Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization
Iman Sharafaldin,Arash Habibi Lashkari,Ali A. Ghorbani +2 more
- pp 108-116
Reads0
Chats0
TLDR
A reliable dataset is produced that contains benign and seven common attack network flows, which meets real world criteria and is publicly avaliable and evaluates the performance of a comprehensive set of network traffic features and machine learning algorithms to indicate the best set of features for detecting the certain attack categories.Abstract:
With exponential growth in the size of computer networks and developed applications, the significant increasing of the potential damage that can be caused by launching attacks is becoming obvious. Meanwhile, Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs) are one of the most important defense tools against the sophisticated and ever-growing network attacks. Due to the lack of adequate dataset, anomaly-based approaches in intrusion detection systems are suffering from accurate deployment, analysis and evaluation. There exist a number of such datasets such as DARPA98, KDD99, ISC2012, and ADFA13 that have been used by the researchers to evaluate the performance of their proposed intrusion detection and intrusion prevention approaches. Based on our study over eleven available datasets since 1998, many such datasets are out of date and unreliable to use. Some of these datasets suffer from lack of traffic diversity and volumes, some of them do not cover the variety of attacks, while others anonymized packet information and payload which cannot reflect the current trends, or they lack feature set and metadata. This paper produces a reliable dataset that contains benign and seven common attack network flows, which meets real world criteria and is publicly avaliable. Consequently, the paper evaluates the performance of a comprehensive set of network traffic features and machine learning algorithms to indicate the best set of features for detecting the certain attack categories.read more
Citations
More filters
Journal ArticleDOI
FELIDS: Federated learning-based intrusion detection system for agricultural Internet of Things
Othmane Friha,Mohamed Amine Ferrag,Lei Shu,Leandros A. Maglaras,Kim-Kwang Raymond Choo,M. Nafaa +5 more
TL;DR: Li et al. as mentioned in this paper proposed a federated learning-based intrusion detection system for securing agricultural-IoT infrastructures, where devices benefit from the knowledge of their peers by sharing only updates from their model with an aggregation server that produces an improved detection model.
Journal ArticleDOI
Online DDoS attack detection using Mahalanobis distance and Kernel-based learning algorithm
Salva Daneshgadeh Çakmakçı,Salva Daneshgadeh Çakmakçı,Thomas Kemmerich,Tarem Ahmed,Nazife Baykal +4 more
TL;DR: An online, sequential, DDoS detection scheme that is suitable for use with multivariate data and outperforms almost all available DDoS classification algorithms with an offline learning process is proposed.
Proceedings ArticleDOI
Evaluating the effectiveness of Adversarial Attacks against Botnet Detectors
TL;DR: A thorough analysis of realistic adversarial attacks performed against network intrusion detection systems that focus on identifying botnet traffic through machine learning classifiers, providing a clear overview of the fragility of state-of-the-art detectors relying on different machine learning algorithms.
Journal ArticleDOI
Adversarial Examples Detection for XSS Attacks Based on Generative Adversarial Networks
TL;DR: An MCTS-T algorithm for generating adversarial examples of cross-site scripting (XSS) attacks based on Monte Carlo tree search (MCTS) algorithm is proposed and a generative adversarial network (GAN) is constructed to optimize the detector and improve the detection rate when dealing with adversarialExamples.
Journal ArticleDOI
Boosting-Based DDoS Detection in Internet of Things Systems
TL;DR: In this article , the authors presented a DDoS traffic detection model that uses a boosting method of logistic model trees for different IoT device classes and demonstrated that the accuracy of their proposed approach is between 99.92% and 99.99% for these four device classes.
References
More filters
Proceedings ArticleDOI
A detailed analysis of the KDD CUP 99 data set
TL;DR: A new data set is proposed, NSL-KDD, which consists of selected records of the complete KDD data set and does not suffer from any of mentioned shortcomings.
Journal ArticleDOI
Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory
TL;DR: The purpose of this article is to attempt to identify the shortcomings of the Lincoln Lab effort in the hope that future efforts of this kind will be placed on a sounder footing.
Journal ArticleDOI
Toward developing a systematic approach to generate benchmark datasets for intrusion detection
TL;DR: The intent for this dataset is to assist various researchers in acquiring datasets of this kind for testing, evaluation, and comparison purposes, through sharing the generated datasets and profiles.
Proceedings ArticleDOI
Characterization of Tor Traffic using Time based Features.
TL;DR: A time analysis on Tor traffic flows is presented, captured between the client and the entry node, to detect the application type: Browsing, Chat, Streaming, Mail, Voip, P2P or File Transfer.
Proceedings ArticleDOI
Generation of a new IDS test dataset: Time to retire the KDD collection
Gideon Creech,Jiankun Hu +1 more
TL;DR: A new publicly available dataset is introduced which is representative of modern attack structure and methodology and is contrasted with the legacy datasets, and the performance difference of commonly used intrusion detection algorithms is highlighted.
Related Papers (5)
UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)
Nour Moustafa,Jill Slay +1 more
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection
Anna L. Buczak,Erhan Guven +1 more
Outside the Closed World: On Using Machine Learning for Network Intrusion Detection
Robin Sommer,Vern Paxson +1 more