Journal ArticleDOI
Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system
TLDR
A multi-level hybrid intrusion detection model that uses support vector machine and extreme learning machine to improve the efficiency of detecting known and unknown attacks and a modified K-means algorithm is proposed to build a high-quality training dataset that contributes significantly to improving the performance of classifiers.Abstract:
Reduction the 10%KDD training dataset up to 99.8% by using modified K-means.New high quality training datasets are constructed for training SVM and ELM.Multi-level model is proposed to improve the performance of detection accuracy.Improve the detection rate of DoS, U2R and R2L attacks.Overall accuracy of 95.75% is achieved with whole Corrected KDD dataset. Intrusion detection has become essential to network security because of the increasing connectivity between computers. Several intrusion detection systems have been developed to protect networks using different statistical methods and machine learning techniques. This study aims to design a model that deals with real intrusion detection problems in data analysis and classify network data into normal and abnormal behaviors. This study proposes a multi-level hybrid intrusion detection model that uses support vector machine and extreme learning machine to improve the efficiency of detecting known and unknown attacks. A modified K-means algorithm is also proposed to build a high-quality training dataset that contributes significantly to improving the performance of classifiers. The modified K-means is used to build new small training datasets representing the entire original training dataset, significantly reduce the training time of classifiers, and improve the performance of intrusion detection system. The popular KDD Cup 1999 dataset is used to evaluate the proposed model. Compared with other methods based on the same dataset, the proposed model shows high efficiency in attack detection, and its accuracy (95.75%) is the best performance thus far.read more
Citations
More filters
Journal ArticleDOI
Internet of Things: A survey on machine learning-based intrusion detection approaches
Kelton A. P. Costa,João Paulo Papa,Celso O. Lisboa,Roberto Munoz,Victor Hugo C. de Albuquerque +4 more
TL;DR: Recent and in-depth research of relevant works that deal with several intelligent techniques and their applied intrusion detection architectures in computer networks with emphasis on the Internet of Things and machine learning are aimed at.
Journal ArticleDOI
Deep Learning Approach Combining Sparse Autoencoder With SVM for Network Intrusion Detection
TL;DR: The proposed STL-IDS approach improves network intrusion detection and provides a new research method for intrusion detection, and has accelerated SVM training and testing times and performed better than most of the previous approaches in terms of performance metrics in binary and multiclass classification.
Journal ArticleDOI
A comprehensive survey on network anomaly detection
Gilberto Fernandes,Joel J. P. C. Rodrigues,Luiz F. Carvalho,Jalal Al-Muhtadi,Mario Lemes Proença +4 more
TL;DR: The main objective is to review the most important aspects pertaining to anomaly detection, covering an overview of a background analysis as well as a core study on the most relevant techniques, methods, and systems within the area.
Journal ArticleDOI
Hybrid Deep-Learning-Based Anomaly Detection Scheme for Suspicious Flow Detection in SDN: A Social Multimedia Perspective
TL;DR: A hybrid deep-learning-based anomaly detection scheme for suspicious flow detection in the context of social multimedia is proposed to enhance the reliability of the software-defined networks (SDN).
Journal ArticleDOI
Network Anomaly Detection System using Genetic Algorithm and Fuzzy Logic
Anderson H. Hamamoto,Luiz F. Carvalho,Lucas Dias Hiera Sampaio,Taufik Abro,Mario Lemes Proena +4 more
TL;DR: It is proposed an expert system with the capability to monitor the networks traffic with IP flows while expected behaviors are generated in a regular time interval basis, issuing alarms when a possible problem is present, and achieves higher performance compared to several other approaches.
References
More filters
Proceedings ArticleDOI
k-means++: the advantages of careful seeding
TL;DR: By augmenting k-means with a very simple, randomized seeding technique, this work obtains an algorithm that is Θ(logk)-competitive with the optimal clustering.
A Practical Guide to Support Vector Classication
TL;DR: A simple procedure is proposed, which usually gives reasonable results and is suitable for beginners who are not familiar with SVM.
Journal ArticleDOI
Extreme Learning Machine for Regression and Multiclass Classification
TL;DR: ELM provides a unified learning platform with a widespread type of feature mappings and can be applied in regression and multiclass classification applications directly and in theory, ELM can approximate any target continuous function and classify any disjoint regions.
Proceedings ArticleDOI
Extreme learning machine: a new learning scheme of feedforward neural networks
TL;DR: A new learning algorithm called extreme learning machine (ELM) for single-hidden layer feedforward neural networks (SLFNs) which randomly chooses the input weights and analytically determines the output weights of SLFNs is proposed.
Proceedings Article
Snort - Lightweight Intrusion Detection for Networks
TL;DR: Snort provides a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected.
Related Papers (5)
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection
Anna L. Buczak,Erhan Guven +1 more