Skip to main content

2020 | OriginalPaper | Buchkapitel

A Detailed Analysis of Using Supervised Machine Learning for Intrusion Detection

verfasst von : Ahmed Ahmim, Mohamed Amine Ferrag, Leandros Maglaras, Makhlouf Derdour, Helge Janicke

Erschienen in: Strategic Innovative Marketing and Tourism

Verlag: Springer International Publishing

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Machine learning is more and more used in various fields of the industry, which go from the self driving car to the computer security. Nowadays, with the huge network traffic, machine learning represents the miracle solution to deal with network traffic analysis and intrusion detection problems. Intrusion Detection Systems can be used as a part of a holistic security framework in different critical sectors like oil and gas industry, traffic management, water sewage, transportation, tourism and digital infrastructure. In this paper, we provide a comparative study between twelve supervised machine learning methods. This comparative study aims to exhibit the best machine learning methods relative to the classification of network traffic in specific type of attack or benign traffic, category of attack or benign traffic and attack or benign. CICIDS’2017 is used as data-set to perform our experiments, with Random Forest, Jrip, J48 showing better performance.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Maglaras LA, Drivas G, Noou K, Rallis S (2018) Nis directive: the case of Greece. ICST Trans Secur Saf 4:e1CrossRef Maglaras LA, Drivas G, Noou K, Rallis S (2018) Nis directive: the case of Greece. ICST Trans Secur Saf 4:e1CrossRef
2.
Zurück zum Zitat Seker E, Ozbenli HH (2018) The concept of cyber defence exercises (cdx): planning, execution, evaluation. In: 2018 international conference on cyber security and protection of digital services (Cyber Security). IEEE, Piscataway, pp 1–9 Seker E, Ozbenli HH (2018) The concept of cyber defence exercises (cdx): planning, execution, evaluation. In: 2018 international conference on cyber security and protection of digital services (Cyber Security). IEEE, Piscataway, pp 1–9
3.
Zurück zum Zitat Bianco LJ (2016) The inherent weaknesses in industrial control systems devices; hacking and defending SCADA systems. Ph.D. thesis, Utica College Bianco LJ (2016) The inherent weaknesses in industrial control systems devices; hacking and defending SCADA systems. Ph.D. thesis, Utica College
4.
Zurück zum Zitat Kovanen T, Nuojua V, Lehto M (2018) Cyber threat landscape in energy sector. In: ICCWS 2018 13th international conference on cyber warfare and security. Academic Conferences and Publishing Limited, Reading, p 353 Kovanen T, Nuojua V, Lehto M (2018) Cyber threat landscape in energy sector. In: ICCWS 2018 13th international conference on cyber warfare and security. Academic Conferences and Publishing Limited, Reading, p 353
5.
Zurück zum Zitat Smith R (2018) Russian hackers reach us utility control rooms, homeland security officials say. Wall Street J 23 Smith R (2018) Russian hackers reach us utility control rooms, homeland security officials say. Wall Street J 23
7.
Zurück zum Zitat Sharafaldin I, Habibi Lashkari A, Ghorbani AA (2018) Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th international conference on information systems security and privacy, pp 108–116 Sharafaldin I, Habibi Lashkari A, Ghorbani AA (2018) Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th international conference on information systems security and privacy, pp 108–116
8.
Zurück zum Zitat Quinlan JR (1992) C4.5: programs for machine learning, vol 1. Morgan Kaufmann, San Mateo Quinlan JR (1992) C4.5: programs for machine learning, vol 1. Morgan Kaufmann, San Mateo
9.
Zurück zum Zitat Adnan MN, Islam MZ (2017) Forest pa: constructing a decision forest by penalizing attributes used in previous trees. Expert Syst Appl 89:389–403CrossRef Adnan MN, Islam MZ (2017) Forest pa: constructing a decision forest by penalizing attributes used in previous trees. Expert Syst Appl 89:389–403CrossRef
11.
Zurück zum Zitat Frank E, Witten IH (1999) Reduced-error pruning with significance tests Frank E, Witten IH (1999) Reduced-error pruning with significance tests
12.
Zurück zum Zitat Cohen WW (1995) Fast effective rule induction. In: Machine learning proceedings 1995. Elsevier, Amsterdam, pp 115–123CrossRef Cohen WW (1995) Fast effective rule induction. In: Machine learning proceedings 1995. Elsevier, Amsterdam, pp 115–123CrossRef
13.
Zurück zum Zitat Hühn J, Hüllermeier E (2009) Furia: an algorithm for unordered fuzzy rule induction. Data Min Knowl Discov 19:293–319CrossRef Hühn J, Hüllermeier E (2009) Furia: an algorithm for unordered fuzzy rule induction. Data Min Knowl Discov 19:293–319CrossRef
14.
Zurück zum Zitat Witten IH, Frank E, Hall MA, Pal CJ (2016) Data mining: practical machine learning tools and techniques. Morgan Kaufmann, San Mateo Witten IH, Frank E, Hall MA, Pal CJ (2016) Data mining: practical machine learning tools and techniques. Morgan Kaufmann, San Mateo
15.
Zurück zum Zitat Bishop CM (1996) Neural networks: a pattern recognition perspective Bishop CM (1996) Neural networks: a pattern recognition perspective
16.
Zurück zum Zitat Bugmann G (1998) Normalized Gaussian radial basis function networks. Neurocomputing 20:97–110CrossRef Bugmann G (1998) Normalized Gaussian radial basis function networks. Neurocomputing 20:97–110CrossRef
17.
Zurück zum Zitat Chang C-C, Lin C-J (2011) Libsvm: a library for support vector machines. ACM Trans Intell Syst Technol 2:27CrossRef Chang C-C, Lin C-J (2011) Libsvm: a library for support vector machines. ACM Trans Intell Syst Technol 2:27CrossRef
18.
Zurück zum Zitat Platt J (1998) Sequential minimal optimization: a fast algorithm for training support vector machines Platt J (1998) Sequential minimal optimization: a fast algorithm for training support vector machines
19.
Zurück zum Zitat John GH, Langley P (1995) Estimating continuous distributions in Bayesian classifiers. In: Eleventh conference on uncertainty in artificial intelligence. Morgan Kaufmann, San Mateo, pp 338–345 John GH, Langley P (1995) Estimating continuous distributions in Bayesian classifiers. In: Eleventh conference on uncertainty in artificial intelligence. Morgan Kaufmann, San Mateo, pp 338–345
Metadaten
Titel
A Detailed Analysis of Using Supervised Machine Learning for Intrusion Detection
verfasst von
Ahmed Ahmim
Mohamed Amine Ferrag
Leandros Maglaras
Makhlouf Derdour
Helge Janicke
Copyright-Jahr
2020
DOI
https://doi.org/10.1007/978-3-030-36126-6_70