Abdur Rahman Onik

Bio: Abdur Rahman Onik is an academic researcher from Ahsanullah University of Science and Technology. The author has contributed to research in topics: Feature selection & Bayesian network. The author has an hindex of 5, co-authored 6 publications receiving 150 citations.

Application of Machine Learning Approaches in Intrusion Detection System: A Survey

Abstract: Network security is one of the major concerns of the modern era. With the rapid development and massive usage of internet over the past decade, the vulnerabilities of network security have become an important issue. Intrusion detection system is used to identify unauthorized access and unusual attacks over the secured networks. Over the past years, many studies have been conducted on the intrusion detection system. However, in order to understand the current status of implementation of machine learning techniques for solving the intrusion detection problems this survey paper enlisted the 49 related studies in the time frame between 2009 and 2014 focusing on the architecture of the single, hybrid and ensemble classifier design. This survey paper also includes a statistical comparison of classifier algorithms, datasets being used and some other experimental setups as well as consideration of feature selection step.

A Network Intrusion Detection Framework based on Bayesian Network using Wrapper Approach

Abstract: Increasing internet usage and connectivity demands a network intrusion detection system combating cynical network attacks. Data mining therefore is a popular technique used by intrusion detection system to prevent the network attacks and classify the network events as either normal or attack. Our research study presents a wrapper approach for intrusion detection. In this framework Feature selection technique eliminate the irrelevant features to reduce the time complexity and build a better model to predict the result with a greater accuracy and Bayesian network works as a base classifier to predict the types of attack. Our experiment shows that the proposed framework exhibits a superior overall performance in terms of accuracy which is 98.2653 , error rate of 1.73 and keeps the false positive rate at a lower rate of 0.007. Our model performed better than other leading state-of-the-arts models such as KNN, Boosted DT, Hidden NB and Markov chain. The NSL-KDD is used as benchmark data set with Weka library functions in the experimental setup. General Terms Pattern Recognition. Intrusion detection system, Data Mining

An ensemble framework of anomaly detection using hybridized feature selection approach (HFSA)

Abstract: Rapid growth and popularity of internet has re-emphasized the significance of the intrusion detection system in network security. To overcome the vulnerabilities of network security researchers have come up with different frameworks of intrusion detection system using data mining. Feature selection is a significant method to develop a time and cost effective intrusion detection system. The time consumption in building up the classifiers model enhances the efficiency of the system. This work conducted on the analysis of some approaches of intrusion detection using some machine learning methods with wrapper approaches, which is a type of feature selection methodology. Our paper mainly focuses on the classification preciseness of 3 different classifiers using the minimal amount of features selected by three different wrapper search methods on the well-known public type NSL-KDD dataset and showing the comparisons among them. The 3 basic classifiers are Bayesian Network, Naive Bayes and J48. Best First, Genetic Search and Rank Search have been used as the wrapper search methods. The study proposed an ensemble type of a classification model with a hybrid feature selection method based on the research framework. By using the hybrid feature selection method 12 critical features are chosen and with the combination of basic classifiers, a reliable model is developed to differentiate normal and anomaly. Moreover, the result shows a convenient false positive rate of 0.021. Experiment showed that our proposed ensemble approach showed better result than Naive Bayes, Bayesian Network and J48 classifier. Experiments have been conducted on the NSL-KDD dataset using WEKA 3.6 library functions.

An Analytical Comparison on Filter Feature Extraction Method in Data Mining using J48 Classifier

Abstract: feature selection approach provides improved prediction and minimizes the computation time. Due to the higher numbers of features the understanding of the data in pattern recognition becomes difficult sometimes. That's why researchers have used different feature selection techniques with the single classifiers in their intrusion detection system to build up a model which gives a better accuracy and prediction performance. In this paper, we provide a comparative analysis with the feature selection approach in WEKA machine learning tool using the J48 classifier. The research work show the comparison of the performance of single J48 classifier with filter methods. The prediction performance may differ marginally in some cases but with the removal of irrelevant features time complexity can be easily ignored and a better prediction rate is guaranteed.

Cross-breed type Bayesian network based intrusion detection system (CBNIDS)

Abstract: Modern day internet is victimizer of the cynical network attacks due to excessive usage and massive connectivity demands. Machine learning is an efficient approach to prevent the intrusion and classify the network attacks. This study highlights the combined power of filter approaches in intrusion detection framework. Feature selection technique removes the redundant features and builds a time consuming better-performed intrusion detector framework. This study presents a cross-breed type feature selection approach using duo filter schemes for intrusion detection. In this framework feature selection technique eliminate the irrelevant features to reduce the time complexity and build a better model to predict the result with a greater accuracy and Bayesian network based classification model has been built up to predict the types of attacks. The experiment shows that the proposed framework exhibits a superior overall performance in terms of accuracy which is 97.2746% and keeps the false positive rate at a lower rate of 0.008. The model shows better performance in terms of accuracy than other leading state-of-the-arts frameworks like Boosted DT, Hidden NB, KNN and Markov chain. The NSL-KDD is used as benchmark data set with Weka library functions in the experimental setup.

Machine learning

Abstract: Machine Learning is the study of methods for programming computers to learn. Computers are applied to a wide range of tasks, and for most of these it is relatively easy for programmers to design and implement the necessary software. However, there are many tasks for which this is difficult or impossible. These can be divided into four general categories. First, there are problems for which there exist no human experts. For example, in modern automated manufacturing facilities, there is a need to predict machine failures before they occur by analyzing sensor readings. Because the machines are new, there are no human experts who can be interviewed by a programmer to provide the knowledge necessary to build a computer system. A machine learning system can study recorded data and subsequent machine failures and learn prediction rules. Second, there are problems where human experts exist, but where they are unable to explain their expertise. This is the case in many perceptual tasks, such as speech recognition, hand-writing recognition, and natural language understanding. Virtually all humans exhibit expert-level abilities on these tasks, but none of them can describe the detailed steps that they follow as they perform them. Fortunately, humans can provide machines with examples of the inputs and correct outputs for these tasks, so machine learning algorithms can learn to map the inputs to the outputs. Third, there are problems where phenomena are changing rapidly. In finance, for example, people would like to predict the future behavior of the stock market, of consumer purchases, or of exchange rates. These behaviors change frequently, so that even if a programmer could construct a good predictive computer program, it would need to be rewritten frequently. A learning program can relieve the programmer of this burden by constantly modifying and tuning a set of learned prediction rules. Fourth, there are applications that need to be customized for each computer user separately. Consider, for example, a program to filter unwanted electronic mail messages. Different users will need different filters. It is unreasonable to expect each user to program his or her own rules, and it is infeasible to provide every user with a software engineer to keep the rules up-to-date. A machine learning system can learn which mail messages the user rejects and maintain the filtering rules automatically. Machine learning addresses many of the same research questions as the fields of statistics, data mining, and psychology, but with differences of emphasis. Statistics focuses on understanding the phenomena that have generated the data, often with the goal of testing different hypotheses about those phenomena. Data mining seeks to find patterns in the data that are understandable by people. Psychological studies of human learning aspire to understand the mechanisms underlying the various learning behaviors exhibited by people (concept learning, skill acquisition, strategy change, etc.).

A Detailed Investigation and Analysis of Using Machine Learning Techniques for Intrusion Detection

Abstract: Intrusion detection is one of the important security problems in todays cyber world. A significant number of techniques have been developed which are based on machine learning approaches. However, they are not very successful in identifying all types of intrusions. In this paper, a detailed investigation and analysis of various machine learning techniques have been carried out for finding the cause of problems associated with various machine learning techniques in detecting intrusive activities. Attack classification and mapping of the attack features is provided corresponding to each attack. Issues which are related to detecting low-frequency attacks using network attack dataset are also discussed and viable methods are suggested for improvement. Machine learning techniques have been analyzed and compared in terms of their detection capability for detecting the various category of attacks. Limitations associated with each category of them are also discussed. Various data mining tools for machine learning have also been included in the paper. At the end, future directions are provided for attack detection using machine learning techniques.

Shallow and Deep Networks Intrusion Detection System: A Taxonomy and Survey

Abstract: Intrusion detection has attracted a considerable interest from researchers and industries. The community, after many years of research, still faces the problem of building reliable and efficient IDS that are capable of handling large quantities of data, with changing patterns in real time situations. The work presented in this manuscript classifies intrusion detection systems (IDS). Moreover, a taxonomy and survey of shallow and deep networks intrusion detection systems is presented based on previous and current works. This taxonomy and survey reviews machine learning techniques and their performance in detecting anomalies. Feature selection which influences the effectiveness of machine learning (ML) IDS is discussed to explain the role of feature selection in the classification and training phase of ML IDS. Finally, a discussion of the false and true positive alarm rates is presented to help researchers model reliable and efficient machine learning based intrusion detection systems.

Unsupervised Machine Learning for Networking: Techniques, Applications and Research Challenges

Abstract: While machine learning and artificial intelligence have long been applied in networking research, the bulk of such works has focused on supervised learning. Recently, there has been a rising trend of employing unsupervised machine learning using unstructured raw network data to improve network performance and provide services, such as traffic engineering, anomaly detection, Internet traffic classification, and quality of service optimization. The growing interest in applying unsupervised learning techniques in networking stems from their great success in other fields, such as computer vision, natural language processing, speech recognition, and optimal control (e.g., for developing autonomous self-driving cars). In addition, unsupervised learning can unconstrain us from the need for labeled data and manual handcrafted feature engineering, thereby facilitating flexible, general, and automated methods of machine learning. The focus of this survey paper is to provide an overview of applications of unsupervised learning in the domain of networking. We provide a comprehensive survey highlighting recent advancements in unsupervised learning techniques, and describe their applications in various learning tasks, in the context of networking. We also provide a discussion on future directions and open research issues, while identifying potential pitfalls. While a few survey papers focusing on applications of machine learning in networking have previously been published, a survey of similar scope and breadth is missing in the literature. Through this timely review, we aim to advance the current state of knowledge, by carefully synthesizing insights from previous survey papers, while providing contemporary coverage of the recent advances and innovations.