Top

Journal of Network and Systems Management

Published in:

01-04-2021

An Intelligent Tree-Based Intrusion Detection Model for Cyber Security

Authors: Mohammad Al-Omari, Majdi Rawashdeh, Fadi Qutaishat, Mohammad Alshira’H, Nedal Ababneh

Published in: Journal of Network and Systems Management | Issue 2/2021

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The widespread use of the Internet of Things and distributed heterogeneous devices has shed light on the implementation of efficient and reliable intrusion detection systems. These systems should be able to efficiently protect data and physical devices from cyber-attacks. However, the huge amount of data with different dimensions and security features can affect the detection accuracy and increase the computation complexity of these systems. Lately, Artificial Intelligence has received significant interest and is now being integrated into these systems to intelligently detect and protect against cyber-attacks. This paper aims to propose an intelligent intrusion detection model to predict and detect attacks in cyberspace. The model is designed based on the concept of Decision Trees, taking into consideration the ranking of the security features. The model is applied to a real dataset for network intrusion detection systems. Moreover, it is validated based on predefined performance evaluation metrics, namely accuracy, precision, recall and Fscore. Meanwhile, the experimental results reveal that our tree-based intrusion detection model can detect and predict cyber-attacks efficiently and reduce the complexity of computation process compared to other traditional machine learning techniques.

previous article Intelligent Secure Networking in In-band Full-duplex Dynamic Access Networks: Spectrum Management and Routing Protocol

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Otoum, S., Kantarci, B., Mouftah, H.: A Comparative Study of AI-based Intrusion Detection Techniques in Critical Infrastructures. arxiv.org. (2020)

Hesselman, C., Grosso, P., Holz, R., Kuipers, F., Xue, J.H., Jonker, M., de Ruiter, J., Sperotto, A., van Rijswijk-Deij, R., Moura, G.C.M., Pras, A., de Laat, C.: A responsible internet to increase trust in the digital world. J. Netw. Syst. Manag. 28, 882–922 (2020). https://doi.org/10.1007/s10922-020-09564-7CrossRef

Tavallaee, M., Stakhanova, N., Ghorbani, A.A.: Toward credible evaluation of anomaly-based intrusion-detection methods. IEEE Trans. Syst. Man Cybern. Part C Appl. Rev. 40, 516–524 (2010). https://doi.org/10.1109/TSMCC.2010.2048428CrossRef

Tapiador, J.E., Orfila, A., Ribagorda, A., Ramos, B.: Key-recovery attacks on KIDS, a keyed anomaly detection system. IEEE Trans. Dependable Secur. Comput. 12, 312–325 (2015). https://doi.org/10.1109/TDSC.2013.39CrossRef

Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutorials 18, 1153–1176 (2016). https://doi.org/10.1109/COMST.2015.2494502CrossRef

Mishra, P., Varadharajan, V., Tupakula, U., Pilli, E.S.: A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun. Surv. Tutorials 21, 686–728 (2019). https://doi.org/10.1109/COMST.2018.2847722CrossRef

Nisioti, A., Mylonas, A., Yoo, P.D., Katos, V.: From intrusion detection to attacker attribution: a comprehensive survey of unsupervised methods. IEEE Commun. Surv. Tutorials 20, 3369–3388 (2018). https://doi.org/10.1109/COMST.2018.2854724CrossRef

Thomas, T., Vijayaraghavan, A.P., Emmanuel, S.: Machine Learning Approaches in Cyber Security Analytics. Springer, Singapore (2019)

Otoum, S., Kantarci, B., Mouftah, H.T.: A novel ensemble method for advanced intrusion detection in wireless sensor networks. In: IEEE International Conference on Communications. Institute of Electrical and Electronics Engineers Inc. (2020)

10.

Al Ridhawi, I., Otoum, S., Aloqaily, M., Boukerche, A.: Generalizing AI: challenges and opportunities for plug and play AI solutions. IEEE Netw. (2020). https://doi.org/10.1109/MNET.011.2000371CrossRef

11.

Ferrag, M.A., Maglaras, L., Moschoyiannis, S., Janicke, H.: Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study. J. Inf. Secur. Appl. 50, 102419 (2020). https://doi.org/10.1016/j.jisa.2019.102419CrossRef

12.

Gumusbas, D., Yldrm, T., Genovese, A., Scotti, F.: A comprehensive survey of databases and deep learning methods for cybersecurity and intrusion detection systems. IEEE Syst. J. (2020). https://doi.org/10.1109/jsyst.2020.2992966CrossRef

13.

Shapoorifard, H., Shamsinejad, P.: Intrusion detection using a novel hybrid method incorporating an improved KNN. Int. J. Comput. Appl. 173, 5–9 (2017). https://doi.org/10.5120/ijca2017914340CrossRef

14.

Ji, S.Y., Choi, S., Jeong, D.H.: Designing an internet traffic predictive model by applying a signal processing method. J. Netw. Syst. Manag. 23, 998–1015 (2015). https://doi.org/10.1007/s10922-014-9335-3CrossRef

15.

Ambusaidi, M.A., He, X., Nanda, P., Tan, Z.: Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans. Comput. 65, 2986–2998 (2016). https://doi.org/10.1109/TC.2016.2519914MathSciNetCrossRefMATH

16.

Amiri, F., Rezaei Yousefi, M., Lucas, C., Shakery, A., Yazdani, N.: Mutual information-based feature selection for intrusion detection systems. J. Netw. Comput. Appl. 34, 1184–1199 (2011). https://doi.org/10.1016/j.jnca.2011.01.002CrossRef

17.

Xin, Y., Kong, L., Liu, Z., Chen, Y., Li, Y., Zhu, H., Gao, M., Hou, H., Wang, C.: Machine learning and deep learning methods for cybersecurity. IEEE Access 6, 35365–35381 (2018). https://doi.org/10.1109/ACCESS.2018.2836950CrossRef

18.

Mahdavifar, S., Ghorbani, A.A.: Application of deep learning to cybersecurity: a survey. Neurocomputing 347, 149–176 (2019). https://doi.org/10.1016/j.neucom.2019.02.056CrossRef

19.

Sultana, N., Chilamkurti, N., Peng, W., Alhadad, R.: Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Netw. Appl. 12, 493–501 (2019). https://doi.org/10.1007/s12083-017-0630-0CrossRef

20.

Kang, M.-J., Kang, J.-W.: Intrusion detection system using deep neural network for in-vehicle network security. PLoS One 11, e0155781 (2016). https://doi.org/10.1371/journal.pone.0155781CrossRef

21.

Feng, F., Liu, X., Yong, B., Zhou, R., Zhou, Q.: Anomaly detection in ad-hoc networks based on deep learning model: a plug and play device. Ad Hoc Netw. 84, 82–89 (2019). https://doi.org/10.1016/j.adhoc.2018.09.014CrossRef

22.

Zhao, G., Zhang, C., Zheng, L.: Intrusion detection using deep belief network and probabilistic neural network. In: Proceedings—2017 IEEE International Conference on Computational Science and Engineering and IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, CSE and EUC 2017, pp. 639–642. Institute of Electrical and Electronics Engineers Inc. (2017)

23.

Mohammadi, S., Mirvaziri, H., Ghazizadeh-Ahsaee, M., Karimipour, H.: Cyber intrusion detection by combined feature selection algorithm. J. Inf. Secur. Appl. 44, 80–88 (2019). https://doi.org/10.1016/j.jisa.2018.11.007CrossRef

24.

Aloqaily, M., Otoum, S., Al Ridhawi, I., Jararweh, Y.: An intrusion detection system for connected vehicles in smart cities. Ad Hoc Netw. 90, 101842 (2019). https://doi.org/10.1016/j.adhoc.2019.02.001CrossRef

25.

Peng, Y., Wu, Z., Jiang, J.: A novel feature selection approach for biomedical data classification. J. Biomed. Inform. 43, 15–23 (2010). https://doi.org/10.1016/j.jbi.2009.07.008CrossRef

26.

Kang, S.H., Kim, K.J.: A feature selection approach to find optimal feature subsets for the network intrusion detection system. Clust. Comput. 19, 325–333 (2016). https://doi.org/10.1007/s10586-015-0527-8CrossRef

27.

Eesa, A.S., Orman, Z., Brifcani, A.M.A.: A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Syst. Appl. 42, 2670–2679 (2015). https://doi.org/10.1016/j.eswa.2014.11.009CrossRef

28.

Ingre, B., Yadav, A., Soni, A.K.: Decision tree based intrusion detection system for NSL-KDD dataset. In: Satapathy S., Joshi A. (eds.) Information and Communication Technology for Intelligent Systems (ICTIS 2017) - Vol. 2, ICTIS 2017. Smart Innovation, Systems and Technologies, pp. 207–218. Springer Science and Business Media Deutschland GmbH (2018)

29.

Moon, D., Im, H., Kim, I., Park, J.H.: DTB-IDS: an intrusion detection system based on decision tree using behavior analysis for preventing APT attacks. J. Supercomput. 73, 2881–2895 (2017). https://doi.org/10.1007/s11227-015-1604-8CrossRef

30.

Sarker, I.H., Colman, A., Han, J., Khan, A.I., Abushark, Y.B., Salah, K.: BehavDT: a behavioral decision tree learning to build user-centric context-aware predictive model. Mob. Netw. Appl. 25, 1151–1161 (2020). https://doi.org/10.1007/s11036-019-01443-zCrossRef

31.

Puthran, S., Shah, K.: Intrusion detection using improved decision tree algorithm with binary and quad split. In: Mueller P., Thampi S., Alam Bhuiyan M., Ko R., Doss R., Alcaraz Calero J. (eds.) Security in Computing and Communications, pp. 427–438. Springer (2016)

32.

Rai, K., Syamala Devi, M., Guleria, A.: Decision tree based algorithm for intrusion detection. Int. J. Adv. Netw. Appl. 7, 2828–2834 (2016)

33.

Sarker, I.H., Abushark, Y.B., Alsolami, F., Khan, A.I.: IntruDTree: a machine learning based cyber security intrusion detection model. Symmetry (Basel) 12, 754 (2020). https://doi.org/10.3390/SYM12050754CrossRef

34.

Kaggle, https://www.kaggle.com (2020). Accessed 24 July 2020

35.

Zheng, A., Casari, A.: Feature Engineering for Machine Learning. O’Reilly Media, Sebastopol (2018)

36.

Han, J., Kamber, M., Pei, J.: Data mining: Concepts and Techniques. Elsevier, Amsterdam (2012)MATH

Title: An Intelligent Tree-Based Intrusion Detection Model for Cyber Security
Authors: Mohammad Al-Omari
Majdi Rawashdeh
Fadi Qutaishat
Mohammad Alshira’H
Nedal Ababneh
Publication date: 01-04-2021
Publisher: Springer US
Published in: Journal of Network and Systems Management / Issue 2/2021
Print ISSN: 1064-7570
Electronic ISSN: 1573-7705
DOI: https://doi.org/10.1007/s10922-021-09591-y

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 2/2021

Self-organizing Fog Support Services for Responsive Edge Computing

Peripheral Diagnosis for Propagated Network Faults

Reliability and Survivability Analysis of Long-Term Evolution Vehicular Ad-Hoc Networks: An Analytical Approach

Meta-heuristic Approaches for Effective Scheduling in Infrastructure as a Service Cloud: A Systematic Review

An SDN-Assisted Defense Mechduanism for the Shrew DDoS Attack in a Cloud Computing Environment

Semantic Coordination on the Edge of Heterogeneous Ultra Dense Networks

Premium Partner