for Software-Defined Networks. Majd Latah 1*, Levent Toker 2 1 Department of
More informationCyber Attack Detection and Classification Using Parallel Support Vector Machine
International Journal of Computer and Internet Security. ISSN 0974-2247 Volume 4, Number 2 (2012), pp. 51-58 International Research Publication House http://www.irphouse.com Cyber Attack Detection and
More informationAnalysis of KDD 99 Intrusion Detection Dataset for Selection of Relevance Features
Analysis of KDD 99 Intrusion Detection Dataset for Selection of Relevance Features Adetunmbi A.Olusola., Adeola S.Oladele. and Daramola O.Abosede Abstract - The rapid development of business and other
More informationNetwork Traffic Anomaly Detection Based on Packet Bytes ABSTRACT Bugs in the attack. Evasion. 1. INTRODUCTION User Behavior. 2.
Network Traffic Anomaly Detection Based on Packet Bytes Matthew V. Mahoney Florida Institute of Technology Technical Report CS-2002-13 mmahoney@cs.fit.edu ABSTRACT Hostile network traffic is often "different"
More informationProtocol Filters APPENDIX
APPENDIX B The tables in this appendix list some of the protocols that you can filter on the access point. The tables include: Table A-1, Ethertype s Table A-2, IP s Table A-3, IP Port s In each table,
More informationTwo Level Anomaly Detection Classifier
Two Level Anomaly Detection Classifier Azeem Khan Dublin City University School of Computing Dublin, Ireland raeeska2@computing.dcu.ie Shehroz Khan Department of Information Technology National University
More informationModel Redundancy vs. Intrusion Detection
Model Redundancy vs. Intrusion Detection Zhuowei Li, Amitabha Das, and Sabu Emmanuel School of Computer Engineering, Nanyang Technological University, 50, Nanyang Avenue, Singapore 639798 zhwei.li@pmail.ntu.edu.sg
More informationModeling Intrusion Detection Systems With Machine Learning And Selected Attributes
Modeling Intrusion Detection Systems With Machine Learning And Selected Attributes Thaksen J. Parvat USET G.G.S.Indratrastha University Dwarka, New Delhi 78 pthaksen.sit@sinhgad.edu Abstract Intrusion
More informationClassifying Network Intrusions: A Comparison of Data Mining Methods
Association for Information Systems AIS Electronic Library (AISeL) AMCIS 2005 Proceedings Americas Conference on Information Systems (AMCIS) 2005 Classifying Network Intrusions: A Comparison of Data Mining
More informationNetwork Intrusion Detection System: A Machine Learning Approach
Network Intrusion Detection System: A Machine Learning Approach Mrutyunjaya Panda Department of EEE GITA, Bhubaneswar Odisha, India mrutyunjaya@ieee.org Ajith Abraham MIR Labs, Washington, USA ajith.abraham@ieee.org
More informationIntrusion Detection of Multiple Attack Classes using a Deep Neural Net Ensemble
Intrusion Detection of Multiple Attack Classes using a Deep Neural Net Ensemble Simone A. Ludwig North Dakota State University Fargo, ND, USA simone.ludwig@ndsu.edu Abstract An intrusion detection system
More informationAnomaly detection using machine learning techniques. A comparison of classification algorithms
Anomaly detection using machine learning techniques A comparison of classification algorithms Henrik Hivand Volden Master s Thesis Spring 2016 Anomaly detection using machine learning techniques Henrik
More informationINTRUSION DETECTION MODEL IN DATA MINING BASED ON ENSEMBLE APPROACH
INTRUSION DETECTION MODEL IN DATA MINING BASED ON ENSEMBLE APPROACH VIKAS SANNADY 1, POONAM GUPTA 2 1Asst.Professor, Department of Computer Science, GTBCPTE, Bilaspur, chhattisgarh, India 2Asst.Professor,
More information2017 IEEE 31st International Conference on Advanced Information Networking and Applications
2017 IEEE 31st International Conference on Advanced Information Networking and Applications Enhancing Security Attacks Analysis using Regularized Machine Learning Techniques Desta Haileselassie Hagos,
More informationarxiv: v1 [cs.cr] 25 Jun 2018
On the model-checking-based IDS Weijun ZHU School of Information Engineering, Zhengzhou University, Zhengzhou, 450001 China arxiv:1806.09337v1 [cs.cr] 25 Jun 2018 Abstract: How to identify the comprehensive
More informationAddresses, Protocols, and Ports
APPENDIXB This appendix provides a quick reference for IP addresses, protocols, and applications. This appendix includes the following sections: IPv4 Addresses and Subnet Masks, page B-1 IPv6 Addresses,
More informationMining Audit Data for Intrusion Detection Systems Using Support Vector Machines and Neural Networks
Journal on Information Sciences and Computing, Vol.1, No.1, December 2007 Mining Audit Data for Intrusion Detection Systems Using Support Vector Machines and Neural Networks 47 Ramamoorthy Subbureddiar,
More informationFast Feature Reduction in Intrusion Detection Datasets
MIPRO 2012, May 21-25,2012, Opatija, Croatia Fast Feature Reduction in Intrusion Detection Datasets Shafigh Parsazad *, Ehsan Saboori **, Amin Allahyar * * Department Of Computer Engineering, Ferdowsi
More informationAddresses, Protocols, and Ports
This chapter provides a quick reference for IP addresses, protocols, and applications. IPv4 Addresses and Subnet Masks, page 1 IPv6 Addresses, page 5 Protocols and Applications, page 11 and Ports, page
More informationFeature Reduction for Intrusion Detection Using Linear Discriminant Analysis
Feature Reduction for Intrusion Detection Using Linear Discriminant Analysis Rupali Datti 1, Bhupendra verma 2 1 PG Research Scholar Department of Computer Science and Engineering, TIT, Bhopal (M.P.) rupal3010@gmail.com
More informationUsing Artificial Anomalies to Detect Unknown and Known Network Intrusions
Using Artificial Anomalies to Detect Unknown and Known Network Intrusions Wei Fan IBM T.J.Watson Research Hawthorne, NY 1532 weifan@us.ibm.com Wenke Lee College of Computing, Georgia Tech Atlanta, GA 3332
More informationUsing Domain Knowledge to Facilitate Cyber Security Analysis
Association for Information Systems AIS Electronic Library (AISeL) AMCIS 2012 Proceedings Proceedings Using Domain Knowledge to Facilitate Cyber Security Analysis Peng He Information Systems, UMBC, Baltimore,
More informationClassification Trees with Logistic Regression Functions for Network Based Intrusion Detection System
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661,p-ISSN: 2278-8727, Volume 19, Issue 3, Ver. IV (May - June 2017), PP 48-52 www.iosrjournals.org Classification Trees with Logistic Regression
More informationResearch Article A Universal High-Performance Correlation Analysis Detection Model and Algorithm for Network Intrusion Detection System
Hindawi Mathematical Problems in Engineering Volume 2017, Article ID 8439706, 9 pages https://doi.org/10.1155/2017/8439706 Research Article A Universal High-Performance Correlation Analysis Detection Model
More informationFUZZY KERNEL C-MEANS ALGORITHM FOR INTRUSION DETECTION SYSTEMS
FUZZY KERNEL C-MEANS ALGORITHM FOR INTRUSION DETECTION SYSTEMS 1 ZUHERMAN RUSTAM, 2 AINI SURI TALITA 1 Senior Lecturer, Department of Mathematics, Faculty of Mathematics and Natural Sciences, University
More informationA Detailed Analysis on NSL-KDD Dataset Using Various Machine Learning Techniques for Intrusion Detection
A Detailed Analysis on NSL-KDD Dataset Using Various Machine Learning Techniques for Intrusion Detection S. Revathi Ph.D. Research Scholar PG and Research, Department of Computer Science Government Arts
More informationIntrusion Detection -- A 20 year practice. Outline. Till Peng Liu School of IST Penn State University
Intrusion Detection -- A 20 year practice Peng Liu School of IST Penn State University Pennsylvania State Unviersity 1 Outline Motivation Intrusion Detection Techniques Intrusion Detection Products Some
More informationTCP, UDP Ports, and ICMP Message Types1
Appendix A APPENDIX A TCP, UDP Ports, and ICMP Message Types1 I list useful TCP, UDP ports, and ICMP message types in this appendix. A comprehensive list of registered TCP and UDP services may be found
More informationSignature Analysis of UDP Streams for Intrusion Detection using Data Mining Algorithms
Signature Analysis of UDP Streams for Intrusion Detection using Data Mining Algorithms R.Sridevi Asst.Prof & Head, Dept. of Information Technology SACET Trichy, India Abstract with the increased use of
More informationImproved Detection of Low-Profile Probes and Denial-of-Service Attacks*
Improved Detection of Low-Profile Probes and Denial-of-Service Attacks* William W. Streilein Rob K. Cunningham, Seth E. Webster Workshop on Statistical and Machine Learning Techniques in Computer Intrusion
More informationARTIFICIAL INTELLIGENCE APPROACHES FOR INTRUSION DETECTION.
ARTIFICIAL INTELLIGENCE APPROACHES FOR INTRUSION DETECTION. Dima Novikov (Rochester Institute of Technology, Rochester, NY, dima.novikov@gmail.com), Roman V. Yampolskiy (University at Bufalo, Buffalo,
More informationLearning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks (Technical Report CS )
Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks (Technical Report CS-2002-06) Matthew V. Mahoney and Philip K. Chan Department of Computer Sciences Florida Institute
More informationAnomaly Intrusion Detection System using Hamming Network Approach
International Journal of Computer Science & Communication Anomaly Intrusion Detection System using Hamming Network Approach 1 Muna M. Taher Jawhar & 2 Monica Mehrotra Department of Computer Science, Jamia
More informationHybrid Modular Approach for Anomaly Detection
Hybrid Modular Approach for Anomaly Detection A.Laxmi Kanth Associate Professor, M.Tech (IT) Sri Indu College of Engineering & Technology, Sheriguda, IBP. Suresh Yadav Assistant Professor, (M.Tech),B.Tech,
More informationRoshni Suryawanshi M.Tech Student, Comp. Science India. Santosh Kushwaha HOD, Computer Science, India
Volume 6, Issue 7, July 2016 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Intrusion Detection
More informationDetection of DDoS Attack on the Client Side Using Support Vector Machine
Detection of DDoS Attack on the Client Side Using Support Vector Machine Donghoon Kim * and Ki Young Lee** *Department of Information and Telecommunication Engineering, Incheon National University, Incheon,
More informationPerformance Analysis of Big Data Intrusion Detection System over Random Forest Algorithm
Performance Analysis of Big Data Intrusion Detection System over Random Forest Algorithm Alaa Abd Ali Hadi Al-Furat Al-Awsat Technical University, Iraq. alaaalihadi@gmail.com Abstract The Internet has
More informationThe Caspian Sea Journal ISSN: A Study on Improvement of Intrusion Detection Systems in Computer Networks via GNMF Method
Available online at http://www.csjonline.org/ The Caspian Sea Journal ISSN: 1578-7899 Volume 10, Issue 1, Supplement 4 (2016) 456-461 A Study on Improvement of Intrusion Detection Systems in Computer Networks
More informationPacket Capture. Using the Debug Facility. Information About Using the Debug Facility
Using the Debug Facility, page 1 Configuring Wireless Sniffing, page 6 Using the Debug Facility Information About Using the Debug Facility The debug facility enables you to display all packets going to
More informationA Discriminatory Model of Self and Nonself Network Traffic
International Journal of Networks and Communications 2013, 3(3): 81-90 DOI: 10.5923/j.ijnc.20130303.02 A Discriminatory Model of Self and Nonself Network Traffic Adetunmbi A. O, Olubadeji Bukky, Alese
More informationNetwork Safety Policy Research for Analyzing Static and Dynamic Traffic Volume on the Basis of Data Mining
Send Orders for Reprints to reprints@benthamscience.ae The Open Electrical & Electronic Engineering Journal, 2014, 8, 787-795 787 Open Access Network Safety Policy Research for Analyzing Static and Dynamic
More informationA COMPARATIVE STUDY OF DATA MINING ALGORITHMS FOR NETWORK INTRUSION DETECTION IN THE PRESENCE OF POOR QUALITY DATA (complete-paper)
A COMPARATIVE STUDY OF DATA MINING ALGORITHMS FOR NETWORK INTRUSION DETECTION IN THE PRESENCE OF POOR QUALITY DATA (complete-paper) Eitel J.M. Lauría Marist College Eitel.Lauria@Marist.edu Giri K. Tayi
More informationIntrusion Detection System Based on K-Star Classifier and Feature Set Reduction
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 15, Issue 5 (Nov. - Dec. 2013), PP 107-112 Intrusion Detection System Based on K-Star Classifier and Feature
More informationBayesian Learning Networks Approach to Cybercrime Detection
Bayesian Learning Networks Approach to Cybercrime Detection N S ABOUZAKHAR, A GANI and G MANSON The Centre for Mobile Communications Research (C4MCR), University of Sheffield, Sheffield Regent Court, 211
More informationDetermining the Number of Hidden Neurons in a Multi Layer Feed Forward Neural Network
Determining the Number of Hidden Neurons in a Multi Layer Feed Forward Neural Network Lynn Ray University of Maryland University College 3501 University Blvd East Adelphi, MD 20783. USA ABSTRACT: A neural
More informationAnomaly Detection of Network Traffic Based on Analytical Discrete Wavelet Transform. Author : Marius SALAGEAN, Ioana FIROIU 10 JUNE /06/10
Anomaly Detection of Network Traffic Based on Analytical Discrete Transform Author : Marius SALAGEAN, Ioana FIROIU 10 JUNE 2010 1 10/06/10 Introduction MAIN OBJECTIVES : -a new detection mechanism of network
More informationAnomaly Intrusion Detection System Using Information Theory, K-NN and KMC Algorithms
Australian Journal of Basic and Applied Sciences, 3(3): 2581-2597, 2009 ISSN 1991-8178 Anomaly Intrusion Detection System Using Information Theory, K-NN and KMC Algorithms Hossein M. Shirazi Malek-Ashtar
More informationIntrusion Detection System based on Enhanced PLS Feature Extraction with Hybrid classification Method
Intrusion Detection System based on Enhanced PLS Feature Extraction with Hybrid classification Method 1 S.M.Kannathal, 1 PG Scholar Department of Computer Science and Engineering, Avinashilingam Institute
More informationAnomaly Detection for Application Level Network Attacks Using Payload Keywords
Anomaly Detection for Application Level Network Attacks Using Payload Keywords Like Zhang, Gregory B. White Department of Computer Science University of Texas at San Antonio San Antonio, Texas 78249 USA
More informationA Network Intrusion Detection System Architecture Based on Snort and. Computational Intelligence
2nd International Conference on Electronics, Network and Computer Engineering (ICENCE 206) A Network Intrusion Detection System Architecture Based on Snort and Computational Intelligence Tao Liu, a, Da
More informationMCA-based DoS attack detection system using principle of anomaly based detection in attack recognition.
MCA-based DoS attack detection system using principle of anomaly based detection in attack recognition. Mohd Ayaz Uddin Associate Professor Department of IT Nawab Shah Alam Khan College of Engineering
More informationNovel Intrusion Detection using Probabilistic Neural Network and Adaptive Boosting
This work is licensed under a Creative Commons Attribution 3.0 License: http://creativecommons.org/licenses/by/3.0 (IJCSIS) International Journal of Computer Science and Information Security, Novel Intrusion
More informationImportant Roles Of Data Mining Techniques For Anomaly Intrusion Detection System
Important Roles Of Data Mining Techniques For Anomaly Intrusion Detection System Phyu Thi Htun and Kyaw Thet Khaing Abstract Today, there are so many information interchanges are performed in that internet
More informationPERFORMANCE EVALUATION OF DIFFERENT KERNELS FOR SUPPORT VECTOR MACHINE USED IN INTRUSION DETECTION SYSTEM
PERFORMANCE EVALUATION OF DIFFERENT KERNELS FOR SUPPORT VECTOR MACHINE USED IN INTRUSION DETECTION SYSTEM Md. Al Mehedi Hasan 1, Shuxiang Xu 2, Mir Md. Jahangir Kabir 2 and Shamim Ahmad 1 1 Department
More informationDIMENSIONALITY REDUCTION FOR DENIAL OF SERVICE DETECTION PROBLEMS USING RBFNN OUTPUT SENSITIVITY
Proceedings of the Second International Conference on Machine Learning and Cybernetics, Wan, 2-5 November 2003 DIMENSIONALITY REDUCTION FOR DENIAL OF SERVICE DETECTION PROBLEMS USING RBFNN OUTPUT SENSITIVITY
More information