A Hybrid Approach for Network Intrusion Detection

Mavra Mehmood,Talha Javed,Giridhar Reddy Bojja,Rabia Abid,Muhammad Rizwan,Jamel Nebhen,Sidra Abbas

doi:10.32604/cmc.2022.019127

Abstract

Due to the widespread use of the internet and smart devices, various attacks like intrusion, zero-day, Malware, and security breaches are a constant threat to any organization's network infrastructure. Thus, a Network Intrusion Detection System (NIDS) is required to detect attacks in network traffic. This paper proposes a new hybrid method for intrusion detection and attack categorization. The proposed approach comprises three steps to address high false and low false-negative rates for intrusion detection and attack categorization. In the first step, the dataset is preprocessed through the data transformation technique and min-max method. Secondly, the random forest recursive feature elimination method is applied to identify optimal features that positively impact the model's performance. Next, we use various Support Vector Machine (SVM) types to detect intrusion and the Adaptive Neuro-Fuzzy System (ANFIS) to categorize probe, U2R, R2U, and DDOS attacks. The validation of the proposed method is calculated through Fine Gaussian SVM (FGSVM), which is 99.3% for the binary class. Mean Square Error (MSE) is reported as 0.084964 for training data, 0.0855203 for testing, and 0.084964 to validate multiclass categorization.

Highlights

Due to deep integration between the world and the internet, the network framework always experiences various kinds of attacks
This paper proposes a new hybrid method for intrusion detection and attack categorization
Fine Gaussian SVM (FGSVM) is used to classify the NSLKDD dataset into two classes normal class and attack class

Summary

Introduction

Due to deep integration between the world and the internet, the network framework always experiences various kinds of attacks. Identification of these attacks is a technical issue and currently the area of concern these days. The purpose of NIDS is to identify an intrusion on networks. They detect misuse of attempts either by a legal person or by third parties [4]. Break-in security vulnerabilities, misuse of the system are attacks that the IDS can identify [5,6,7,8,9]. IDS is a classification problem to detect the behavior of data, either it is

Objectives

Results

Conclusion