Comparison of Machine learning algorithms in Anomaly detection

Article Sidebar

PDF
Published: Jun 24, 2017
DOI: https://doi.org/10.26483/ijarcs.v8i5.3614
Keywords:
Machine learning, Support vector machine, Multilayer perceptron, Anomaly detection, Intrusion detection system

Main Article Content

Gunseerat Kaur
Central University of Punjab
http://orcid.org/0000-0003-1577-9566

Abstract

The presence of threats in networks requires to strengthen the procedure of intrusion detection, with evolving threats, better threat recognition is required. In order to secure the networks and detect the attacks at various sub-levels, there is a keen interest in implementing an efficient machine learning methodology to seek the malignant from benign. Anomaly detection, supervised or unsupervised deals to handle the perturbations from the normal network, indicating faults defects and others malicious activities. This paper discusses the use of Support Vector Machine and multilayer perceptron to detect anomalies over network traffic.

Downloads

Download data is not yet available.

Article Details

Issue
Vol. 8 No. 5 (2017): May-June 2017
Section
Articles

COPYRIGHT

Submission of a manuscript implies: that the work described has not been published before, that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication, the authors agree to automatic transfer of the copyright to the publisher.

Authors who publish with this journal agree to the following terms:

  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work
  • The journal allows the author(s) to retain publishing rights without restrictions.
  • The journal allows the author(s) to hold the copyright without restrictions.

References

L. Bilge, T. Strufe, D. Balzarotti, E. Kirda, and S. Antipolis, “All Your Contacts Are Belong to Us : Automated Identity Theft Attacks on Social Networks,†in Proceedings of the 18th international conference on World wide web, 2009, pp. 551–560.

T. Rid and B. E. N. Buchanan, “Attributing Cyber Attacks,†J. Strateg. Stud., vol. 0, no. 0, pp. 1–34, 2014.

R. Kandhari, V. Chandola, A. Banerjee, V. Kumar, and R. Kandhari, “Anomaly detection,†ACM Comput. Surv., vol. 41, no. 3, pp. 1–6, 2009.

M. V. Mahoney and P. K. Chan, “An Analysis of the 1999 DARPA / Lincoln Laboratory Evaluation Data for Network Anomaly Detection,†Recent Adv. Intrusion Detect., pp. 220–237, 2003.

K. Giotis, G. Androulidakis, and V. Maglaris, “A scalable anomaly detection and mitigation architecture for legacy networks via an OpenFlow middlebox,†Secur. Commun. Networks, vol. 9, no. 13, pp. 1958–1970, 2016.

M. A. Ferrag and A. Ahmim, Security Solutions and Applied Cryptography in Smart Grid Communications. 2017.

D. E. Denning, “An Intrusion-Detection Model,†IEEE Trans. Softw. Eng., vol. SE-13, no. 2, pp. 222–232, Feb. 1987.

Y. Pei, O. R. Zaïane, and Y. Gao, “An efficient reference-based approach to outlier detection in large datasets,†in Proceedings - IEEE International Conference on Data Mining, ICDM, 2006, pp. 478–487.

Y. Zeng, K. G. Shin, and X. Hu, “Design of SMS commanded-and-controlled and P2P-structured mobile botnets,†in Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks - WISEC ’12, 2012, p. 137.

R. R. Northcutt Stephen, Zeltser Lenny, Winters Scott, Kent Karen, Inside Network Perimeter, vol. 1. 2005.

M. Roesch, “Snort: Lightweight Intrusion Detection for Networks.,†LISA ’99 13th Syst. Adm. Conf., pp. 229–238, 1999.

Suricata, “Suricata Open Source IDS / IPS / NSM engine,†2015. [Online]. Available: https://suricata-ids.org/. [Accessed: 12-May-2017].

R. Sekar et al., “Specification-based anomaly detection: a new approach for detecting network intrusions,†Proc. 9th ACM Conf. Comput. Commun. Secur., vol. 26, no. 2, pp. 265–274, 2002.

S. Buthpitiya, “Modeling Mobile User Behavior for Anomaly Detection,†2014.

E. B. Beigi, H. H. Jazi, N. Stakhanova, and A. A. Ghorbani, “Towards effective feature selection in machine learning-based botnet detection approaches,†2014 IEEE Conf. Commun. Netw. Secur. CNS 2014, pp. 247–255, 2014.

A. Jayasimhan and J. Gadge, “Anomaly Detection using a Clustering Technique,†Int. J. Appl. Inf. Syst., vol. 2, no. 8, pp. 5–9, 2012.

P. Gogoi, D. K. Bhattacharyya, and J. K. Kalita, “A rough set-based effective rule generation method for classification with an application in intrusion detection,†Int. J. Secur. Networks, vol. 8, no. 2, p. 61, 2013.

S. Omar and H. H. Jebur, “Machine Learning Techniques for Anomaly Detection : An Overview,†Int. J. Comput. Appl., vol. 79, no. 2, pp. 33–41, 2013.

M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the KDD CUP 99 data set,†IEEE Symp. Comput. Intell. Secur. Def. Appl. CISDA 2009, no. Cisda, pp. 1–6, 2009.

H. Chae, B. Jo, S. Choi, and T. Park, “Feature Selection for Intrusion Detection using NSL-KDD,†Recent Adv. Comput. Sci. 20132, pp. 184–187, 2013.

N. Görnitz and K. Rieck, “Toward Supervised Anomaly Detection,†J. Artif. Intell. Res., vol. 46, no. 4, pp. 235–262, 2013.

P. Evans, “Scaling and assessment of data quality,†in Acta Crystallographica Section D: Biological Crystallography, 2006, vol. 62, no. 1, pp. 72–82.

D. Meyer, “Support Vector Machines,†cran-project.org, 2015. .

R. Tadeusiewicz, “Neural networks: A comprehensive foundation,†Control Eng. Pract., vol. 3, no. 5, pp. 746–747, 1995.