Abstract

Rapid development in the network infrastructure has resulted in sophisticated attacks which are hard to detect using typical network intrusion detection systems (NIDS). There is a strong need for efficient NIDS to detect these known attacks along with ever-emerging zero-day exploits. Existing NIDS are more focused on detecting known attacks using supervised machine learning approaches, achieving better performance for known attacks but poor detection of unknown attacks. Many NIDS have utilized the unsupervised approach, which results in better detection of unknown anomalies. In this paper, we proposed a Hybrid NIDS based on Semisupervised One-Class Support Vector Machine (OC-SVM) and Supervised Random Forest (RF) algorithms. This detection system has several stages. The First stage is based on OC-SVM, which filters benign and malicious traffic. The next stages use many parallel supervised models and an additional OC-SVM model to separate known and unknown attacks from malicious traffic. The previous process is done so that known attacks are classified by their type, and unknown attacks are detected. The proposed NIDS is tested on the standard public dataset CSE-CIC-IDS-2018. The evaluation results show that the system achieves a high accuracy, 99.45%, for detecting known attacks. Our proposed NIDS achieves an accuracy of 93.99% for unknown or zero-day attacks. The overall accuracy of the proposed NIDS is 95.95%. The system significantly improves the detection of known and unknown anomalies using a hybrid approach.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.